Open Banking on Hold: CFPB Plans “Interim” Data-Sharing Rule Amid Funding Woes

The Consumer Financial Protection Bureau (CFPB) is poised to use an emergency interim final rule to carry out its new open banking framework, rather than completing the normal multi-step rulemaking process. It’s because the CFPB is under significant financial pressure and is caught in political disputes over how much funding it should receive. And for this reason, the agency has not been able to proceed with implementing Section 1033 of the Dodd-Frank Act, which addresses consumer access to financial data.

In this article, we explain why the CFPB is resorting to an “interim final” rule, how funding fights and dismantling attempts are stalling it, and what it means for banks, fintechs, and the timeline for open banking.

Background: Section 1033 and the Open Banking Rule

Flexible payment processing solutions for small businesses.

Section 1033 of the Dodd-Frank Act (2010) obligates financial institutions to make consumer financial data available to customers and their authorized third parties. In October 2024, under the prior CFPB leadership, the agency finalized a Personal Financial Data Rights rule to implement this data-rights mandate. That rule required banks with more than $850 million in assets to provide API access to account information (balances, transactions, payment schedules, etc.) on standardized, secure terms.

Under the published schedule, the largest banks would have to comply by April 2026, with smaller banks phased in through April 2030. The goal was to create an open banking ecosystem similar to Europe’s PSD2: consumers could authorize third-party apps to access data from their banks, fostering fintech innovation and competition.

However, the 2024 rule quickly became embroiled in controversy. Major banks and industry groups sued, arguing that the CFPB exceeded its authority and that the mandate was unduly burdensome. A federal judge in Kentucky delayed the rule’s effective dates and issued an injunction preventing enforcement until the litigation is resolved. In 2025, a new administration took over the CFPB, with different priorities. The bureau signaled it would reopen the rulemaking, seeking comments on narrowing who may access data, whether banks can recover costs through fees, and what security or privacy changes to require.

Why an Interim Final Rule?

Secure Merchant Payment Solutions from Host Merchant Services.

An interim final rule is an unusual “shortcut.” The agency issues a rule that takes effect immediately while still accepting comments, instead of waiting for the usual notice-and-comment period. The CFPB says it needs this emergency measure because its funding is exhausted. In legal filings, the bureau told a federal court it expects to “run out of money” by the end of 2025 and will not have funds to finish a regular rulemaking.

The bureau noted it currently has cash to operate through December 31, 2025, but beyond that, the White House has refused to replenish its budget. Under federal law, the CFPB draws funding from Federal Reserve earnings. But an October 2025 Department of Justice opinion found that no Fed balances are available to transfer to the bureau. After this yea,r the CFPB will effectively have no funds until Congress acts.

The agency’s acting director, Russell Vought, who also heads the Office of Management and Budget, has publicly signaled he intends to “close down” much of the CFPB and downsize it dramatically. Faced with this cash crunch, the CFPB has told courts it will skip some steps and swiftly finalize an open banking rule.

Funding Battles and the Fight to Dismantle the CFPB

The need for an interim rule is rooted in a bitter funding and political fight over the CFPB itself. Since early 2023, Republican lawmakers and the new administration have sought to curtail the bureau’s budget and authority. In Congress, House Republicans have voted to slash CFPB funding, proposing to cut the agency’s cap on Fed earnings from 12% to just 5%. This would remove roughly $250 million in resources (about 70% of its budget) and return it to a pre-2011 level.

Republicans even introduced a “Defund the CFPB Act” to cap its funding at zero. The stated goal is fiscal restraint, but critics say it amounts to a legislative effort to starve the bureau of funds altogether.

These moves follow a federal court’s ruling blocking the Trump administration’s attempt to eliminate CFPB staff through layoffs. Since that order, the administration’s strategy has shifted to using budget legislation to disable the agency. At the same time, President Trump and other conservative officials have said outright that the CFPB should be dismantled as an unelected regulator.

Acting CFPB Director Vought, a former aide to Trump, has repeatedly assailed the agency’s mission and slashed its operations. He reportedly told bureau employees that almost no one will be working there, aside from Republican appointees, as it winds down.

Because the CFPB was created by Congress, dismantling it fully would require legislative action. In the interim, Congress’s decision not to appropriate new funds has effectively paused the bureau’s work. Nonprofit groups and unionized CFPB staff have sued to force Congress to restore funding, but so far those efforts have not succeeded. The result is that the CFPB is operating on a shoestring.

Congress’s recent proposals would leave the bureau with only 30% of its previous budget to fulfill all statutorily required tasks. This funding squeeze directly underlies the CFPB’s claim that it must issue an interim final rule under Section 1033.

What Would an Interim Open Banking Rule Require?

Flexible payment solutions for businesses at Host Merchant Services.

Because the CFPB is still collecting input for a new full rule, the interim rule is likely to focus on near-term mechanics rather than substantive changes. It could temporarily extend compliance deadlines and preserve existing data-sharing obligations, while the agency works out details through a revised rulemaking process. It could also be used to delay the original April 2026 start date for big banks.

In fact, the courts have already pushed the compliance dates out by 90 days, and the CFPB is considering further extensions. If an interim rule delays those deadlines (e.g., by one year), covered banks would have more time to build or adapt their data APIs, and fintech firms could adjust their rollout plans accordingly.

Banks should continue their preparations for eventual compliance. Even if the first enforcement date is pushed back, large banks still need to develop secure data-portability interfaces and adopt any required standards. Many large banks (such as Bank of America, Citibank, and U.S. Bank) already have open API systems in place, but smaller institutions will need additional lead time. Fintech companies, for their part, should maintain readiness to receive data through these new channels and keep their user-consent systems up to date.

One crucial question is whether the interim rule will change the substance of data sharing in the short term. The Biden-era rule banned banks from charging customers for sharing their data. Under the interim rule, the CFPB might allow at least a temporary continuation of fee-free access.

The agency is separately considering, in its advance notice, whether banks should be allowed to recoup costs through “reasonable” fees, a debate sparked by recent bank announcements that they plan to charge fintechs for data access. For now, absent a new final rule, the existing prohibition on fees may effectively remain in place.

Similarly, the 2024 rule broadly defined who counts as an authorized “representative” for a consumer (including non-fiduciary fintechs). The new CFPB leadership is reconsidering whether to narrow it to fiduciaries only. An interim rule likely won’t resolve that question immediately; that will come in a later final rule.

But fintechs should be aware that who can request data on a user’s behalf may change. Banks and other data holders will continue to process any legitimate requests they currently receive under 1033, but an interim rule may hold the line rather than expand the regime.

What Can We Expect in the Near Term

Deadlines may shift: The interim rule could extend the compliance deadlines for banks. In that case, the compliance schedule (originally set for April 2026 for the largest banks) will be pushed out, perhaps to 2027. Both banks and fintechs should plan for a later start to full-scale data sharing.
Continue readiness: Institutions subject to Section 1033 should continue to build out APIs, security, and consent tools. Even if enforcement is delayed, the technical and operational work of open banking goes on. Developing standardized data formats (e.g,. FDX or similar) and rigorous security controls now will ease the eventual rollout. Fintech developers should stay engaged with the rulemaking process and ensure their systems can handle data from all major banks.
Monitor fee and privacy rules: The CFPB is soliciting input on whether to allow cost-based fees and how to tighten privacy controls. If the final rule permits banks to recover costs via fees, fintech apps may face new charges for data access. Industry groups are sharply divided: banks argue fees are needed to cover expenses, while consumer advocates warn they would become a “toll on consumers.” Whatever happens, banks should be ready to comply with any fee regimen, and fintechs may need to adjust their pricing models if data access is no longer free.
Data security remains critical: The CFPB’s advance notice also questioned existing security standards. Banks and fintechs must continue to adhere to robust security standards (e.g., by discouraging screen scraping and complying with GLBA safeguards). In the interim, both sides should use this extra time to strengthen protections and mitigate privacy risks.
Legal limbo persists: Until the CFPB issues a final rule after comment, the precise obligations remain unsettled. Both banks and fintechs should monitor litigation and agency updates, as the court could impose additional stays or the bureau could further extend deadlines through the interim rule.

Shifting the Timeline for Open Banking

Flexible payment processing solutions for businesses - Host Merchant Services.

With the interim rule delaying the process, the overall timeline for Section 1033 implementation will slip. The initially published schedule (large banks by April 2026, smaller banks by 2030) was based on the 2024 rule. In mid-2025, the CFPB had already paused those dates by 90 days while it reopened the rulemaking. Now, the bureau is openly asking whether that timeframe remains feasible if it revises the rule.

It seems likely that the first compliance deadlines will be pushed out by at least a year. If reopening the rule took nine months previously, a new full rule after ANPR (August 2025) could realistically emerge in early 2026 or later. Large banks might then be given until sometime in 2027 to enable open banking APIs.

In any event, the staggered schedule (with full implementation by around 2030) will probably be preserved, but shifted later. Even if delayed, the “open banking” framework will still be phased in by the early 2030s.

Not everyone views the delay as purely negative. Fintech advocates argue that pushing out deadlines avoids rushed rollouts and gives stakeholders more time to prepare robust systems. The Financial Technology Association, which intervened to defend the 2024 rule in court, told the judge that “delays in full implementation of Section 1033 harm the public interest” and urged the CFPB to let the rulemaking proceed on its own timeline.

In other words, if open banking is ultimately good for competition and consumers, then ensuring the rule is well-crafted and implementable may justify the extra wait.

The first meaningful compliance dates (for the largest banks) will no longer arrive in 2026 as initially planned. CFPB officials have acknowledged they will likely not issue the final rule until 2026 at the earliest, pushing significant data-sharing obligations into 2027 or later.

