Payment confirmation – what is it, and how does it work?
Tips / 12.03.2024
As online payments continue to rise and the business world becomes more and more digitised, payment confirmation is a must.
With its ability to minimise risk by preventing fraud and protecting both customers and merchants, payment confirmation promises security and greater assurance.
In the following sections, we explain what payment confirmation means, how it works, and why it’s crucial today.
TABLE OF CONTENTS
- Payment confirmation: Definition
- The evolution of payment verification
- How do you confirm a payment received?
- Is payment confirmation the same as a receipt?
- Security measures for financial transactions and online authentication
- What is SPC: Secure Payment Confirmation?
- Exploring WebAuthn
- What is Confirmation of Payee?
- Why is payment confirmation essential?
- How to enjoy more effective payment confirmation
- Payment confirmation in the future
- Frequently Asked Questions
Payment confirmation: Definition
By definition, payment confirmation is the act of verifying that a payment transaction has been successfully submitted, processed, and completed.
This verification procedure acts for the benefit of both the sender and the receiver, confirming that the transaction has been authenticated and recorded by the financial institution or payment system involved.
In summary, payment confirmation is used to verify that the sent funds have been successfully transferred from the payer’s account to the payee’s account.
The confirmation itself usually features important data, like the value, transaction date, reference number, and verification message.
The evolution of payment verification
Today, instant payment verification is a modern and sophisticated way to confirm payments. However, it’s not the only available solution that has been used throughout the world.
Other payment verification methods, like voided checks and microdeposits, are other alternatives that have been used over time.
Let’s have a look at them:
- Voided checks – Although this verification technique is no longer popular, it’s still used by some businesses. This straightforward proof of payment records key verification data, such as bank account, routing number, and account holder’s name.
- Microdeposits – Microdeposits work by transferring a small amount of money to confirm that the account of a person or company is active. The recipient then verifies the collected amount and the bank account is confirmed. Although this process is reliable and safe, the main concern is that it’s time-consuming and often expensive due to the transaction costs incurred.
The dynamic nature of our digital world and the quickly evolving online business space requirements call for more suitable solutions.
Via instant payment confirmation, the need to wait days to receive verification of received funds or identify misdirected payments is eliminated.
This method can enable companies to quickly confirm payers’ legitimacy and proceed with undisturbed business operations. At the same time, it instantly informs those paying money that the transaction is successful, providing peace of mind that access to purchased products or services is guaranteed.
How do you confirm a payment received?
One of the fundamentals for understanding how received payments are confirmed is payment gateways.
Payment confirmation works via a payment gateway – the solution that authorises and safely transmits payment information between the parties participating in the payment process.
When a customer wants to pay for a product or service, the payment gateway handles the transaction. It confirms that there are no problems related to insufficient funds or security concerns.
Once the data has been verified, the merchant and the customer receive a payment confirmation, which can be sent via email, SMS, or in-app notifications.
In summary, the process of confirming a payment includes the following steps:
- Payment initiation;
- Payment method verification;
- Payment details authorisation;
- Bank statement approval;
- Payment processor cross-verification;
- Confirmation message.
How do you confirm payments via email?
As mentioned above, one of the channels used to send payment confirmation messages is email.
The message may vary depending on the payment service provider or the payment gateway.
However, in most cases, once a payment has been submitted and confirmed, an email including the account number, transaction details, and invoice number (if applicable) will be sent to the receiver and payer.
In cases of rejected payments, the message will contain details regarding the reasons for an unsuccessful payment.
It’s important to note that you’ll need to register with the service or product provider to receive a payment confirmation email from the merchant. The customer’s valid email address must be saved to their account, as confirmations are typically connected directly to the registered email address.
Preventing “payment confirmation” email scams
Although payment confirmation messages are often sent via email, users worldwide can fall victim to phishing scams related to this notification.
Usually, such emails trigger user interest as they’re associated with important transaction information. Hackers and malicious actors can take advantage of this by sending users “payment confirmation” emails that require the reader to perform specific actions.
For example, it’s popular for hackers to send users emails with subject lines like “Important Information”. When opening the email, the viewer is usually exposed to a message with attached documents falsely presented as payment data.
In this case, the attached files are highly likely to contain malicious code, enabling the hackers to hijack the account. As scammers become more advanced and experienced, the chances of individuals noticing any suspicious signs become lower.
