Why Payments Suck

It’s hard to overstate how important user experience is to the success of web and mobile applications. It’s why developers spend countless hours agonizing over small things like button placement, menu color and transition animations.

But that focus on user experience makes the terrible user experience around payments incredibly obvious. While most interactions in the app happen with a few clicks or swipes of a touch screen, as soon as it’s time to check out or link a merchant account, users hit a brick wall. Suddenly there are multiple screens to click through, there are colors and logos that clash with the rest of the app, and there are countless fields of personal information that have to be filled out.

In a world where everything is A/B tested and obsessed over until its perfect, why does that divide exist?

The problem with payments: it’s not just moving money

The reason that the user experience surrounding payments is bad is because of the risk of fraud.

Fraudsters purchase stolen credit and debit cards through a variety of “dark” online marketplaces, and use these stolen cards at online merchants to buy merchandise fraudulently.  When the cardholder sees these charges on their bank statement, they chargeback the transaction, and the merchant is out the money.

Merchants are heavily incentivized to minimize fraud and chargebacks, but here’s the rub: nearly everything they do to catch fraud adds friction to the user experience. This is especially true of the checkout flow — the more information you require to checkout, the better chances you have at detecting and preventing fraud - but it also means that more people will drop out before they complete the process. Fraud mitigation becomes a delicate balance between fraud and conversion, and it’s one that it’s very easy to get wrong.

For marketplaces and other platforms that operate by connecting buyers and sellers, this effect also manifests itself as friction for sellers. If a marketplace, for example, is processing payments on behalf of their sellers, the marketplace is liable for fraud.  Many times, fraudsters will signup on these platforms as both fraudulent merchants & fraudulent buyers and pay themselves with stolen cards, in a scheme known as collusion.  To prevent this, platforms underwrite merchants before letting them sell.  But the more data they collect from sellers for underwriting, the less likely they are to finish signing up. [1]

Another tactic for platforms to reduce fraud exposure is to delay payouts - but this is an exercise fraught with user experience peril.  Hell hath no fury like a user kept from their money.

The solution: Great risk management

The art of balancing user experience with risk mitigation is known in the industry as risk management. It has three pillars:

  • Data collection:  Great risk management means collecting data from sources other than the user. Leveraging alternative data sources like social media profiles and third party data stores can help paint a fuller picture of the user.

  • Decisioning: Good decisioning is like a dolphin safe fishing net. It has a high catch rate (your net catches a lot of tuna) and a low rate of false positives (your net doesn’t inadvertently harm dolphins.) This also means hiring a competent risk team to supplement and train automated decisioning.

  • Controls: The data will never be comprehensive enough and the decisioning will never be precise enough make a perfect call every time, so a good risk management system is designed with intelligent controls on things like transaction size, funds held in reserve, payment timing, etc. This lets platforms process transactions that are in gray areas while still controlling overall exposure to risk.

The costs of risk management

Unfortunately, nothing in the last section is at all easy or cheap to do, and performing great risk management constitutes large upfront and ongoing costs. And even more problematic, it’s a massive distraction from whatever the core function of the application is.  

The realization by many entrepreneurs that building this in-house is too difficult is why there are payment companies like PayPal, WePay and Stripe - and why many developers choose to leverage them as payment providers for their users. Leveraging a partner for payments is a great way to get to market while avoiding a lot of headaches. But while working with a 3rd party payment provider saves a lot of time, money and frustration, it exacts its pound of flesh in the cost to the user experience.

Payment processors are self interested - they’re more interested in reducing their risk exposure than in providing a short signup or checkout experience.  That’s why they typically require a lot of fields you can’t change, tools you must use, and branding for the 3rd party provider so they can reach out to users for risk purposes. This means that the payment experience doesn’t feel like an integrated part of the application.

In today’s market, where sub-par user experiences are unacceptable, this means that many companies bite the bullet and take on risk management themselves (Airbnb and Uber are great examples). They use a payment partner behind the scenes, but they aren't leveraging their risk management capabilities.  In order to do this, they’ve built massive Trust & Safety teams tasked with risk management - a simple search for “Airbnb trust and safety” on LinkedIn gives you a sense of the size of the team required. [2]

WePay Clear

At WePay, we’ve learned a lot about this problem from our customers, and last week we unveiled a product that meets this challenge: a payment system that offers a seamless and white-label user experience while still taking on risk management.  

Because of the unique risk they face, we specifically targeted “Platforms” for this product - online companies that have three parties in a transaction like marketplaces, crowdfunding sites and small business software.  [3]

If you haven’t yet checked out the amazing user experience of Freshbooks Payments - it's worth a look.  Small businesses on Freshbooks can now accept credit card payments by checking a box, and they never have to know what WePay is - even though we're powering it behind the scenes using our risk engine, Veda.

We think that the best payment systems will be the ones that allow platforms and merchants to offer the user experience they want while still being protected from fraudsters who seek to exploit them.  If you are building a 3-party platform business, I encourage to check out our API, read our guide on Platform Payments, or send me an email to see if we can help.  

[1] The conversion impact can be quite large. In our experience, we’ve seen conversion rates increase by as much as 20 percent by delaying data collection to later in the process.

[2] Admittedly, Trust & Safety at a marketplace company has a broader role and purpose than pure risk management, but risk management is their primary function.

[3] We're really excited about platforms and think they're the most exciting segment of e-commerce.  They differ from pure retailers in that they help connect buyers and sellers instead of selling things directly to buyers.