Looking Ahead

In its filings, the CFPB has affirmed that it ultimately intends to finalize the open banking rule. A spokesperson told reporters that the Section 1033 framework “will absolutely be finalized,” even if the process is being accelerated and truncated in parts. This means that once the funding impasse is resolved (or workarounds are implemented), the bureau still expects to implement a permanent rule to ensure consumer financial data rights.

For now, however, open banking progress depends on the outcome of political and legal battles. If the funding freeze persists, the interim rule may serve as a stopgap for months to come. Banks should focus on system readiness and compliance planning. At the same time, fintech companies should engage with regulators and be prepared for both favorable and adverse policy changes (e.g., changes to allowable fees or access restrictions). Consumers hoping to use future apps for budgeting or account aggregation will have to remain patient until this regulatory saga concludes.

Conclusion

The CFPB’s move to an interim final rule is a direct consequence of its funding crisis and the broader campaign to curtail the bureau. It pauses the aggressive timeline for data-sharing but does not cancel Congress’s directive on open banking.

Ultimately, Section 1033 remains viable, but its implementation will depend on both the shifting political winds and the following chapters of CFPB rulemaking.

Frequently Asked Questions

What is an “interim final” rule in open banking?
An interim final rule takes effect quickly without the whole public comment process. The CFPB plans to use this approach to expedite the adoption of open banking rules, with the option to revise them later.
Why is the CFPB low on funding, and how does that affect open banking rules?
Funding disputes and legal challenges have limited the CFPB’s resources. As a result, the agency cannot complete the normal rulemaking process and is using an interim rule to avoid missing key deadlines.
What was the original open banking rule meant to do?
The original rule aimed to give consumers control over their financial data. It would require banks to securely share account data with approved third parties upon customer consent.
How might an interim rule differ from the original open banking rule?
The interim rule is likely narrower and more temporary. It may set basic data-sharing requirements first, while delaying more complex provisions until funding and legal issues are resolved.
What does this mean for consumers and fintech companies?
Consumers may start gaining easier access to their financial data once the interim rule takes effect, likely in 2026. Fintechs and banks will get more explicit guidance, but should expect changes as the rules evolve.u003cbru003e

Stripe’s “Agentic Commerce” Suite Ushers in the AI Shopping Revolution

Stripe has just launched a new Agentic Commerce Suite to help merchants sell directly to AI-driven shopping agents. In the era of agentic commerce, autonomous AI assistants can handle product discovery and purchases on users’ behalf. To make it easy for businesses to sell to AI agents, Stripe agentic commerce suite is a one-stop solution that makes your products discoverable, simplifies checkout, and enables agentic payments through a single integration.

Major brands and platforms are already on board: Stripe names retailers such as Kate Spade, Coach, URBN, and Ashley Furniture, and e-commerce platforms such as Squarespace, Wix, Etsy, WooCommerce, commercetools, and BigCommerce among the first adopters.

What Is Agentic Commerce?

AI customer support chatbot for Host Merchant Services simplifies payment solutions.

At its core, agentic commerce means letting AI agents act autonomously on shoppers’ behalf. Instead of passive recommendations, AI assistants proactively find, compare, and even buy products for the user. Agentic commerce is AI that acts on behalf of users or businesses to manage tasks such as personalized recommendations and order placement. This involves granting AI assistants access to your product catalog and checkout to complete purchases.

Stripe and OpenAI have taken a leading role here: they co-developed an open standard, the Agentic Commerce Protocol (ACP), to enable this direct interaction. ACP provides a standard set of APIs for product feeds, checkouts, and delegated payments, enabling any AI platform (such as a chatbot or voice assistant) to interface with any merchant’s systems.

It is open-source (Apache 2.0) and “easy to adopt,” integrating with existing payment processors and back-end systems while ensuring merchants retain all their usual controls. Merchants remain the “merchant of record”: the seller still owns the customer relationship, handles fulfillment, and has access to all order details. All told, the ACP enables ChatGPT and other AI tools to serve as virtual shopping assistants: Stripe powers ChatGPT’s new “Instant Checkout” feature on Etsy and Shopify via ACP, enabling in-chat purchases.

Stripe Agentic Commerce Suite Features

AI chatbot assisting with Host Merchant Services payment solutions.

Stripe’s Agentic Commerce Suite bundles several components to connect a merchant with AI shopping channels through a single integration. Key features include:

AI-Ready Product Feeds:

Merchants receive a hosted ACP product endpoint to upload or link their catalog. Stripe then syndicates product data (title, price, availability, etc.) to multiple AI agents simultaneously. In other words, your inventory becomes AI-discoverable across all participating platforms without building a custom feed for each one.

Stripe handles the connectors – with one click, you can automatically start taking payments across any supported agent. Behind the scenes, this uses the Agentic Commerce Protocol’s Product Feed spec to ensure everything stays in near-real-time sync.

Streamlined Checkout Integration:

The Suite uses Stripe’s Checkout Sessions API to handle agentic checkouts. Once a customer (or an AI agent) selects items, Stripe automatically calculates taxes and shipping and validates the order. Merchants can choose to let Stripe calculate these (via Stripe Tax and other built‑in products) or integrate their own tax/shipping logic with minimal coding.

After checkout, the order is handed back to the merchant’s existing system for fulfillment. Crucially, the merchant remains in control: they retain merchant-of-record status, handle payments, and manage post-order steps such as refunds and disputes using their usual processes.

Shared Payment Tokens (SPTs) & Fraud Protection:

A novel part of the suite is the Shared Payment Token, a secure proxy for the buyer’s payment method. When a customer authorizes an AI agent to purchase on their behalf, the agent does not receive the customer’s raw card or account information. Instead, Stripe generates a token scoped to that one purchase, merchant, time window, and amount.

The AI agent uses this SPT to initiate the charge, without exposing the buyer’s credentials. This limits abuse: tokens are single-purpose and observable, reducing the risk of unauthorized charges or disputes. Plus, Stripe’s Radar fraud system analyzes these payments for AI-specific risk signals. In effect, Stripe relays the underlying risk signals – including stolen card or bot patterns – to help differentiate between high-intent agents and malicious bots.

Modularity & Existing Systems:

Every component of the suite is optional and pluggable. A merchant can adopt just the product feed or the complete checkout and payment stack, depending on their needs. Importantly, the integration sits on top of the merchant’s current e-commerce platform and order system, so there’s no need to rebuild everything from scratch.

You connect your product catalog to Stripe, then select which AI agents to sell through. All the agent interactions (catalog queries, carts, charges) funnel through Stripe’s APIs, which then hand off orders to the merchant’s back-end. This lets businesses expand into AI-driven channels while keeping their existing shopping cart, inventory, and fulfillment logic intact.

Early Adopters and Partners

Leading retailers and platforms are already testing the waters. Stripe explicitly lists Coach, Kate Spade, URBN (Anthropologie/Free People/Urban Outfitters), Ashley Furniture, Revolve, Abt Electronics, Halara, Nectar, and others as early users of the Suite. Several e-commerce platforms have built integrations on day one: for example, Etsy, Wix Payments, and Squarespace all confirm they can now surface merchants’ items to AI agents via Stripe.

Commerce parent (BigCommerce) and enterprise platforms like commercetools have similar announcements. Merchants (brands like Perry Ellis and Cole Haan) will gain seamless access to AI-driven discovery, checkout, and payments through a single Stripe integration. What once took months of bespoke engineering is now possible with a single, configurable integration – enabling merchants to unlock AI-driven discovery and checkout flows without reworking their systems.

Opportunities for E-Commerce

Proponents say agentic commerce could open up powerful new revenue streams. Many consumers already use AI tools to research what to buy, and surveys suggest a meaningful share of U.S. adults used AI for shopping in 2025. The idea is that autonomous “shopping agents” are beginning to handle parts of the journey, such as comparing options, selecting items, and completing transactions.

The upside could be huge at a global scale. Some projections suggest AI agents could lift e-commerce conversion rates by roughly 1.5-2.5 percentage points, translating into hundreds of billions of dollars in additional sales worldwide. Other forecasts estimate U.S. “agentic” spending alone could reach hundreds of billions by 2030.

In practical terms, this would give merchants of all sizes a new sales channel: AI shopping assistants. Solutions in this space are being built to scale to millions of users across AI products. Early feedback has been encouraging, with some reporting that a large share of small and mid-size businesses have already seen AI agents complete purchases on behalf of customers.

Consumers are warming up to the idea as well. Research indicates that nearly half of shoppers would consider using an AI agent for routine purchases, with willingness notably higher among people aged 25-44. That points to real demand for low-effort, automated shopping experiences. Industry experts argue AI could make shopping feel more personalized and intuitive, improving efficiency and reducing the need for endless searching.

Early adopters are betting this translates into higher conversion and larger basket sizes. By making product catalogs accessible to assistants such as ChatGPT, Alexa, and others, merchants can capture purchases that would otherwise be lost. Shared product feeds and streamlined checkout could enable customers to buy directly within a chat or voice conversation, instead of navigating to a website and completing a manual checkout. Overall, many observers believe that agentic commerce is moving beyond hype toward a tangible sales channel that could meaningfully reshape online shopping.

Security and Trust Challenges

However, there are real perils and concerns to address. Many businesses and consumers remain wary of letting an AI “click buy” without supervision. The core tension is evident: companies want AI-driven growth, but with safeguards in place. Some enterprise leaders have been blunt: they want to participate early without rebuilding core systems, which makes it essential that security and control measures are built in from the start. Others emphasize that this innovation must be simplified, secure, and scalable, or merchants won’t adopt it with confidence.

Concrete worries are easy to understand. A significant share of businesses say they would be concerned if AI agents started buying on behalf of consumers. The central reservations tend to cluster around security (protecting payment credentials and sensitive data), fraud prevention, and dispute resolution.