If you haven’t initiated online payments but have received such a notification via email, verify the information before taking any action. Contact your bank to ensure that no unauthorised transactions have been performed on your behalf.
Is payment confirmation the same as a receipt?
While payment confirmations and receipts are related to financial transactions, they represent different things.
Whereas payment confirmation verifies a transaction’s successful initiation and competition, a receipt is simply a formal document issued by a merchant to the payer.
It provides proof of the transaction and offers detailed data, such as the payment amount, time and date, purchased products or services, and more.
The receipt is usually provided after completing the transaction, while payment confirmation acknowledges the process and offers safety and security.
Security measures for financial transactions and online authentication
There are a number of essential components that stand behind modern security measures created to improve the integrity and security of financial transactions.
Below, we dive into some of the core security measures related to payment confirmation in detail.
What is SPC: Secure Payment Confirmation?
When discussing payment confirmation, exploring SPC in more detail is essential.
SPC, or Secure Payment Confirmation, is a proposed web standard that enables shoppers to securely complete online transactions by authenticating directly with their credit card issuer, bank, or other payment service provider.
This process takes place through an advanced platform authenticator, preventing fraud and malicious behaviour risks.
How does SPC work?
SPC consists of two core phrases – registration and authentication.
To register, the customer connects their device and a relying party (RP), which can be a bank, card issuer, or payment service provider.
During the authentication phase, the customer verifies their identity with the relying party via their connected device. This process occurs before payment confirmation is directly on the merchant’s platform.
Eliminating fraud via authentication
The authentication stage outlined above takes centre stage for preventing fraud. At the same time, the implemented mechanisms are often considered insufficient and unreliable.
In most cases, the authentication procedure will request the card owner’s name, card number, or CVC code. This information can easily be stolen through various scam attacks like phishing or hijacking.
To solve this problem, extra layers of fraud-prevention techniques have been implemented, like EMV 3-D Secure.
For example, in this case, the customer must verify against the card issuer or their bank by signing in with their login details or a one-time password sent to a mobile device.
This mechanism protects individuals from breaches and data theft, reduces authentication friction, and minimises card abandonment on eCommerce sites.
In addition, even newer authentication standards are gaining popularity, like WebAuthn.
Exploring WebAuthn
Rather than relying on passwords, WebAuthn or Web Authentication is a web standard permitting RP servers to verify users directly in the browser via cryptography.
Relying parties use physical authenticators, like security keys, to create private-public key pairs. The public key is then stored on the server, shaping the process known as registration. Every created key is exclusive to the device, making user impersonation challenging for attackers.
Developed by the World Wide Web Consortium (W3C) and the FIDO Alliance, WebAuthn is resilient to phishing attacks as the key pair is securely bound to the origin.
Created on WebAuthn, SPC is created explicitly for payment purposes. It enhances WebAuthn with another layer of payment information, enabling the bank or the card issuer to offer a consistent payment experience for the user.
What is Confirmation of Payee?
Another factor designed specifically to enhance the security of UK domestic payments is the Confirmation of Payee (CoP).
This security feature is adopted by banks and payment service providers to confirm the recipient’s details before payment processing.
Due to its effectiveness, payee confirmation is now a popularly preferred utility service that most individuals in the UK expect to see when initiating transactions with a new receiver.
Created to minimise misdirected payments, CoP is a service that checks account names, ensuring that transactions are sent and collected by the intended account holders.
After its official announcement in 2020, more than 100 organisations have benefitted from its capabilities. The widespread use of CoP has also been strongly influenced by the Payment Systems Regulator, with a mandate supporting the adoption of CoP by more than 400 organisations in 2024.
Unveiling how Confirmation of Payee works
As mentioned above, we noted that CoP enables the verification of an account name prior to payment collection.
The process doesn’t rely on a central infrastructure and is instead based on an API peer-to-peer service.
Once a customer commences a set-up process for a new payee, they are requested to provide their account name, account type, sort code and account number.
The provided data is checked, which can lead to four different scenarios:
- Match – The provided data matches the account details;
- Close match – The account name is a close match to the provided name;
- No match – The name doesn’t match the name on the account;
- Unavailable – The checking process is impossible due to issues like timeout, opt-out, or non-existing account details.
Based on the outcomes of the checking process, the payer can make an informed choice on whether or not to continue with the transaction.
