Before the holidays, we’ve got a 🧑🎄 sackful of recent product updates to share, including instant EUR bank transfers, multifactor authentication features, a new option to implement bespoke card spend controls, and more… read on for details:
👟1 – SEPA Instant wire transfers
Wire transfers your embedded finance customers make within the European SEPA network will now use SEPA Instant Credit Transfer (SCT Inst – hereafter “SEPA Instant”) if the receiving bank supports this payment method.
In the words of the European Payments Council:
Consumers expect ever easier and faster services. The SCT Inst scheme delivers these by enabling pan-European credit transfers with the funds made available on the account in less than ten seconds.
Here are some more details:
- Outbound wire transfers up to €15k will automatically be routed via SEPA Instant, subject to an automatic check that the receiving bank/FI supports it.
- In cases where the receiving bank/FI does not support SEPA Instant, the payment will automatically fall back to normal SEPA and continue successfully, all else being correct.
- SEPA Instant provides payment rails that are available 24/7 and 365 days per year.
- Existing features and procedures of SEPA payments remain the same (such as EUR currency, SCA two-factor authentication requirement).
Innovators who are already live for EUR wire transfers may want to check they are delivering real-time payment success notifications to customers, who will appreciate seeing their payments go out faster.
There are no additional charges for our customers to use SEPA Instant compared to the previous standard SEPA wire transfer fees. Enjoy!
📲 2 – Updated multifactor authentication requirements and implementation options
Existing innovators working with Weavr already benefit from a choice of different methods to comply with Strong Customer Authentication (SCA under PSD2) multifactor authentication, while keeping things clear and easy to complete for end-customer UX. This is one of many places where innovators working with Weavr get a more complete embedded finance solution compared to the daunting challenge of attempting to work only with basic banking-as-a-service building blocks.
Newly integrated innovators from the current Weavr release can now follow updated and standardised guidelines about how to implement multifactor authentication for SCA, which include the following key requirements:
- Access to payment account information
Second-factor authentication (also known as two-step authentication) for users to access sensitive financial information such as recent transactions, card numbers etc. This can be done at the time of login to the application or can be a “step up” required at the time the user navigates into a secure financial workflow in the application.
All money movements to third parties will require a secure multifactor authentication & authorisation, i.e. card payments (via 3D Secure), outbound wire transfers, and sends between accounts and cards – including for all B2B transactions.
An array of SCA exemptions (often threshold-based) can be applied on 3DS card payment challenges as well as other payment types, the details of which can be discussed with Weavr at the programme level.
Standard supported methods for multifactor authentication include:
At a minimum, SMS – where the end user receives a one-time passcode to their registered mobile number – including a summary of the login/transaction they are authorising.
- Third party authentication app
Recommended SMS alternative: push authentication via Twilio Authy. Suitable for any operating system. End customers need to install the free Authy app (available for iOS, Android, MacOS, Windows, and Linux). Integration support is provided by Weavr.
- Biometrics for mobile apps
Coming soon (contact your account manager to set up as an advance testing application): biometrics for native mobile apps. Enhanced convenience for end users to use fingerprint or face recognition as an overall alternative to push authentication.
If an innovator’s application supports more than one of these methods at the same time, end users can enrol with more than one method. The user’s enrolled authentication methods can be viewed / reported by programme operators via Weavr Portal views, as well as actual transaction outcomes within reports and statements.
Developers can simulate payments and SCA scenarios via the Weavr sandbox for testing purposes. In production, programme operators can monitor analytics and reports on 3DS and other SCA challenges which have been triggered and sent to customers.
💳 3 – Innovator-managed card-payment authorisation checks
This new setting allows innovators to require their users’ card payment authorisations to go through a parallel second layer of checks in real-time that are defined within the innovator’s own business logic, as an optional complement to ordinary spend controls in the Weavr platform. This is commonly known as “auth forwarding”.
- Empower managers and administrators to set and evolve highly business-specific spend control rules.
- Unlock a greater range of controlled spend use cases that satisfy end users’ requirements of both improving access / empowerment and improving financial controls / transparency.
- Build engagement and stickiness among business adopters.
- Strengthen key differentiators around spend control and attract new users.
This feature will be welcomed by more ambitious Innovators wishing to develop their own fine-grained logic in spend controls on debit cards. This is an optional change to the standard product approach, available to all advanced Innovators whose roadmap targets highly differentiated functionality in spend controls. Please speak with Weavr to find out more details.
🎛️ 4 – API-based programme operator actions (beta)
With the new release, Weavr provides documented back-office API calls for the following actions:
- Transferring funds between accounts owned by the same identity.
- Blocking and unblocking cards.
- Innovator charging fees to their corporate and individual customers.
- Retrieving details of managed accounts and cards, including statements.
These features enable innovators to build operator and support features for their embedded finance programme into their own administration portal, as well as create custom logic and automation around workflows driven by their application. In this beta phase, access is subject to the payment programme and scope of your implementation: please chat with your Weavr contacts if you’re interested in testing out the new back-office API functionality.
📃 And more useful updates…
- Innovators can configure at their programme level which nationalities and countries of residence of consumer identities can be onboarded (e.g. to limit new financial feature users to a certain country).
- Updated transaction monitoring rules are now in place for B2B payments, based on both one-off value and accumulated value, in which due diligence checks on “source of funds” are required above certain thresholds.
- Problematic transactions can now be put on hold (for review) automatically within Weavr’s built-in transaction monitoring; this helps keep customers safe by e.g. reacting faster when an outbound wire transfer (OWT) is initiated but gets flagged for suspicion of fraud.
- Key data dashboards for programme operators have been enhanced to be more easily viewable on mobile devices.
- A new filter has been added across programme operator dashboards (where applicable), with the option to filter activity within the platform at ‘Programme Name’ level: useful for Innovators working with multiple applications within the Weavr platform.
- Programme operator cards overview now includes tracking numbers for physical debit card deliveries to customers. This information can also be requested through the API. Tracking will usually be visible for card deliveries within 24 hours of card dispatch.
- Programme operators can now trigger a KYC invite to Directors and similar corporate representatives who need to complete ID checks. This is useful if the corporate contact missed an original system email or the link that was originally sent to them has expired. Can also be used in the process of adding/changing administrators.
- Programme administrators can view and edit card profile settings in the Weavr portal relating to whether manual provisioning and push provisioning for mobile wallets are enabled.
🎁 Coming soon
- Corporate users acting as managers of multiple separate corporates under a single Innovator application will be able to work under a single login and switch between different corporate entities.
- Sandbox simulator features for Innovators prototyping their own real-time card payment authorisation logic (aka auth forwarding).
- Additions to our mobile development SDKs covering Native Android, Native iOS, React, and Flutter: for Innovators building (onto) a mobile application Weavr offers the libraries and kits to help front end developers establish secure payment flows for end customers, including secure embeddable components for passwords, card PINs, and card details. Ask your Weavr contact if you want to know more about how our embedded finance solution keeps your customers safe while simplifying data security and compliance for your business.
Want to find out more, or chat through options for your business? Reach out and talk to an expert today.