Without the right tools, the idea of “robot” shopping can feel risky. Malicious bots could exploit loopholes, automate card testing, or generate high-volume, hard-to-resolve transactions. Consumers share that hesitation: only a small minority report having allowed an AI assistant to complete a purchase, and an even smaller fraction says they’re interested in doing so. Many people still prefer the control and visibility of completing checkout themselves.

To reduce these risks, payment platforms are building guardrails designed specifically for agent-driven purchases. One approach is tokenization, which prevents agents from ever seeing raw card details and tightly constrains a payment to a specific, intended transaction. Another is enhanced fraud screening that looks for patterns common to automated or agentic behavior. Systems can also be designed to keep merchants in the loop – such as requiring order approval steps or adding verification points – so purchases don’t become fully automated “blind buys.”

Even with these protections, trust will likely take time to build. Familiarity tends to reduce anxiety: people and businesses get more comfortable once safeguards prove themselves in real-world use. For now, the most realistic stance is cautious optimism – embrace AI as a promising new channel, but pair it with strong transactional security, fraud defenses, and transparent processes for disputes and accountability.

Conclusion

Stripe’s Agentic Commerce Suite is a clear sign that AI shopping agents are moving from concept to reality. By co-developing an open standard with an AI partner and offering a turnkey integration, Stripe is lowering the barrier for merchants to reach customers through AI assistants. Early trials across well-known retailers and major commerce platforms suggest that both large brands and smaller sellers are eager to experiment.

If AI agents can deliver truly frictionless shopping – discovering products, answering questions, and completing checkout inside a conversation – merchants that adapt early could gain a meaningful edge. But adoption will hinge on trust. Strong security controls, transparent user consent, and apparent dispute and returns processes will be essential to making merchants and consumers comfortable with AI-assisted purchasing.

For now, Stripe is positioning the Suite as a measured step forward: enabling AI-driven transactions while emphasizing safety and reliability. The near term will test whether agentic commerce can meet expectations quickly, or whether both shoppers and businesses will need more time – and more proven safeguards – before they embrace it at scale.

Frequently Asked Questions

What does “agentic commerce” mean?
Agentic commerce is shopping conducted by AI assistants rather than people. An AI agent can search for products, decide what to buy, and complete the purchase on a customer’s behalf.
What is included in Stripe’s Agentic Commerce Suite?
Stripe’s suite helps businesses sell to AI agents by making product data easy to find and checkout simple. It also uses secure payment tokens, enabling AI to complete purchases safely.
Which companies are using Stripe’s agentic commerce tools?
Early adopters include brands such as Coach and Ashley Furniture, as well as platforms including Etsy, Wix, WooCommerce, and BigCommerce. These companies are preparing their stores for AI-driven purchases.
Why is agentic commerce important for the future of shopping?
It shifts shopping tasks from humans to AI, saving time and opening new sales channels for merchants. This model grows quickly, though it changes how orders and payments are handled.
What risks and challenges come with agentic commerce?
Security, fraud, and trust are significant concerns. Businesses must plan for mistakes, disputes, and system readiness, while balancing innovation with strong safeguards.

Restaurants Embrace Cash Discounts as Card Fees Squeeze Margins

As restaurants struggle with inflation and thin margins, payment processing costs have become a significant concern. In the U.S., credit card processing is now the third-largest operating expense for a typical restaurant, behind only food and labor costs. These “card swipe fees,” which are roughly 2-4% of each credit card sale, have risen sharply in recent years. Industry data show U.S. merchants paid about $187.2 billion in interchange and processing fees in 2024, roughly 70% higher than before the pandemic.

For a small restaurant, this can amount to tens of thousands of dollars a year, eroding already razor-thin margins. With menu-price inflation already squeezing customers, many operators are wary of simply raising prices again. Instead, a growing number are quietly passing some card costs back to customers through dual pricing, offering a small discount for cash or applying a modest surcharge on credit cards, to shore up profits without a blanket price hike.

Rising Card Swipe Fees and Pressure on Margins

Cash discount store illustration with POS terminal, storefront, and shopping concept.

Over the past decade, the U.S. payments landscape has tilted further toward cards. Nearly 70% of restaurant transactions are now non-cash, and networks like Visa and Mastercard capture a slice of each credit sale. While consumers enjoy rewards and convenience, restaurants literally pay for the privilege. For every $100 on a bill, a typical U.S. restaurant might keep only about $97.50 after interchange and gateway fees are paid to banks and processors.

Those deductions add up fast. In 2024 alone, U.S. credit and debit card swipe fees totaled a record $187.2 billion. This was about $1,200 for the average family, and the cost has jumped roughly 70% since 2019.

This spike has turned card fees into a crisis for restaurants. Until recently, small restaurants could absorb credit card charges without drawing attention. But rising food and labor costs mean margins are thinner than ever. Credit card processing has become the third-highest expense for a typical restaurant, behind only food and payroll. For a local bistro, paying even 2-3% on $1 million in annual sales can eat up $20,000-$30,000 from the bottom line – more than the profit on many months of business. Faced with this pressure, operators report they can no longer ignore the cost.

At the same time, restaurants have few tools to push back. Unlike large chains, most independents can’t negotiate drastically lower rates with Visa/Mastercard. They can’t refuse cards (it’s against card brand rules), and lowering menu prices to offset fees only digs a hole for survival, not sustainability. With public and regulatory attention on the cost of living, any significant menu price increase risks customer backlash.

Dual Pricing, Cash Discounts, and Surcharges

Dual pricing means posting two prices for the same item: a slightly lower price for cash payments and a higher price for credit/debit card payments. Under this model, paying with cash effectively earns a slight “discount” (e.g., 2-3%) off the menu price. The same effect can be achieved by adding a surcharge when a card is used, though terminology and legal nuances differ. These programs are identical; card users pay a bit more, cash users pay a bit less. The economics are straightforward: the extra cents on card payments cover the processing fee, while cash patrons receive a discount.

This strategy is common in some industries (e.g., fuel stations have long listed separate cash and credit fuel prices). Now, more restaurants are experimenting.

Customers rarely notice and don’t care; nearly everyone pays by card anyway. Even after adding the surcharge, the tab for a dinner order remained competitive with nearby restaurants. A higher price for a card payment is a ‘normal’ trend, and many other local eateries do it. By openly displaying both prices, customers see precisely what they save by paying cash.

Other tech-forward examples have emerged. In 2024, the popular restaurant POS provider Toast quietly began offering a surcharge feature to its 120,000 clients. Toast has just raised its processing rates for some merchants (for the first time in 12 years) and now allows restaurateurs to add a compliant surcharge at checkout if they choose. If a diner on a $50 bill sees a 3% fee, the restaurant nets an extra $1.50 (about the same as the processing cut).

Toast believes this helps protect restaurants’ bottom lines without carving an obvious fee into the price list. Other POS systems, such as Square, Shift4, and Clover, also offer “cash discount” or “dual pricing” options.

The idea is gaining traction. Surcharging and cash-discount programs are still emerging, not yet ubiquitous. A 2024 NRA survey found that only about 16% of operators had any surcharge or cash discount in place. (This low figure includes extra fees for large parties or delivery; true payment surcharges were even rarer then.) However, real-time data suggest rapid growth: a December 2025 merchant study reported roughly one-third of businesses (across sectors) were now adding card surcharges, up from under 5% in 2021.

In restaurants, anecdotal evidence from Texas to New York shows local eateries quietly adopting cash specials or “service charges” labeled as a fee to cover card processing costs. All told, the trend reflects a shift toward greater price transparency: instead of mixing fees into menu prices, restaurants are signaling the actual cost of credit in real time.

Implementing Cash Discounts – Practical and Legal Considerations

Implementing cash discounts or surcharges isn’t just a business decision – it involves careful compliance. Payment networks and state laws set strict rules. At the federal level, merchants may apply a surcharge on credit card transactions (subject to network rules), but most states ban such fees outright or cap them at around 4%. As of late 2025, only a handful of U.S. states (Connecticut, Maine, Massachusetts, and Puerto Rico) prohibit surcharges on card payments. Other states (like New York and California) allow surcharges only if they are clearly disclosed and do not exceed the actual fee charged.

For example, New York law forbids separately listing a surcharge line on a check, effectively requiring merchants to call it a “discount for cash.” Importantly, network rules insist that debit card payments cannot be surcharged – only credit cards are fair game.

For these reasons, most restaurants frame the adjustment as a cash discount rather than an add-on fee. They post one price (the higher “card price”) on menus and signage, then deduct a few percent at checkout when cash is used. This “two-tier pricing” approach skirts legal issues in restrictive jurisdictions and is fully sanctioned by Visa and Mastercard, provided the discount is clearly advertised.

Regardless of method, successful rollout hinges on transparency. Restaurants should prominently disclose dual pricing on menus, websites, signs at the register, and printed receipts. Some owners report telling new customers in a one-sentence script (“we can do 2% off for cash”) to avoid confusion. Customers are generally placated if they understand the reason and see their savings; surprise or misleading fees, by contrast, can spark negative reviews or even regulatory scrutiny.

Operationally, the shift usually requires minimal effort. Modern POS systems typically include built-in features to apply cash discounts or surcharges and handle bookkeeping to split sales figures. Restaurants planning this change are advised to consult their payment processor and local attorney: ensure the chosen method (cash discount vs. surcharge) is permitted in their state, set the correct percentage to avoid exceeding actual costs, and train staff to explain it to guests. When done right, many merchants find the process smooth – staff say customers usually appreciate the discount option, and don’t often remark on it after the first visit.

