Global ecommerce: serve and protect

Consumers’ growing appetite for mobile and digital shopping is putting greater pressure on brands to keep up to speed with payment method innovations and global security issues.

Above: Hospitality brand Drake and Morgan launched a partnership with QApp this month

Powered by Econsultancy

We all know that Britons love to shop, but just how much they love it became clear in January, when they voted online shopping their top technological development of the 21st century, in a poll by energy company E.on.

Advances in digital and mobile payment technologies both in the UK and around the world are now transforming ecommerce, demanding that brands selling online offer a variety of payment methods and keep on top of the security and fraud issues that global commerce entails.

Natasha Toothill, director of retailer engagement at Visa Europe, says: “There is a fundamental change happening in the world of payments thanks to advances in digital and mobile technologies and the consumer trends that those advances have driven.

“We only expect to see the volume of online transactions grow, reflecting the changing needs of both consumers and merchants in terms of online shopping and payments in the virtual world.”

In 2013, £3,488 was spent online with a Visa card at UK merchants every second, an increase of 18 per cent on the previous year and a figure that equates to a quarter of Visa Europe’s UK business. John Lewis reports that online sales account for about 30 per cent of the total, up from 25 per cent in 2012. Mobile devices made up three-quarters of its traffic last Christmas.

A focus on mobile is paying off for Starbucks too, which processes over 4 million mobile payment transactions annually in the UK. Supplying both mobile and contactless payment options in all of its UK stores, Starbucks capitalises on its payment app by linking to the customer’s My Starbucks Rewards account, allowing for more personal marketing.

Yet security remains front-of-mind for any new payment technology, especially for consumers, who are bombarded with news stories about cyber crime and in some cases will have experienced fraud and personal identity theft first-hand. The Payment Cards Industry Security Standards Council (PCI) is responsible for outlining best practice in the field.


Ajay Nassa, head of ecommerce at fashion retailer Blue Inc, says: “There is always a security worry from a consumer perspective when shopping online.” But he adds that the increasingly digital nature of consumer shopping habits helps to ease those fears, while having a PCI-compliant payment screen on a website – showing a padlock symbol on the address bar – brings an “additional feelgood factor of feeling secure”.

A recent partnership between Blue Inc and payment brand Ukash is providing another level of assurance to consumers who are privacy-conscious and worried about online fraud. Accessing the service at PayPoint locations across the country, shoppers can exchange their cash for a receipt with a unique single-use code. “They put that code onto our checkout, which is PCI-compliant and which has undergone fraud checks,” explains Nassa. “As far as the customer is concerned it is a smooth, seamless, quick journey on one page.”

At Transport for London (TfL), the security concerns about payments have been of a different kind. Before launching the contactless Oyster payment card 11 years ago, it was working to improve huge problems with congestion whilst reducing the fare avoidance that would be inevitable if ticket gates were left open. Against a payment landscape then dominated by credit cards, debit cards, cheques and cash, it conducted an extensive trial of ticketing technology.

Today, TfL claims there are minimal security concerns around using Oyster, as well as the contactless bank card payments it is rolling out across its networks – with the one proviso that customers must learn not to keep multiple contactless cards next to each other when they ‘tap’ a ticket gate to make a journey.

Shashi Verma, director of customer experience at TfL, says: “There is a bespoke system of security that we maintain and run and only one attempt to hack into it has been successful over the past 10 years. We keep updating the security so the hack that happened in 2008 [by Dutch university researchers] could not be repeated today.

In addition, we use the advanced security system that protects the Visa, American Express and MasterCard bank cards in general.”

As consumers get comfortable with contactless technology, mobile operators are linking up with credit card companies in an attempt to take a slice of the lucrative contactless payment business. Weve – a partnership between the UK’s three biggest mobile phone operators, O2, EE and Vodafone – is working with MasterCard to build on the existing contactless payment infrastructure in the marketplace.

“EE’s Cash on Tap service allows consumers to pay at the point of sale with their mobile, accessing a pre-paid account they have loaded money onto,” says Timo York, head of wallet services at Weve. “Our work with MasterCard goes beyond this because it allows the banks to deploy their credit and debit cards onto consumer’s mobile phones so people can pay direct from their bank account.”

