It’s no secret that the payments industry has been undergoing a period of enormous growth and innovation. Payments has transformed from a steadfast, predictable industry to one with solutions so advanced they sound futuristic. Inventions such as selfie-pay, contactless payments, crypto currency, and biotechnology are just examples of the incredible solutions coming out of the payments industry. However, many payments companies are so anxious to deliver “the future” to merchants and consumers that they overlook merchants that are still stuck using outdated technologies. That is to say, despite all of the undeniably impressive recent advancements the payment industry has made, there are still merchants that, for lack of a better option, continue using paper or phone to accept credit cards.
While it may be difficult to believe that some merchants still use telephone calls or paper credit card authorization forms as their primary method of accepting credit cards, just type “credit card authorization form 2016” into a Google search bar and look at the sheer volume of results that come up (over 20 million). While this number does not necessarily reflect the precise number of credit card authorizations forms in use, it does serve as an indication of their prevalence. Hard numbers on the proportion of credit card payments that are processed as paper or over the phone are difficult to find; however, a 2013 Federal Reserve report listed checks—a form of paper— as making up 15% of noncash payments.
But who exactly are the merchants using these kinds of payments? Who are these businesses that the payment industry has left behind?
Generally speaking, it is the merchants for which neither a traditional swipe model nor an online shopping cart solution work that use telephone and paper to accept credit card payments, otherwise known as them “remote transaction merchants”. This merchant segment makes up a substantial, though not highly visible, sector of card not present businesses. Examples of remote transaction merchants include medical offices, law offices, independent contactors, and catering companies, and merchants that typically invoice their clients for payments that are due, include either a paper credit card authorization form, or instructions to call the office to make a payment. Not only are these methods of credit card acceptance inefficient and take longer to get paid, but they also put merchants and their customers at risk, because with outdated technology comes outdated security.
In fact, these methods are so insecure that for them to comply with PCI regulations requires an extraordinary amount of effort. For instance, in order for a merchant that accepts paper credit card authorization forms to adhere to PCI regulations, not only must they never store CVV security code data, but they also must keep all their customers’ credit card data locked in a separate file cabinet that is not allowed to contain any other documents, and they must be able to provide a physical log tracking who removed what document and when. For merchants accepting credit cards over the phone, compliance with all regulations is virtually impossible because different sets of regulations contradict each other; some sets of regulations stipulate that phone conversations must be stored, whereas PCI regulations forbid the storing of the credit card information discussed during phone conversations. Pair these already tough regulations with EMV, and the predictions that it will increase card not present fraud, and eventually these antiquated methods of credit card acceptance will be unsustainable because of harsher regulations, fines, and penalties.
It is such a testament to the unique ways in which industries grow that despite such radical advancements, the payments industry has left an entire segment of merchants behind. However, due to the unsustainable inefficiencies and security issues of paper and telephone methods of accepting credit card payments, this sector of merchants will not be left behind for long. The question is, which companies are willing to catch remote transaction merchants up to the present instead of focusing only on the future?