Impact on Diners and Market Dynamics

How are customers responding? Early evidence is mixed. Some diners grumble that new “fees” feel like junk charges, while others are indifferent. In some cases, guests still paid by card and barely noticed the change. In fact, many customers expect merchants to quote a cash price: gas stations have trained Americans to think of the card price as the “regular” price, with a built-in card fee. A rising share of merchants (34%) now impose surcharges on card purchases. This means card-carrying diners will increasingly encounter small upcharges on their bills.

For a frequent restaurant-goer, the effects can be tangible. A typical 2.5% surcharge can easily wipe out a 2% credit card rewards rate, effectively turning a modest purchase into a net loss for the cardholder.

On the other hand, savvy consumers can adapt. A few patrons may opt to pay in cash upon seeing the discount. Local credit unions and associations have even mounted “cash is king” campaigns, highlighting that a $0.50 coffee surcharge, for instance, could add up over time – and suggesting cash as a way to support local businesses.

In most cases, however, the convenience of plastic reigns. The NRA reported that Americans have grown accustomed to “cashless” dining (even though some data show credit cards used slightly less than debit at restaurants, over 60% of spending is non-cash). If anything, the new pricing may encourage a few more diners to keep a $20 bill handy, but it is unlikely to reverse the overall trend toward electronic payments.

From a market standpoint, the rise of cash discounts is already influencing competition. Restaurants that impose surcharges may be at a disadvantage if nearby competitors do not (or if those competitors quietly absorb the cost through slightly higher menu prices). However, the amounts are relatively small, like a 3% surcharge on a $100 tab is $3, which many diners accept as the “cost of doing business” for card convenience.

Some franchise chains have held back on surcharges to avoid customer backlash, while independents and locals (who cannot easily raise prices further) seem more willing to experiment. Notably, some diners and watchdogs classify surcharges as “junk fees,” a term now under regulatory scrutiny. Federal agencies (and some states) are cracking down on undisclosed add-on fees across industries. As a result, any restaurant that adopts dual pricing must ensure the charge is advertised transparently and labeled appropriately, or risk violating consumer protection rules.

Looking Ahead: Policy and Industry Trends

The scramble over swipe fees isn’t happening in a vacuum. Restaurant groups and merchant coalitions are lobbying for broader fixes. The National Restaurant Association, for example, actively supports the Credit Card Competition Act (CCCA), proposed legislation to introduce more networks and transparency into the card system.

NRA research suggests that enforcing competition could save merchants and consumers more than $16 billion per year. Likewise, the Independent Restaurant Coalition and food industry associations regularly urge Congress to cap or reduce interchange fees, arguing that smaller independents suffer disproportionately under the current Visa/Mastercard duopoly. Efforts like these have had mixed progress: the CCCA has stalled repeatedly, and even regulatory tweaks (like cap on debit fees under the Durbin Amendment) offer only limited relief.

In the meantime, many restaurants are taking matters into their own hands. Dual pricing is one tactic among several in a broader cost-saving toolbox. Alongside surcharges and cash discounts, operators are trimming operating hours, re-engineering menus (dropping unprofitable dishes), and using loyalty programs and off-peak promotions to boost revenue.

Some chains are even encouraging customers to use cheaper payment methods. For instance, a few upscale chains remind diners that cash and debit cards cost less (though they cannot legally refuse plastic). Ultimately, the billing strategy a restaurant chooses will depend on its clientele and local regulations.

What does this mean for consumers? Diners should be aware that two prices may appear. If a menu notes a “cash price” or if the receipt shows separate totals, that is the restaurant’s way of passing along processing costs. Paying cash will save the stated percentage, while using a credit card will trigger the higher price.

Financially savvy customers can adapt by calculating their net rewards: if your credit card bonus is 1-2%, a 3% surcharge might negate any gain. In the long term, if legislation forces lower interchange fees, these surcharges could disappear. For now, however, restaurants see them as a necessary counterbalance to protect staff, service, and food quality amid overwhelming costs.

Conclusion

Mounting card fees have pushed U.S. restaurants to explore pricing models long used elsewhere: offering discounts for cash or surcharging card users. The trend is driven by economics: as credit card networks capture an ever-larger share of each dining dollar, independent restaurants have little margin left to absorb those costs.

If current patterns persist, customers may start to view cash not as archaic, but as financially savvy – at least at the local cafe. Meanwhile, the industry and lawmakers will continue to debate whether to rebalance the system through regulation. For restaurants and diners alike, the message is clear: be alert for new price signals at the table.

Frequently Asked Questions

What are credit card surcharges and cash discounts in restaurants?
A surcharge adds a small fee when customers pay by credit card to cover processing costs. A cash discount lowers the price for customers who pay with cash. Both help restaurants reduce card fees.
Why are more restaurants adding these fees now?
Rising costs from inflation and higher card processing fees have squeezed profit margins. Adding surcharges or cash discounts helps restaurants recover these costs without raising menu prices.
Is it legal for restaurants to charge extra for credit card payments?
It depends on state law. Many states allow surcharges or cash discounts when clearly disclosed, but some ban them. Debit card surcharges are not allowed.
How do customers usually react to dual pricing?
Most customers accept minor differences, especially when framed as a cash discount. Problems usually arise when fees are not clearly explained before checkout.
What other ways can small restaurants manage card fees?
They can encourage cash or debit payments, review processors for better pricing, or use lower-cost payment methods. Some also support efforts to limit future fee increases.

Real-Time Payments for Small Businesses — 2026 Trends to Watch: FedNow, RTP, and Instant Transfers

In a technologically advanced environment, people are tired of waiting for invoice payments and advocate for instant money movement. Today’s small businesses are discovering that instead of sending an ACH payment on Friday and waiting until Tuesday for funds to clear, they can push or request payment and have the money arrive in seconds (even on weekends or holidays). New real-time rails are making this possible. The Federal Reserve’s FedNow service (launched in July 2023) enables banks to send instant transfers 24/7, every day of the year.

Over the last year, FedNow has quickly added participants and volume. Meanwhile, The Clearing House’s established RTP® (Real-Time Payments) network (introduced in 2017) covers most of the U.S. banking system and processes hundreds of billions of dollars per month. Together, these networks mark a sea change in how businesses pay vendors, payroll, and suppliers. Here are the top instant payments trends for small businesses to watch out for in 2026.

Understanding Real-Time Payments

Fast and reliable payment processing for your business with Host Merchant Services.

At its core, a real-time payment is simply an account-to-account transfer that settles within seconds, with funds available to the payee immediately. Unlike ACH transfers (which typically take 1 to 3 business days to process) or legacy Fedwire wires (which only run during banking hours), modern instant rails operate 24/7/365.

The Clearing House RTP and FedNow both use the ISO 20022 messaging standard, enabling rich payment data and immediate settlement. Once initiated, the money moves, and the transfer is final. For small businesses, this means they can send a payment at midnight on Sunday, and the supplier’s account receives it instantly rather than waiting for Monday’s banking window.

Both real-time systems offer very similar core benefits: immediate settlement (often under 5 seconds), irrevocable transfer, and 24/7 availability. They also support payment messaging (e.g., invoice details) and are designed to be accessible to banks and credit unions of any size. The key difference is who runs them.

The Clearing House (owned by major banks such as Chase, BofA, and Wells Fargo) built the RTP network first, while FedNow is operated by the Federal Reserve. Many financial institutions use both rails to reach more counterparties. But currently they operate as two separate, non-interoperable systems. Industry data show that about 58% of banks offering instant payments are connected to both networks.

FedNow: The Fed’s Instant Payment Network

Image source

FedNow is the Federal Reserve’s instant payments rail, launched in July 2023 to give banks and credit unions of all sizes access to real-time transfers nationwide. Early adoption came from smaller institutions seeking parity with large banks already on RTP, but by late 2025, usage had broadened significantly. FedNow now connects roughly 1,500 financial institutions, covering about 40% of U.S. demand deposit accounts, with participation growing faster than RTP did in its early years. Large banks have also joined, including PNC and Capital One, signaling mainstream acceptance.

Network usage has accelerated sharply. In Q1 2025, FedNow processed about 1.3 million transactions; by Q2, that rose to roughly 2.1 million transactions and nearly $246 billion in volume, a 405% quarter-over-quarter increase. Regulators attribute the surge to increased business awareness and new use cases, including payroll, marketplace disbursements, and government payments.

The Federal Reserve has also reduced friction by raising the transaction limit from $25,000 at launch to $10 million by November 2025, enabling larger B2B and real estate payments. Core features, 24/7 availability, immediate and final settlement, push-only payments, ISO 20022 messaging, and built-in fraud controls make FedNow especially attractive for time-sensitive business payments.

Business demand is strong. Surveys show roughly two-thirds of companies would use instant payments for supplier invoices and just-in-time purchases if available, and many SMBs already rely on instant methods to manage tight cash flows. FedNow removes “float,” allowing payments sent outside bank hours to settle immediately.

Adoption has been reinforced by public-sector use, including U.S. Treasury disbursements through the Bureau of the Fiscal Service for programs like FEMA disaster relief. At roughly $0.045 per transfer, far cheaper than wires and close to ACH pricing, FedNow’s cost structure further supports adoption, particularly among smaller banks and their commercial customers.

The Clearing House RTP Network

Secure payment processing with Host Merchant Services for seamless transactions.

Image source

FedNow isn’t the only instant rail in the U.S. The incumbent is the RTP® network, launched in 2017 by The Clearing House. RTP already reaches about 71% of U.S. demand deposit accounts, with technical reach exceeding 90% through intermediaries, meaning most major banks and credit unions are enabled. Like FedNow, RTP operates 24/7 with seconds-level delivery and final, irrevocable settlement, but it benefits from a multi-year head start and deep penetration among large banks and corporates.

