Are authenticated collections reinventing the debit order?

2017-05-09 13:54 - Niel Bester
Post a comment 0

Niel Bester


Although introduced with good intentions, South Africa’s unique early debit order system is open to abuse, as is evident in the almost one million disputes lodged every month.

It is particularly lower income groups that bear the brunt.

Imagine the impact of a R250 unauthorised debit order going off an account when the person’s income is less than R2,000 a month?

The South African Reserve Bank is now set to replace early debit orders with authenticated collections.

The new system has been designed to disallow debit orders that have not been electronically authenticated by the consumer, which will benefit banks, merchants and the consumer.

READ: Banks under fire over R99 debit order scam

The new system will see a payer receiving an alert to an early debit order request, and they will get the opportunity to authorise it, either through their mobile phone or computer or through a card-based process at a bank, merchant or ATM.

The onus is on banks to provide the right functionality and ensure that it is secure.

New system, familiar technologies

Consumers are already comfortable with using USSD short code systems to recharge their airtime and perform other transactions.

This GSM network-based push technology makes for an ideal delivery mechanism for authenticated collections.

For example, a consumer will receive a message requesting either acceptance of a debit order or to decline it by pressing the corresponding number on the mobile device.

The Payments Association of South Africa (PASA) has been tasked with implementing the authenticated collections system.

It has issued specifications for several transaction types.

Each one has different information that needs to be displayed in the payer approval process. 

If an approval is taking place in real-time, less information needs to be displayed.

READ: Warning of ATM card swap fraud as R99 debit scam rolls on

Transactions that are batched by the merchant and only sent to the bank later require more information to give the right context to the consumer, who may only receive the authentication request days later or may have changed their mind about the purchase.

Mobile app-based solutions are excellent for addressing this latter requirement.

An app can display a lot more information than USSD can with its constrained character sets.

Additionally, a mobile app can provide digital transaction signing of approvals, which supports non-repudiation.

What happens when a consumer does not have a phone to receive an approval request?

In those instances, they can visit their bank, ATM or the relevant merchant and approve the early debit order with their bank card and PIN.

Building comfort levels

A concern with the new authenticated collections system is that banks will use different means of gaining payer approval, with the merchant having to guide the consumer through the process.

Ideally, a universal set of solutions would be implemented by South African banks in order to familiarise consumers with the system faster and to provide a consistent user experience.

Critical to the success of authenticated collections will be consumer education. Banks and merchants must to help drive awareness around its benefits, as well as the practicalities of using it.

Niel Bester is the Senior Vice President for Products at Entersekt, an innovator in push-based authentication and app security.

Read Fin24's top stories trending on Twitter:

Read more about: banking