How to participate in CoP
Organisations interested in joining Confirmation of Payee can do so by using an Aggregator or directly.
In the first case, the organisation will need to go through a formal process for participation.
In the second case, the organisation must meet specific requirements. For example, to directly join CoP, you must be FCA or NCA-regulated, with official permission to perform payment service activities.
You must also be an account holding PSP with existing customers that can be reached via a sort code and account number.
In addition, the organisation must not have their own sort code. Instead, you are required to have accounts addressable by Secondary Reference Data (SRD).
Lastly, the organisation must be named by PSR on the SD17.
Once it’s established that the organisation abides by all of the above mentioned, it will be permitted to create its in-house CoP solution or partner with a third party that offers this solution to UK organisations.
What is Payer Name Verification?
Operating a step above CoP, Payer Name Verification (PNV) is a supplementary service to Confirmation of Payee customers that enables account name checks prior to setting up Bacs Direct Debit payments.
PNV is a critical safeguard that ensures payments are sourced from the right account, naturally mitigating the possible risks and expenses of misrouted transactions.
Through Payer Name Verification, all parties involved benefit from better rates of set-up and rejection. The solution also contributes to minimising fraud and indemnity claims associated with Direct Debit.
Why is payment confirmation essential?
Payment confirmation is significant for many reasons.
Transparent communication
Apart from acting as a transaction record, payment confirmation also helps prevent payment disputes and conflicts between customers and merchants.
It contributes towards clear communication as it offers transparency and quickly clarifies transaction misunderstandings.
Building trust
Establishing trust is one of the most significant challenges hidden in the communication between product or service providers and customers.
Payment confirmation facilitates strong relationships based on openness and trust between all parties participating in a transaction. Thanks to this verification method, customers have access to a legitimate payment confirmation, giving them peace of mind that their money has been collected and acknowledged by the appropriate receiver.
This significantly limits the chances of doubts arising regarding a payment.
Eliminating problems
Payment confirmation creates opportunities to quickly and swiftly identify and resolve problems that may have arisen throughout the payment process.
Any discrepancies are instantly identified, allowing all parties involved to work towards a mutual solution and fostering positive customer relationships.
A source of evidence
Last but not least, payment confirmation serves as unquestionable payment confirmation – a crucial asset to have access to in events of disputes or legal conflicts.
The payment of confirmation provides legitimate data on transaction data, like date, amount, and payment method, enabling you to resolve the dispute effectively.
This is essential information to have, especially in cases of mediation, legal proceedings, or arbitration.
How to enjoy more effective payment confirmation
Regardless of the channels through which payment confirmation is sent (be it email, text message, or other app notifications), several best practices can help make these messages more effective.
For instance, it’s highly recommended that the payment amount be clearly stated and factors in relevant fees and taxes.
The used payment method is also a fundamental piece of information to be included, acknowledging whether the transaction was made in check, credit card, or electronic transfer.
It’s advisable to feature the payment time and date in the payment confirmation to create a transparent timeline and use this data as evidence if required.
Moreover, relying on a unified payment confirmation template can create an extra layer of consistency, professionalism, and reliability.
Payment confirmation in the future
As online transactions continue growing, it’s only natural that payment confirmation will prove to be even more fundamental.
Platforms involved in the process strive to turn the payment confirmation process into a fast, efficient, secure, and user-friendly experience. As the dynamics of the digital world evolve, it’s possible to witness even more advanced payment confirmation integrations with technologies like blockchain and AI.
Frequently Asked Questions
Are payment confirmation and payment settlement the same?
No, payment confirmation is not the same as payment settlement. Payment settlement represents the transfer of funds from the customer’s account to the payee’s account. It completes the financial transaction and takes place after payment confirmation.
Is payment confirmation the same as receipt?
No, payment confirmation and receipt are two terms that represent different concepts. A receipt simply provides data on the completed transaction after it has been completed, payment confirmation verifies and authorises the payment.
What is the difference between payment confirmation and invoice?
While payment confirmation confirms the successful payment and the transfer of funds from the customer to the merchant, an invoice acts as a formal request for payment. A seller usually creates and sends it to a service provider before the payment.
What can influence the speed of payment confirmation?
The processing time of payment confirmation can be influenced by several factors, including the type of payment method used, the involved financial institutions, the selected payment processing service, and even network congestion. In addition, the time necessary for verification checks and international transactions are also important factors.