That head start is clearly evident on the scale. By late 2024, the RTP Network was processing roughly 1 million payments per day and about $500 billion per month, far exceeding FedNow’s volumes through 2025. Around 285,000 businesses send RTP payments each month, with everyday use cases including loan payments, payroll, and supply-chain disbursements. In February 2025, RTP raised its per-transaction limit from $1 million to $10 million, aligning with FedNow and enabling large corporate and real estate payments to move instantly.

As a result, most banks now pursue a multi-rail strategy. Roughly two-thirds of U.S. banks have enabled at least one instant rail, and more than half of those support both RTP and FedNow to maximize reach. While the two systems are not directly interoperable, third-party providers often bridge them, allowing businesses to pay counterparties on either network. Looking ahead, both rails support Request for Payment (RFP), enabling merchants to send a digital invoice directly to a payer’s bank app for one-click approval. Industry consensus is that RFP could meaningfully reshape B2B invoicing and consumer billing starting in 2026.

Why Instant Payments Matter for Small Businesses

Easy merchant payment solutions for small businesses with Host Merchant Services.

For small and medium enterprises, faster payments can be transformative. The single most significant benefit is improved cash flow and liquidity. Instead of having money sit “in transit” for days, real-time transfers put funds to work immediately. This means a retailer can get paid and use those funds to restock inventory or pay the next invoice that same afternoon. It means a service provider doesn’t have to wait an extra business day to pay wages or suppliers.

Instant settlement eliminates pre-funding: businesses no longer need to hold large cash balances or worry about timing payroll in advance, because the funds arrive exactly when needed.

Another plus is transparency and record accuracy. When payments settle immediately, a business’s books are always up to date. There’s no lag between a customer paying and the accounting system reflecting the new balance. This can simplify reconciliation and planning: at any moment, you have a clear view of cash on hand and outstanding liabilities. Errors and disputes may also drop, since instant rails provide robust status messages (you know right away if a payment went through or failed).

Operationally, real-time payments cut admin work. Instead of printing checks or initiating ACH batches, a company can click to send a FedNow payment or activate a pull via RFP and be done. Funding payroll via FedNow can ensure employees get paid on time, even if last-minute adjustments are needed. Businesses can automate payables and receivables more tightly: some inventory management systems can even trigger instant payments upon shipment arrival (a “just-in-time” model). In fact, Fed surveys indicate that many companies want these options. Nearly two-thirds of firms would use instant payments for recurring bills if their bank offered them.

Several industries are already gravitating toward real-time pay. Online marketplaces are using instant disbursements to pay sellers faster after a sale. Gig-economy platforms pay workers on demand via instant rails. And service firms (contractors, healthcare providers, etc.) can request and receive immediate payment for invoices. In sectors with tight margins and cash constraints (such as hospitality and transportation), businesses increasingly require faster settlement to remain agile. Consumer-facing apps like Venmo and Zelle have shown that people expect instant transfers, and business customers are increasingly demanding the same convenience in B2B contexts.

Finally, timing can be a competitive differentiator. Offering your customers faster refunds or billing them via instant invoice requests can build goodwill. Paying a vendor in seconds can secure an early-payment discount. During emergencies (such as natural disasters), the ability to send or receive funds immediately can be critical. The recent use of FedNow for FEMA relief payments highlighted how much faster funds can reach where they’re needed.

Instant Payments Trends: What To Watch In 2026

Looking to 2026, several key trends are likely to shape how small businesses interact with real-time payments:

1. Continued Growth in Participation

The number of banks and credit unions participating in FedNow and RTP will continue to grow. By early 2026, well over half of all U.S. institutions are expected to be live on at least one instant network. In particular, the remaining mid-size banks – and some of the last big holdouts like Citigroup and Bank of America – have been moving toward connectivity.

PNC and Capital One joined FedNow in late 2025, and more are expected to follow. The result will be an even broader reach for small businesses: eventually, you can assume almost any bank account can send or receive instantly.

2. Higher Transaction Limits and Big-Business Use

With FedNow and RTP both supporting $10 million transfers, large corporate payments are becoming viable on these rails. In 2026, we expect to see more treasury departments sending big vendor bills, cross-border suppliers (via U.S. banks), and real estate or M&A transactions move in real time.

This opens up instant rails for mid-market and enterprise clients, too – meaning fintech tools that serve small businesses (like payment gateways or accounting platforms) may start supporting larger instant transfers.

3. “Request for Payment” (RFP) Goes Mainstream

Both FedNow and RTP support RFP messages (also known as “request-to-pay” or “RTPay”). Starting in 2026, this is likely to become a widely used feature: think of it as electronic invoicing on steroids. A small business can issue an RFP invoice through their bank or invoicing app; the customer receives it (often via their mobile banking app) and taps to pay immediately.

TCH executives believe RFPs will dramatically change receivables, turning old-fashioned bill collections into a seamless digital workflow. We’ll likely see RFP-enabled invoicing portals, QR-code receipts that auto-initiate payments, and more automated bill pay options for consumers and businesses.

4. Multi-Rail as the Norm

By 2026, it will be standard practice for any business-facing bank or fintech to support both FedNow and RTP (and even alternative instant rails like push-to-debit). As noted, over half of banks with instant-pay services already do this. This reduces fragmentation: if your vendor is on one network, your bank can still reach them via the other rail or a combined payments platform.

For small businesses, this means you can request an instant transfer by name, and the underlying system will select the appropriate network or service provider to execute it. In other words, instant payment “interoperability” will come through software and partnerships, if not through a single unified network.

5. Integration with Digital Wallets and Gateways

Expect more third-party payment platforms (e.g., Stripe, PayPal, Square/Block) to integrate with FedNow and RTP. Some already have pilot programs or partnerships in place. In practice, this means a small merchant on such a platform could withdraw or transfer funds on demand via instant rail.

Instead of waiting days to get a payout from an online sales platform, the business could initiate a FedNow transfer. The advantage here is flexibility: you can move funds between your bank and treasury accounts instantly, 24/7.

6. Enhanced Fraud Controls and Data

As instant payments scale, fraud and compliance capabilities will evolve. In 2025–26, the Fed introduced tools such as “account activity thresholds” and is piloting a network intelligence check (which allows senders to query recipient bank information in advance). We expect more such controls to arrive, enabling banks and businesses to vet transactions in real time.

Meanwhile, the rich ISO 20022 data fields available on FedNow/RTP will allow merchants to include detailed invoice information with each payment, aiding reconciliation and reducing errors. Better data enables small businesses to link transactions directly to invoices or purchase orders, improving accounting efficiency.

7. Government and Payroll Use

Beyond the FEMA example, governments at all levels may start using instant rails for certain disbursements (e.g., tax refunds, grants, vendor payments). In 2026, more agencies will likely give small businesses the option to receive funds instantly.

On the payroll side, instant payroll services (sometimes called earned wage access) will grow: employees can access a portion of their salary early, with funds debited from the employer’s FedNow account immediately. Many wage-payment platforms are already exploring this, and the trend will catch on with small employers who want to offer flexible pay.

8. Cross-Border and New Markets

While FedNow and RTP are domestic systems, their adoption could enable cross-border instant transfers in the future (e.g., by partnering with Canada’s new real-time system, which is slated to launch 24/7/365, as FedNow does).

For now, 2026 trends will primarily focus on U.S. domestic flows, but keep an eye on any bridging initiatives between U.S. and foreign RTP schemes – these could simplify international payments in the future.

Getting Started: Using Real-Time Payments in Your Business

If you’re a small business owner or finance professional, here’s how to take advantage of these developments:

Check Your Bank’s Capabilities: First, see if your bank offers FedNow or RTP payment services. Many banks advertise “real-time payments” as a product. Note that early on, some banks only allowed receiving instant payments (so customers could send them money, but they couldn’t send it out). Make sure your account can send on the real-time rail as well. If you’re not sure, ask your banker or check your online bill-pay or payment services; they may offer an “instant transfer” option.
Use Instant Payments for Invoicing and Payables: If you issue invoices, ask your customer to pay via real-time transfer. You could provide your routing and account details along with the invoice and instruct them to use FedNow/RTP. Some billing systems will soon integrate “Pay Now” buttons that generate an RFP on the fly. On the vendor side, you can pay suppliers instantly. If you need to pay a vendor outside regular ACH cycles, log into your bank’s portal and choose the “Instant” or “Real-time” payment option. Your bank will deduct the funds from your account and route them via FedNow/RTP; the vendor will receive the cleared funds seconds later (even if it’s 10 pm).
Automate Recurring Payments: Payroll is a great use case. Instead of accumulating funds days in advance of payday, you can schedule or trigger the payroll file to send via FedNow at pay time. Employees at participating banks will receive their salaries instantly (after tax withholding), with no pushback because the funds haven’t “hit” yet. Similarly, you could automate routine vendor payments (rent, utilities, loan payments) to go out in real time, ensuring no missed deadlines.
Mind the Transaction Limit: FedNow and RTP each have per-transaction maximums ($10 million in 2025). For most small-business needs, this is well above the typical invoice amount. If you have a substantial payment (e.g., from a large construction project), you may need to split it into multiple payments or use wire transfers. But remember that ACH often has per-batch or daily limits, whereas FedNow allows a single push of up to $10M.
Factor in Fees: A FedNow payment costs about $0.045 (4.5 cents) per credit transfer; RTP fees are similar. Compare this to your current costs: if you’re used to wire fees or overnight ACH fees, instant rails can be cheaper. For high-volume businesses, consider how these per-payment fees affect your costs. Some banks bundle real-time payments into package fees, especially as usage grows. It’s a good time to negotiate with your banker, given the competitive landscape of real-time services.
Stay Updated on Standards: Because real-time payments are data-rich, work with your accounting or ERP system to capture remittance info. In 2026, you’ll want to ensure your invoicing software can include invoice numbers or line items in the payment request. This way, when funds arrive, your accounts receivable automatically matches them to open invoices. Also, follow developments like the FedNow ‘Explorer’ portal (fednow.explore.gov) and industry forums for best practices.
Educate Your Customers and Vendors: Not all of your customers or suppliers may yet be familiar with real-time payments. Consider including a note on invoices: “Want to pay instantly? Use bank quick-pay with our routing/account details or look for a ‘Request for Payment’ link.” If a client’s bank supports RTP or FedNow, they might already see an instant-pay option in their online bill pay. On the flip side, if you rely on just a few key vendors, encourage them to enable instant payment receipt (this may require no action on their part if their bank already supports it, but it’s worth confirming).

