In a bid to simplify the process of online payment through credit and debit cards, PayUBiz – the enterprise centric arm of PayU India – has launched its ‘One Tap’ technology. With integration of this new technology, online merchants will be able to offer one tap payment feature to their users.
The current online payment process through credit/debit cards requires users to enter their CVV numbers – card number and expiry dates are usually stored by the users – and wait for the text message containing the OTPs from their respective banks. The final window requires the users to enter their OTPs before the transaction is finally processed. Here, the CVV and OTP are the two layers of authentication required for the transaction, requiring multiple taps.
With this new one tap feature, PayU hopes to ease this process. While making the online payment, users simply need to choose one of their stored cards and tap the payment button. The One Tap feature does the rest. It automatically enters the CVV number as well as the OTP received via text message and finalises the payment. All it takes is one tap.
The ‘one tap technology’ is a combination of 4 different features:
- The store card feature
- No-CVV feature
- Auto OTP read and submit
- Magic Retry – In case of a network-related disruption, this feature picks up the transaction from the point where it stopped.
Nitin Gupta, Co-founder and CEO of PayU India claims that the No CVV feature is the key of this one tap technology. As per regulations, merchants and payment gateways are prohibited from storing the CVV – they can only store the card numbers and expiration dates. PayU claims to have found a way around it to access the CVV number, using its technology prowess and filed a patent for it. Nitin declined to throw more light on how the company manages to access the CVV numbers without storing the, as the patent has not yet been approved. All he said was this is the “secret ingredient” behind the one tap technology.
In terms of the security, the company claims to be Payment Card Industry Data Security Standard (PCI DSS) compliant, which is a proprietary information security standard that applies to all entities involved in payment card processing. On being asked about safety issues when a user’s phone is stolen, Nitin averred that the company is also in the process of incorporating biometric authentication, wherein the user’s fingerprint will act as the authentication tool; using his/her smartphone’s fingerprint scanner.
Currently, the feature is live on PayUMoney and food delivery app Twiggly. It will soon be available on other platforms like Peppertap, Redbus, Goibibo, Grofers, Big basket, Just dial, Xiaomi, Musafir and nearbuy.
In an exclusive conversation with Inc42, Rahul Kothari, Business Head, PayUBiz, talks about this new technology and the Indian payment gateway ecosystem. Here’s the edited transcript:
Inc42: How do you balance the multiple layers of authentication issued by RBI and one tap checkout?
Rahul: There are two factors for authentication that’s mandatory by RBI and which is also compliant by PSI DSS. CVV is the first factor of authentication that the ‘No CVV’ feature of the one tap technology takes care of – we cannot talk much about how we access the CVV number. The second type of authentication is the one time password. When the text arrives on the phone, our application and technology reads the one time password and registers it, thereby taking care of the second layer of authentication.
Inc42: Why the transaction success rate of Indian payment gateways still lagging behind their western counterparts?
Rahul: There might be few reasons for the same; one is definitely because of the poor network infrastructure, lot of transactions gets dropped in between, it’s kind of hassled because of dropped in transaction rates. However, our magic retry feature takes care of that. Also, the entire true factor authentication process itself is quite cumbersome. Although, it is a great way to prevent fraud and risks, customer experience a lot of inconvenience. In fact there have been instances where I have been trying to pay for something and it was really a hassle. So much so that, I had to actually go down to the payment center next to my home and make the payment. Poor customer experience is the second reason why we are lagging behind our western counterparts. The payment success rate is low because sometimes the customers even leave the transactions in between. Primarily, these are the two reasons why the transaction success rate is low in our country.
Inc42: PayU claims to have a higher transaction success rate – 12% more than its competitors. How have you managed to achieve this?
Rahul: There are a host of technologies involved, right from dynamic switching – at the back end, we switch different payment gateways depending on the health of the front payment gateways, lot of APIs which tells the customer which bank is down.
At next level is one tap payment. Firstly because of transaction time is reduced that’s why the probability of transaction getting dropped will be reduced. Secondly, since everything is automatic, the chances of manual error go down – the probability of people entering wrong OTPs and CVVs decreases. Lastly, because of its hassle-free nature, customer would not opt out.
Inc42: How do you back this claim?
Rahul: This claim is based a sample of around 1500 transactions we undertook to analyse the process and and based on that we have a compiled data.
Inc42: What are the other issues faced by the Indian payment gateways?
Rahul: If you take away the authentication process and network infrastructure, the issues could be around number of payment options available in the market and the technological maturity of the bank – whether the bank payment pages are customised or not. These all are the common issues found till now, across the world.
Inc42: How different is the 3D authentication system?
Rahul: It is a part of two-factor authentication process. When we talk about payment authentication, there are two layers involved, the final being OTP. However, OTP is not the only second level authentication involved, which is the 3D customer password. Banks like Citibank and SBI only rely on OTPs, whereas HDFC bank customers can choose between OTPs and Three Domain (3D) Secure Service customer password. However, the data shows more than 92% of the customers use OTPs.
Inc42: You recently strengthened your leadership team; any particular reason for that? What’s next for PayU?
Rahul: We are very much excited about the market and want to grow at the best possible way. As a young company we want to make strong investments and strengthen the leadership in order to build better payment technology and provide hassle free payment solution to merchants.
PayU has presence in India, South Africa, Eastern Europe, Latin America and China. PayU India was founded in 2011 by Nitin Gupta and Shailaz Nag (COO & co-founder). It’s parent company is Naspers, which is a $66Bn conglomerate. PayU India has two business verticals – PayUBiz & PayUmoney. Some of its key merchants are Goibibo, Snapdeal, Yatra, MakeMyTrip, Myntra, RedBus, Jabong & Zomato.