With security a concern for many consumers shopping on both traditional and mobile websites, ‘digital wallets’ can provide confidence. Other examples include Google Wallet, MasterPass from MasterCard and from Visa. They can facilitate online and in-person transactions and respond efficiently to a consumer preference for minimising the number of times they give their card numbers and payment details to merchants.

Drake and Morgan’s use of QApp, Blue Inc’s deal with Ukash and Visa’s V.Me cater to the demand for secure mobile payment methods

PayPal’s mobile app similarly enables users to enter their personal details and card information just once and therefore reduce security risk. EMEA head of retail services Robert Harper says: “Recent global research we conducted shows that a third of consumers would rather leave the house with their smartphone than their purse or wallet. We are tapping into that trend and last year we processed over £27bn in mobile payments, almost double the previous year.”

PayPal is placing emphasis on making the mobile phone a convenient way of paying for goods on the high street. In 2013, it ran a pilot scheme with retailers in Richmond, London, that lets consumers transfer money from a PayPal account within the store.

Locations where a shopper can pay with PayPal are listed on the app and to make a transaction, consumers ‘check in’ to the store. Their profile picture is then transferred to the retailer’s till system so that staff can confirm their identity and the shopper is then approved to transfer the funds.

“From the retailer’s perspective, this adds value, helps bring back personal service and allows them to build a picture of their loyal consumers,” says Harper. “Security is the cornerstone of what we do and the principles of online transactions still stand with these offline transactions, so we can bring in the security measures that we have built up over the past 10 years before the transaction takes place.”

Apps can make life easier for consumers and brands alike. As the online commerce space evolves, innovations are emerging in the purchase journey, building around the process of payment. QApp is a mobile ordering platform that enables customers in busy entertainment venues to browse the venue and place their order.

High-end hospitality brand Drake and Morgan, which launched a partnership with QApp earlier this month, is keen to push offers and loyalty within the payment process. Drake and Morgan head of marketing Lisa Yearwood says: “We are looking forward to gathering rich data so we can gain valuable insight into our guests’ purchasing behaviour. We’ll be able to know where they live, how often they come in, how much they spend and what they buy.

“QApp works alongside our operational processes. The guest’s payment is taken when they order and the transaction payment works just like a credit card, so it’s secure and easy to implement in our venues.”

Western Union, which offers the more down-to- earth proposition of money transfers, is tapping into the potential of the mobile device too – mobile transfers are available in 18 countries, mostly in emerging markets where it meets a previously unmet need.

“Today, a third of customers send money using mobile and this demand prompts us to continue developing our mobile offering,” explains Nathalie Ferrant, business development director of Western Union’s digital ventures.

Security is addressed through internal security systems, put in place to monitor Western Union transactions around the world. Another aspect of staying secure is the consumer education campaign used to help prevent fraud. “Our own proprietary compliance engine addresses, in a matter of seconds, federal, state and local rules that apple in jurisdictions where Western Union does business,” adds Ferrant.

Mobile operator Orange’s strategy for marketing to consumers in developing countries is also focused on mobile payments. In Botswana, its partnership with Visa bridges the gap between consumers with and without bank accounts.

Orange Money subscribers apply for an Orange Money Visa card, secured with a PIN code, at an Orange shop or agent, add funds to their account and can then make Visa-enabled payments at stores as well as international online merchants. The Orange Money Visa service in Botswana is the world’s first Visa card linked to a mobile wallet.

“Security is our first concern,” says Emma Lala Bouali, programme manager for Orange Botswana. “The service embeds features that allow customers to follow their transactions 24/7, including instant SMS alerts confirming the details of each one; and self-care tools to request a single-use virtual card for online payments or to deactivate the card – plastic or virtual – if they are worried about the security of their account.”

The explosion of online and mobile commerce opens up a wealth of new opportunities for both consumer brands and payment providers in all corners of the world. At the same time it requires them to focus on the security risks when processing different kinds of digital payments and meet the needs of security- conscious consumers.


Dr Akif Khan
Senior director, strategic initiatives

Let your customers pay the way they want to

Offering your customers the methods of payment they prefer can boost sales conversion and increase the likelihood that they’ll return – whether it’s by offering credit and debit cards in the UK, iDeal in the Netherlands, or direct debits and bank transfers in Germany.