Conclusion

Real-time payments are poised to become the new normal for small businesses. Both FedNow and RTP have achieved critical mass in participation and now boast billions in quarterly volume. For U.S. SMBs, this means better cash flow, reduced financial friction, and new service models (instant invoicing, on-demand payroll, etc.).

As 2026 unfolds, watch for broader adoption by larger banks, innovative “request to pay” workflows, and the cementing of a multi-rail payments infrastructure. By exploring these tools now, businesses can get ahead of the curve – enhancing liquidity and convenience for themselves and their customers.

Frequently Asked Questions

What are real-time payments, and how fast are they?
Real-time payments are account-to-account transfers that settle in seconds, with funds available immediately, 24/7/365, including weekends and holidays.
What’s the difference between FedNow and RTP?
FedNow is operated by the Federal Reserve, while The Clearing House runs RTP®. Both offer instant, final payments, but they are separate, non-interoperable networks.
Do small businesses need special software to use instant payments?
No. Most businesses access real-time payments through their bank’s online portal or existing treasury, payroll, or invoicing systems, provided their bank supports FedNow or RTP.
Are real-time payments safe and reversible?
They are highly secure but not reversible. Once a payment is sent, it is final; therefore, banks apply fraud controls and transaction monitoring before processing it.
How will instant payments change small businesses in 2026?
In 2026, expect wider adoption of bank accounts, greater use of Request for Payment (RFP) invoicing, faster payroll processing, and tighter cash-flow management to become standard for small businesses.

E-Commerce Fraud & Chargebacks in 2026: Fighting Back Against Online Payment Scams

Online sellers are seeing a sharp rise in e-commerce fraud & chargebacks as we head into 2026. This “chargeback tsunami” is coming from both organized fraudsters and regular customers who abuse the system. Most disputes now involve “friendly fraud,” where legitimate customers dispute valid purchases. In many e-commerce sectors, analysts estimate that about 60-75% of chargebacks fall into this category rather than being caused by stolen cards or hacking.

Chargeback volumes continue to climb, with global disputes expected to reach approximately 261 million by 2025 and 324 million by 2028. That adds up to significant losses: online merchants are set to lose more than $30 billion to chargebacks in 2025 alone (roughly $33–34 billion by some estimates). And the actual cost is even higher, since merchants usually pay $3-$4 in total costs for every $1 of fraud once you add fees, lost goods, and staff time.

The upside is that savvy merchants can counter by spotting emerging fraud patterns (especially friendly fraud) and implementing layered defenses, including stronger fraud filters, more transparent communication, tracking, new network rules, and strong customer service.

Friendly Fraud on the Rise

Unauthorized transaction warning digital icon, cyber security issue, online payment alert, fraud alert, Host Merchant Services.

First-party, or “friendly,” fraud occurs with a valid card and a mostly honest transaction. It occurs when a real customer makes a purchase, receives (or retains) the goods or services, and later disputes the charge, claiming it was unauthorized or not delivered. Common motives include simple buyer’s remorse, confusion (especially with subscriptions or trial offers), or even families sharing a card without permission.

Because the transaction appears legitimate, friendly fraud can be hard to spot until weeks later, when the chargeback is issued. By then, the merchant has already shipped the item or provided the service and has collected payment. The cardholder typically initiates the chargeback process, resulting in the merchant losing both the item and the sale and incurring any dispute fees.

Today, this problem is everywhere. Industry research shows that friendly fraud now drives most online disputes. In one survey, 72% of merchants reported a surge in friendly fraud incidents. Analysts estimate that friendly fraud makes up roughly 60-75% of chargebacks in high-risk online sectors (in some reports, even higher), far above actual stolen-card fraud. Put differently, the vast majority of chargebacks today are actually real customers disputing legitimate transactions.

This shift has several causes:

The post-pandemic normalization of shopping patterns,
Exploding subscription services, and
Consumer behavior

Many shoppers now subscribe to multiple services and may forget to renew, then dispute the charge when it appears on their statement. Others regret an impulsive purchase or find an easier way to get a “free return.”

Specific industries feel the friendly-fraud pinch even more. Digital goods, gaming, and subscription services all report especially high rates of “first-party” fraud. Travel is another flashpoint: consumers who miss a flight or decide not to travel often dispute airline or hotel charges rather than work it out with the provider. Post-pandemic habits play a role here.

Studies of travel merchants show higher “no show” disputes due to weather or personal reasons, and retailers note that Gen Z shoppers, in particular, sometimes dispute purchases out of impulse or confusion. Even everyday purchases, such as healthcare or auto service, can lead to disputes if the customer misunderstands the plan. In all these cases, from the merchant’s point of view, the sale seemed normal and above-board until the dispute arrived out of the blue.

Why friendly fraud is so tricky: It appears to be a regular sale. The transaction is approved, the product ships, and customer communications may all go smoothly. There is nothing to suspect at the point of purchase. Then weeks later, often after the product was delivered, the merchant is blindsided by a chargeback notice.

By that time, the merchant’s evidence may be thin (for example, “proof of delivery” is harder when everything was digital or intangible). Card-issuing banks tend to side with their customers in borderline cases unless the merchant can provide convincing proof. That means merchants must be disciplined in their record-keeping and post-sale communication to combat friendly fraud.

Chargeback Tsunami – Costs and Trends

The scale of the chargeback problem is enormous and continues to grow. Last year, roughly 238 million chargebacks were filed worldwide, and industry forecasts indicate that number will rise dramatically. By 2025, it’s projected to reach around 261 million global disputes, and by 2028, over 320 million. (Some analysts even see 337 million by 2026 under certain assumptions.)

This increase, on the order of 24% or more in a few years, reflects not just more e-commerce, but also how easy dispute filing has become. It also mirrors rising online fraud, with digital fraud losses up about 15% in 2024, indicating more charges are being flagged as suspicious by banks and customers.

For merchants, the financial impact is staggering. In 2025 alone, e-commerce businesses are expected to lose more than $30 billion due to chargebacks. One estimate pegs the global value of disputed transactions at roughly £33.8 billion (about $40 billion) in 2025, resulting in significant refunds and lost inventory. And that’s just the refunds; the actual cost is much higher.

Every dispute incurs fees and overhead: card networks typically charge a fixed chargeback fee (often $15-$25) per case, and merchants incur additional logistics costs, administrative time, and higher processing costs as chargebacks rise. Industry research shows that, once you tally staff hours, fees, lost sales, and penalties, merchants pay roughly $3.75- $4.60 for every $1 in fraud or chargeback losses. In other words, a single $100 fraudulent chargeback can cost a merchant nearly $400 in total costs.

Beyond direct dollar losses, excessive chargebacks can threaten a business’s ability to operate. Credit card brands like Visa and Mastercard monitor each merchant’s chargeback rate (the percentage of transactions that turn into disputes). If a merchant’s chargeback ratio creeps over about 0.5–1% for any month, it often triggers a “chargeback monitoring” program. Merchants in those programs face fines, higher fees, and the need to implement mitigation plans.

If problems persist, a processor may even shut off the merchant’s ability to accept cards. In practice, that means a few chargebacks don’t just steal revenue – they erode trust in the merchant. Regulators and bank underwriters worry that a merchant losing money to chargebacks may be more likely to raise prices or squeeze legitimate operations. Keeping chargebacks under control is critical to avoid losing merchant accounts or being placed on high-risk status.

Tools and Tactics to Combat E-Commerce Fraud & Chargebacks

Cyber security alert for scam detection on merchant processing systems.

Merchants that fight back combine two strategies: first, prevent outright fraud and high-risk transactions up front; second, prepare to handle chargebacks vigorously when they occur. No single tool solves everything; today’s best defense is a layered approach that weeds out bad orders while keeping honest customers happy. Here are the key tactics:

1. Robust Fraud Screening

Use every available fraud filter. Modern fraud prevention platforms use machine learning to analyze each transaction in real time, flagging suspicious patterns, like repeated high-value orders from new accounts, mismatched shipping and billing addresses, or out-of-country cards. Always check the CVV (card security code) and AVS (Address Verification System) on every order – these simple checks can automatically stop a surprising share of fraud attempts. Merchants using AVS see roughly a 15-20% reduction in fraud-related chargebacks by verifying billing addresses. Even when they do block a payment, it’s better than shipping a product you won’t get paid for.

Crucially, implement 3-D Secure 2.0 (the updated version of “Verified by Visa”/”Mastercard SecureCode”). 3DS2 adds an extra identity verification step (such as a one-time SMS code or biometric check) for high-risk transactions. When done right, 3DS 2.0 shifts liability away from the merchant for fraudulent card-not-present charges, reducing fraud chargebacks significantly while keeping the checkout experience smooth. Studies show 3DS and tokenization together can cut CNP fraud by 15-20% or more.

