The Path to B2B Mobile Payments: Compliance, Security and More

Whether you’re one of the world’s largest corporations, a small Internet store or somewhere in between, doing business online is a requirement in today’s connected economy—B2B organizations are no longer the exception. And making the leap from online business to mobile business is increasingly a priority as business customers expect the companies they interact with to make the move to mobile right alongside them.

For most businesses, however, making the move to mobile is proving a bit more complicated than it might have first sounded. Taking your business mobile is about more than creating a cool app to sell your products and services, it’s about invoicing, electronic bill presentment and payment (EBPP) and 24/7 account management. It’s about doing all that safely and securely while offering a great end user experience.

Mobile also means customers can do business with you around the clock…from anywhere, on any smart device. What better way to grow your business even while you sleep, right? Yet mobile business is more likely to keep you up at night given all the headlines around security, online fraud, identify theft, data breaches and the explosion of malware threats.

The Hackers’ New Holy Grail: Mobile Transactions

According to NQ Mobile, a Dallas-based mobile security software firm, 65,000 new mobile malware threats were released worldwide in 2012 – up from 24,000 the year before. That’s a 170% increase in twelve short months. Malware and phony app sites can direct unsuspecting mobile users to sites where they give up sensitive personal information, such as bank account numbers and passwords.

While the big benefits of mobile business and consumer demand continue to create channel pull, a new level of security requirements deliver a heavy counterweight to progress. For many companies, mobile security issues are nothing short of daunting. In our latest mobile payments security infographic, we uncover some common security concerns that continue to create barriers to mobile payments adoption for many businesses:

• 77% of businesses sited security and increased fraud risk as a key hurdle to developing and offering mobile payments to end customers.[1]
• 46% of consumers say they don’t use mobile payments due to security concerns.[2]

The complexity of deploying mobile solutions can also stall business adoption. According to a 2014 survey conducted by Statista:

• 76% of businesses report confusion around the number of different mobile payment types
• 72% are confused about the number of partnerships involved to deploy a mobile solution
• 71% are unclear about the development of an acceptance network
• 70% are unclear about different technology standards

While rapid movement in the mobile space is bringing us closer to a set of clear security standards, it will take some time yet before the standards are widely adopted and deployed.

Newer standards still emerging include:

• The SIM Alliance Open Mobile API
• Trusted Execution Environment (TEE)
• Managing Mobile NFC Services

So is Getting on the Mobile Train Worth It?

In the meantime, mobile business benefits abound. What business doesn’t want to lower transaction processing costs, lower new customer acquisition costs, reduce invoice remittance windows and improve customer loyalty? Despite these proven benefits, complexity, confusion, and security issues can easily force just about any company to lose sight of managing and growing their core business…taking their eye off the proverbial ball. It’s a ‘shiny object distraction’ that is frankly, impossible to ignore.

With so much perceived risk and uncertainty around online and mobile business from financial institutions and businesses alike, along with strained IT resources, solutions are beginning to emerge from third-party vendors that specialize in payment acceptance, processing and security across channels, including mobile. Such solutions bring B2B mobile payments into the fold, fully integrating them into current receivables processes while delivering an underlying security and compliance framework that takes significant burden off of the business. Such systems can also deliver integration and consolidation of disparate payment systems into a single, secure, PCI-compliant platform that simplifies the accounts receivables process from end-to-end.

After all, there’s no value in adding yet another payment channel or method to your receivables processes if it simply adds more complexity. Complexity breeds discontent for employees and customers alike. There’s no better time to step back and evaluate your current technologies and processes than when you’re considering adding to them. Take the opportunity evaluate what you currently have in place and begin charting a course to truly integrated receivables (any payment type, via any payment channel) and straight through processing on a single platform.

Here’s a helpful recap of some evaluation criteria to include in your mobile payments platform analysis:

• PCI compliance – Security should be of the highest priority. Show your customers you’re serious about security by looking for partners who offer multiple layers of PCI compliance and associated security measures at both the application and hosting layers. You’ll give your customers peace of mind, and you’ll be able to rest easy too, knowing you’ve got experts watching over your payment systems at all times. What’s more, even if you’re not currently taking credit card payments, working with a partner who is fully PCI compliant brings with them some of the most stringent security and compliance processes available that they can not only apply to credit card payments, but any of the payments you currently accept.
• Look to the Cloud – A major key in being able to provide a seamless (and secure) experience across both online and mobile channels is to look for partners who have built their solutions in the Cloud. Behind every horror story you hear on the news related to data breaches is a shortcut. Don’t take shortcuts. And don’t trick yourself into believing that just because you can see the blinking lights on your in-house IT infrastructure that it’s secure. It’s not. Trust your security to the experts. Jeff Schilling, Chief Security Officer at FireHost, discusses some of the key questions you should be asking potential Cloud providers in this recent blog post.
• Acceptance of all payment types and channels, including mobile – Don’t add complexity by adding yet another system or interface if you don’t have to—look for strategic opportunities to align people and processes on one integrated system. Why try to put together pieces of a payments puzzle when you can accept, process and post payments (any method, from any channel) from one powerful engine?
• Back office integration with accounting and other systems – Look for partners and solutions that can automate the updating of your back office and accounting systems with payments that have posted. This will not only save you time and money, but also allow you to refocus valuable employee resources on higher value functions to help grow your business.

Mark Schwanhausser, Director of Omnichannel Financial Services at Javelin Strategy & Research, recently encapsulated the mobile market temperature by advising, “Mobility is rapidly rewiring the way consumers think. Mobile-toting Americans demand simplicity, any-time convenience, immediate answers, pre-emptive alerts, personally relevant information and advice, an attitude of transparency, and time-saving options– all done safely and securely.” This may not be news in the B2C world, but for B2B companies, the race to adopt mobile is a dead out sprint. Let’s not forget, B2B professionals are people too, they are using B2C mobile technology in their own consumer lifestyles and the savvy ones are increasingly finding ways to leverage the same technology within their B2B business processes!

If all this sounds like a tall order, it certainly is, but the mobile market opportunity is equally tall, and fortunately—technology partners who can help lighten your load are emerging to help.

Originally published January 30, 2015.

[1] Source: Statista, 2014
[2] Source: cloudfront.net