Page 26 - GS240602
P. 26
Insights and Expertise
Third-party payments for example, a third-party processing American Express
transactions was breached, which exposed millions of
solutions getting you records and caused substantial financial and reputational
damage.
down? There's a Dependence on third-party technology
ISOs relying on third-party infrastructure providers are
better way often at the mercy of these companies when it comes to
introducing new features or adapting to market changes.
This can hinder an ISO's ability to stay competitive. For
instance, if a third-party provider delays the rollout of a
critical feature, ISOs may lose merchants to competitors
offering more advanced solutions.
Not being able to respond fast enough in the competitive
payments market is almost the same as not being able to
respond at all. Thus, it is crucial to be able to control the
infrastructure and the solution that drives your business
as an ISO.
Service reliability and downtime
Third-party service outages can impact merchant
operations, leading to lost sales and dissatisfied customers.
By Goran Bosankić Downtime for third-party payment processors that is
Field39 measured even in hours per year, translates to significant
financial losses.
SOs play a critical role in the payment processing
industry by acting as intermediaries between mer- ISOs have little or no control over these outages, yet they
chants and payment processors. While many ISOs bear the brunt of merchant frustration. Also, ISOs using
I offer payment solutions to merchants, they often third-party providers share the infrastructure with many
rely on third-party providers for these services. other ISOs, including direct competitors, which can affect
the speed of reaction, depending on the third-party's
This dependency on third-party payment infrastructure priorities.
presents significant risks, including limited control Compliance and regulatory challenges
over data, difficulties in introducing new features and
service reliability issues. However, by developing their Compliance with regulatory standards such as the PCI
own payment infrastructure, ISOs can gain greater security standards is crucial for payment processing.
independence and provide more secure, reliable services When using third-party providers, ISOs must ensure that
to their merchants. these partners adhere to all necessary regulations. Lapses
can result in hefty fines and legal issues.
The current landscape
ISOs typically operate by reselling payment solutions The complexity of managing compliance through a third-
provided by third-party vendors. According to research party provider adds another layer of risk but can be
conducted by the Electronic Transactions Association, mitigated easily by introducing a PCI proxy service while
there are over 3,000 ISOs in the United States. A majority still using a bespoke payments infrastructure.
of them rely on third-party payment gateways and ISOs owning their payments infrastructure
processors.
Developing your own solution is not a simple task, but
These third-party providers hold a substantial market it is not the only way to become master of your destiny.
share, offering ready-made, white-label solutions that are Owning a payment gateway also allows ISOs to gain full
easy for ISOs to implement. However, this convenience control over their data, enhancing security and privacy
comes with a tradeoff in terms of control and flexibility. measures.
When ISOs use third-party payment infrastructure they With their own infrastructure, ISOs can introduce new
have limited control over the data processed through features and customize services to better meet merchant
these systems. Data security and privacy are significant needs. This autonomy also leads to improved reliability,
concerns, as any breach or misuse of data can lead to severe as ISOs can directly manage and resolve technical issues,
consequences for both an ISO and its merchants. In 2019, reducing downtime.
26