2. Clear Billing Descriptors & Policies

Many chargebacks happen simply because the customer doesn’t recognize the merchant or the charge. Make sure your billing descriptors, the name that shows on the credit card statement, are clear and recognizable – ideally matching your store or brand name. In shopping carts and confirmation emails, use consistent company names and include a contact number or email so that confused buyers can verify before disputing.

Also, simplify refund and cancellation terms. Hard-to-find or confusing return policies prompt impatient customers to dispute with their bank rather than contact you. Spell out product details plainly on the website and in confirmations. For subscription services, send clear reminders when a trial is about to end or a recurring charge will hit. Taking just a few steps like these can dramatically cut misunderstandings.

One recommendation: some savvy merchants send a pre-charge email or SMS that says, “Your [Service] subscription renews tomorrow for $X. Click here to cancel or update your subscription.” This slight nudge often stops customers from filing an “unauthorized” dispute next week.)

3. Proof of Delivery and Order Tracking

When a product is shipped, enable tracking and delivery confirmation. If a customer says, “I never got the item,” a tracked delivery slip or GPS delivery record can be decisive evidence. For digital goods or services, maintain usage or download logs. Whenever possible, collect a signature (including an e-signature) to confirm receipt of high-value items.

Going the extra mile by having a courier-delivered package signed or geo-verified provides proof that should win disputes. One study found that giving clear tracking information and delivery alerts reduced “item not received” disputes by about 25%. At the very least, a photo of the package at the doorstep, stamped with the date/time, can deter a buyer from claiming it was never delivered.

4. Fast Response and Representment Tools:

Chargebacks must be challenged promptly and supported by substantial evidence. Sign up for chargeback management software or services that alert you immediately when a dispute is filed. (For instance, card schemes now offer dispute alerts through partners like Ethoca or Verifi.) An alert lets you contact the customer right away, often resolving misunderstandings before a formal chargeback.

If a formal dispute arises, use chargeback reprieve platforms to automatically assemble the required documents and meet tight deadlines. These systems typically include representation software that packages the transaction history, proof of shipping, customer communications, and more, then submits it to the bank under the right reason code. Since only about 8-25% of chargeback disputes succeed for merchants without strong tools, having an organized representment process is vital.

5. Leverage Card Network Rules (Compelling Evidence, PSD2, etc.)

Card networks have updated their rules in recent years to help merchants fight friendly fraud. Visa’s Compelling Evidence 3.0 now lets merchants submit enhanced proof during disputes – even evidence of prior legitimate transactions or prior authorization flows, to show that the customer did indeed use the card. In practice, this means you can link a friendly fraud claim (“I never bought this”) to the fact that the same customer has used the card for smaller purchases or to auto-pay subscriptions.

When used correctly, these expanded evidence rules can sway issuers. Similarly, Europe’s PSD2 (Strong Customer Authentication) mandates two-factor authentication on online payments – this extra validation (like a fingerprint or code) makes it much harder for a consumer to claim fraud later. Merchants should stay up to date on all applicable rules and submit all available evidence, including proof of customer identity confirmation, correspondence logs, and accepted service terms. Even something as simple as showing an order confirmation email or online chat log can tip a dispute in your favor.

6. Excellent Customer Service as Prevention

Sometimes the best chargeback to win is the one that never happens. Encourage customers to reach out by providing easy support channels. For confused or unhappy buyers, a quick refund or exchange through your support team can salvage the sale and avoid a bank dispute. Especially for subscription or trial-related misunderstandings, a well-timed outreach (“I noticed your plan renewal – do you have any questions?”) can help prevent chargebacks. Train your service reps to recognize when a customer is upset enough to file a dispute and to offer solutions immediately.

In other words, treat refunds as a cost of excellent service that pays for itself. Data show that many disputes are “resolvable” if the merchant communicates clearly and sympathetically. Good communication also means sending receipts and reminding customers about upcoming payments. Even a brief note (“You’ll see the charge on your bill from MyStore.com on May 10th”) can reduce those “unknown charge” disputes.

7. Monitor Chargeback Metrics

Finally, monitor your chargeback rates and reasons closely. Set internal alerts if the ratio begins to rise. Track the most common dispute codes and drill into root causes. If, for example, you see a jump in “product not as described” claims, it’s a cue to improve product images or descriptions. If disputes cluster in a specific geography or customer segment, consider tightening fraud rules for that area or segment.

Many merchants use analytics from their payment gateway or a specialized dashboard to visualize trends. By identifying problems early, you can adjust your policies or technology to mitigate them before they significantly impact you.

Conclusion

Fighting chargebacks in 2026 means a two-pronged approach. On one side, use advanced fraud tools (AI filters, CVV/AVS checks, 3DS authentication) to prevent fraudulent orders from being approved. On the other side, when disputes do occur (especially friendly-fraud disputes), use clear evidence, new network rules, and innovative customer outreach to win them back. When layered correctly, these tactics can dramatically reduce losses.

Frequently Asked Questions

What is friendly fraud, and why is it growing?
Friendly fraud happens when a real customer disputes a valid charge, often claiming an item wasn’t received or a purchase wasn’t authorized. It’s rising because online shopping is easier and chargebacks are easy to file, resulting in significant losses for merchants.
How much do chargebacks really cost a business?
Chargebacks cost far more than the original sale due to fees, lost inventory, and operational work. For every $1 lost, businesses often lose $3–$4, and high chargeback rates can even lead to account closures.
How can I prevent fraud on my online store?
Use fraud tools like CVV and address checks, risk scoring, and 3D Secure for card payments. Monitor unusual orders and consider AI-based fraud services to prevent fraudulent transactions before they result in chargebacks.
How can I fight chargebacks I believe are invalid?
Dispute them through representment, using strong evidence such as delivery confirmation, IP data, device matching, and past purchase history. Acting quickly and submitting clear proof improves your chances of winning.
What new tools or trends are helping merchants with fraud and chargebacks in 2025?
AI-driven fraud detection, chargeback alerts, and bank-merchant communication tools are reducing disputes. Better analytics and customer verification methods are also helping merchants spot risks earlier and respond faster.

Tap-to-Phone Payments: Turning Smartphones into POS Terminals

Smartphones have become full-fledged point-of-sale devices thanks to Tap-to-Phone (a type of SoftPOS) technology. With a simple NFC-enabled phone and payment app, even the smallest businesses can accept contactless cards and mobile wallets. In fact, industry data show Tap-to-Phone is exploding – Visa reported a roughly 200% year-over-year growth in Tap-to-Phone adoption globally.

That growth means millions of merchants of all sizes can now “easily accept digital payments” using their existing smartphones. We’ll explain how the system works, outline the easy setup steps, and highlight why it’s a game-changer for contractors, food trucks, boutiques, and other small businesses. We’ll also cover security, costs, and real-world success stories that show Tap-to-Phone levels the playing field – letting a tiny stand look as polished at checkout as a big-box retailer.

How Tap-to-Phone Works

Secure mobile payment verification with Host Merchant Services.

Tap-to-Phone (also called Tap on Phone or SoftPOS) uses the merchant’s phone as the NFC reader for contactless payments. A Tap-to-Phone app (provided by a payment processor or bank) handles all the card-reading and encryption. In practice, the payment flow is almost identical to using a traditional contactless terminal:

Enter the amount: The merchant opens the Tap-to-Phone app on their NFC-capable device and types in the sale total.
Customer taps to pay: The customer taps their contactless card, phone, or wearable (Apple Pay, Google Pay, Samsung Pay, etc.) to the merchant’s phone. The phone’s NFC antenna reads the payment token just like a card reader.
Process and receipt: The Tap-to-Phone app securely transmits the payment data to the acquirer and issuer over the same networks used by regular terminals. Once approved, the merchant can instantly email or SMS the customer a digital receipt.

Merchants can now accept payments by simply installing an app. Tap-to-Phone lets merchants securely accept contactless payments on the NFC-enabled Android and Apple smartphones they already own.

Crucially, a Tap-to-Phone transaction is still a card-present EMV transaction under the hood. Every Tap-to-Phone charge uses the same encryption and security as a normal contactless chip card payment.

The card data is read as a one-time cryptogram (token) and sent to the issuer for validation. From the user’s perspective, the experience is just as fast and secure as waving an NFC terminal. Tap to Pay on iPhone is protected by the same technology that makes Apple Pay private and secure, and Apple cannot see transaction details.

Simple Setup: Phone and App

Getting started with Tap-to-Phone is extremely easy. The only requirements are:

NFC-capable smartphone or tablet: Most modern Android phones have NFC built in. For Apple, any iPhone XS or later (running iOS 15.5+ or later) can serve as a Tap-to-Phone terminal. (Older iPhones and iPads typically cannot.)
A certified Tap-to-Phone app: The merchant downloads a payment app from a trusted processor (e.g., Square, Stripe/Shopify POS, Worldpay Zelle, Bookipi, Verifone SoftPOS, etc.). Often, this app is free or low-cost, and it connects to the merchant’s payment account.
Payment account or processor: As with any card acceptance, the merchant needs to set up their account or merchant ID with the provider. After that, no new hardware is required.

Once the app is installed, the merchant logs in and is ready to accept payments anywhere with a network connection. Even small vendors can accept payments by downloading a mobile app. Many apps even work offline briefly (caching transactions until next connectivity).

Importantly, all Tap-to-Phone solutions comply with PCI’s mobile standards. Providers typically go through PCI Mobile-POC (Payment on Consumer devices) certification. This means the app’s code and the device’s secure element have been tested to handle card data securely. Although it’s running on a consumer phone, it still meets strict payment security standards. A Tap-to-Phone app must encrypt all transaction data and may use tokenization (so raw card numbers are never exposed). Some apps further require the merchant to unlock the phone or app (with a passcode or fingerprint) before each sale, adding another layer of security.

Why Small Businesses Tap-to-Phone Payments

Secure payment processing for small business merchants | Host Merchant Services.