Accept payments via multiple devices

Just as consumers have their own preferred payment types, so the device they use to buy changes according to the time of day – being able to accept payments via mobile, tablet, kiosk, call centre is key in today’s multichannel world. It’s vital that the customer receives the same experience, wherever they buy, whatever the channel.

Extend market access with fraud management

With purchasing habits varying widely, domestic fraud management strategies may not be a good fit in another country. Ensure that you are using a range of complementary techniques – from deploying Verified by Visa and MasterCard SecureCode, through to third-party fraud screening, which allows you to leverage multiple fraud detection tools from a single platform.

Aim to use as much relevant data as possible when analysing transactions. And remember, there’s no substitute for local knowledge when adapting screening rules to different consumer behaviour norms in different markets.

Payment data: don’t touch it, don’t store it

Being able to deliver functionality like one- click checkout makes it easier for returning customers. Yet storing this precious payment data is not without risk – the impact of a data breach can be far reaching, not just in terms of financial penalties but also the potential damage to your reputation.

To help reduce the risk, ensure that payment data does not touch your system. Using hosted payment pages and ‘tokenisation’ services, where payment details are stored as tokens, means that there’s no payment information to be compromised.

Download Cybersource’s white paper, ”Payment management insights for faster, safer global expansion”, here



Faster food

Meg Farren
Marketing director

Marketing Week (MW): What were the reasons for developing the My KFC app?

Meg Farren (MF): UK smartphone adoption is growing at an exponential rate so it made perfect sense. KFC Fast Track helps our customers order, pay for and collect their food faster than ever before.

MW: What functionality is there within the app for payment?

MF: KFC Fast Track enables you to order ahead and then pay by credit or debit card, or PayPal. You can even save time on future visits by enabling secure, one-click payments to make the process even quicker and easier.

MW: What about online security concerns?

MF: We have worked closely with industry experts such as PayPal and First Data Merchant Services to ensure security best practices are always followed. For example, we never store credit card information directly in our systems, or on the app itself.

MW: Why else would a brand want its own payment app?

MF: Apps like KFC Fast Track are great for engaging with consumers and collecting data, so we’re keen to explore where else we can take this. Early data indicates that consumers are spending more on each transaction when ordering through KFC FastTrack.

Econsultancy intelligence

Graham Charlton
Graham CharltonEditorEconsultancy

Graham Charlton

International ecommerce will continue to be a key growth area for many UK retailers in the next few years, as the UK market becomes more saturated and others look to follow the successful examples set by brands like Asos.

It is a growing phenomenon across Europe. For example, in Spain, nearly 50 per cent of online purchases are from overseas, and in France 41 per cent of shoppers buy from online German stores and 29 per cent from UK online retailers.


Effective payment processes are vital if organisations want to succeed in new markets. Having a single payment system in place which allows an organisation to trade in multiple markets in a wide range of currencies helps to keep overheads low, increases checkout conversion rates and provides customers in each territory with the best customer experience.

In the UK and North America, ecommerce has largely been built around debit and credit card payments, (though the use of ‘alternative’ methods such as PayPal has been growing). However, preferred customer payment methods vary widely around the world, and retailers looking to grow internationally need to understand customer preferences in this area.

In much of the continent, a perceived risk of fraud has meant that card payments are trusted less than they are in the UK, so other methods have become popular. For example, a DIBS 2013 study into ecommerce preferences across Europe found that just 9 per cent of Germans like to pay for online purchases by credit card. Pre-paid invoice (46 per cent) and micropayments (29 per cent) are most popular. In Russia, cash on delivery is the preferred payment method, and cheques are still commonly used in France, as are direct debit transfer and local post office payments in Poland, while PayPal has seen a significant rise in Spain and Scandinavia.

This obviously adds a degree of complexity to systems, as you will require your payment service provider PSP to facilitate transactions in new currencies and payment methods, some of which they may not already cater for.

Implementation to support different payment gateways is a costly process and, unsurprisingly, a recent CHASE study found that a massive 77 per cent of respondents from UK businesses say they don’t have the systems to support European expansion.

Brands need to be at least planning and budgeting for how they would approach new territories so they are not left trailing behind and miss out on a much wider consumer base.

Customers will expect brands to offer the same kinds of payment methods available in their local markets, so understanding the differences and overcoming the barriers to implementation is vital as retailers look to expand overseas.