Tap-to-Phone is especially valuable for small and mobile businesses. Here are the key reasons:

Zero hardware cost: Traditional contactless terminals can cost $300–$1,000 each. Tap-to-Phone replaces the merchant’s phone with their own. Tap-to-Phone requires no additional hardware beyond the app. This eliminates the capital outlay for small businesses, freelancers, home-based businesses, and side hustlers.
Full contactless acceptance: Merchants can accept any NFC payment – credit/debit cards or mobile wallets. Tap-to-Phone makes accepting payments from your customer’s card, phone, or watch simple. This means Apple Pay, Google Pay, Samsung Wallet, and similar services are supported, so customers can pay however they prefer.
Mobility: Your phone goes anywhere – food truck, farmer’s market, customer’s driveway, or even a delivery route. A Tap-to-Phone solution effectively turns smartphones into mobile checkout terminals. This is ideal for itinerant businesses. For instance, a plumber or mobile mechanic can accept card payments on-site using only a phone. A food truck operator can collect card tips in line as easily as receiving cash.
Speed: NFC is swift (often 1–2 seconds). Customers don’t fumble with pins or swipe cards. Faster checkouts can boost satisfaction and sales, especially in queues or on-the-spot purchases.
Digital receipts & integration: Unlike some legacy terminals that print paper receipts, most smartphone POS apps instantly send receipts via email or text, reducing paper use and time spent. Many apps can also integrate sales data with inventory or accounting software. A small shop can track inventory and issue invoices through the same system.
Professional image: Displaying contactless logos and tapping a phone looks modern. Tap-to-Phone makes the checkout experience feel more sophisticated. Even without a big register, the act of tapping to pay gives customers confidence.

These advantages are especially transformational for enterprises that were previously cash-only. A taxi driver, street vendor, or home baker can now easily take card or wallet payments.

Security and Compliance

Security for Tap-to-Phone mirrors that of chip card terminals. Every tap uses encryption: the raw card data is exchanged as a single-use token (cryptogram) through the payment network. PCI Security Standards require that Tap-to-Phone apps meet strict rules (the PCI MPoC standard) to protect data. Typically, the sensitive EMV logic runs in a secure hardware element on the phone, or in a trusted cloud service tied to the certified app. Apps also commonly use tokenization so that merchants never see a full card number.

Payment networks also limit transactions. For instance, Square’s Tap-to-Pay on iPhone has limits (e.g. $50,000 per tap, $10,000 per physical card) to prevent misuse. Most Tap-to-Phone systems require the merchant to authenticate with the phone or app (via PIN or biometrics) before processing a payment, which helps protect against loss or theft.

Costs and Fees

The financial upside is enormous: no more terminal costs. Tap-to-Phone eliminates the hardware expense. Merchants use the devices they already own. This means zero upfront equipment cost for the POS. (Merchants do still need a valid payment account or gateway, but those costs are unchanged.)

Regarding processing fees, Tap-to-Phone generally applies the same rates as other in-person transactions. Providers typically charge a flat per-transaction fee (e.g., around 2-3% plus a few cents) in the U.S. These rates are comparable to, or even lower than, traditional card-present rates for small merchants. There are no surprise add-on charges specific to Tap-to-Phone; the merchant pays their usual payment-processing rate.

Ultimately, Tap-to-Phone can reduce the overall cost of accepting payments. A merchant no longer needs to lease or replace an aging terminal or printer. The only cost is the marginal processing fee on each sale. For many small businesses, the ability to accept card payments (and capture more sales) far outweighs the small percentage fee.

Leveling the Playing Field

Perhaps the most significant impact is how Tap-to-Phone democratizes commerce. No longer do only big stores or chains look polished at checkout. Now the smallest merchant can accept a customer’s tap just as smoothly. A backyard craftsman or an independent plumber can look just as modern as a department store cashier. This helps small sellers compete: they can offer the same quick in-aisle checkout as big retailers.

That means a contractor at a home improvement store or a florist at a farmers’ market can tap to pay without any bulky equipment. A boutique retailer can take both credit card and wallet payments in a single tap. Customers, in turn, are more willing to pay by phone or card rather than only in cash. The net result is more sales and growth for businesses that might otherwise have been cash-only.

Conclusion

Turning smartphones into payment terminals is no longer science fiction – it’s happening now, at lightning speed. Tap-to-Phone lets any NFC-enabled Android or iPhone accept contactless payments with just a downloaded app. The setup is straightforward, security is top-notch (on par with chip cards), and costs are minimal compared to buying a card reader. For small and mobile businesses, from food trucks and flower shops to consultants and salons, the benefits are enormous: instant card acceptance anywhere, a professional-looking checkout, and the ability to tap into more sales.

With Visa and Mastercard championing the trend, and hundreds of thousands of merchants already equipped, Tap-to-Phone is reshaping commerce at the grassroots. It truly is a tap into the future, where even the tiniest vendor has the same checkout power as any big-box store. As more consumers adopt digital wallets and prefer contactless payments, a Tap-to-Phone solution ensures a business never misses a sale. In short, the smartphone has officially become the ultimate portable cash register.

Frequently Asked Questions

What is Tap-to-Phone (SoftPOS), and how is it different from a traditional card terminal?
Tap-to-Phone turns an NFC-enabled smartphone into a contactless payment terminal using a certified app. It works like a traditional POS, but without extra hardware—everything runs securely on the phone you already own.
What devices do I need to start accepting Tap-to-Phone payments?
You need an NFC-capable Android phone or a supported iPhone (typically iPhone XS or later), plus a certified Tap-to-Phone app. A standard merchant or payment account is also required to process transactions.
What types of payments can customers use with Tap-to-Phone?
Customers can pay with contactless credit and debit cards and mobile wallets such as Apple Pay, Google Pay, and Samsung Pay. NFC-enabled wearables, such as smartwatches, are also supported.
Is Tap-to-Phone secure for merchants and customers?
Yes, Tap-to-Phone uses the same EMV encryption and tokenization as traditional contactless terminals. Card details are never exposed, and transactions follow strict PCI security standards.
How much does Tap-to-Phone cost to use?
There is typically no hardware cost since you use your existing phone. Merchants usually pay standard in-person processing fees per transaction, similar to traditional card-present payments.

Preparing for PCI DSS 4.0 Compliance in 2026

Meeting the new PCI DSS 4.0 compliance standards remains a significant challenge for merchants in 2026. Preparing for PCI DSS 4.0 is crucial for anyone handling credit card data, including local mom-and-pop shops, as it helps prevent data breaches and avoid costly fines.

In this blog, we break down the most critical changes in PCI DSS 4.0 (from multi-factor logins to continuous security monitoring), and provide a practical compliance checklist tailored for small businesses. We’ll also explain how to implement new requirements (such as stronger passwords and anti-fraud measures) at low cost and highlight the real benefits of compliance (such as preventing breaches and maintaining customer trust). By the end, you’ll know exactly what steps to take to stay PCI compliant and protect customer data under the latest rules.

Why PCI DSS 4.0 Compliance Matters for Small Merchants (and Their Payment Partners)

Secure merchant payment processing with Host Merchant Services.

If your business accepts credit or debit cards, PCI DSS compliance isn’t optional – it’s a contractual obligation and a smart business move. The Payment Card Industry Data Security Standard (PCI DSS) 4.0 is the latest version of the rules that all merchants and payment service providers must follow to protect cardholder data. This new version fully replaces the 3.2.1 standard (retired in 2024) and introduces stronger security requirements to address today’s threats. By 2026, PCI DSS 4.0 will be fully effective, meaning every merchant – from single-location retailers to online startups – must meet the updated requirements.

Small businesses might think they’re too small to be targets, but the reality is that cybercriminals often go after easier prey. In recent years, nearly half of data breaches have impacted small or medium-sized businesses. A breach at a small merchant can be devastating – leading to financial loss, legal liability, loss of customer trust, and even the inability to continue accepting cards. PCI DSS 4.0 is designed to help prevent these disasters by raising the security baseline for everyone handling card data.

Payment partners (such as payment processors, gateways, and other service providers) are also a critical part of this ecosystem. PCI DSS 4.0 places greater accountability on these partners to consistently uphold security standards and help merchants remain compliant. In other words, security is a shared responsibility. If you’re a merchant, you should work closely with your payment providers to ensure both sides meet the new standards. If you’re a payment service provider, you’ll need to support your merchants by providing secure solutions and guidance, since your compliance affects theirs.

What’s New in PCI DSS 4.0?

PCI DSS 4.0 compliance for secure payment processing at Host Merchant Services.

PCI DSS has always been built around 12 core requirements (from maintaining secure networks and managing vulnerabilities to protecting data and controlling access). Version 4.0 builds on this foundation but updates many specific rules to enhance security. Here are the most critical changes in PCI DSS 4.0 that every merchant should understand:

Multi-Factor Authentication (MFA) for All Access:

The new standard significantly expands the use of multi-factor logins. Previously, you only needed MFA for remote administrative access. Now, every user who accesses the cardholder data environment (systems that store or process cardholder data) must use MFA, whether on-site or remote.

This means employees and admins alike will need to provide at least two forms of authentication (e.g., a password and a one-time code or biometric) to log in to sensitive systems. This change is designed to prevent unauthorized access even if passwords are stolen, significantly reducing the risk of a breach.

Stronger Password Requirements:

Say goodbye to short, old passwords. PCI DSS 4.0 raises the bar for password security. Passwords must be longer (a minimum of 12 characters) and should be more complex or phrase-based to improve their strength. The new standards also encourage alignment with modern best practices (such as not requiring arbitrary, frequent changes unless there’s suspicion of compromise, and instead focusing on password length/complexity and checking against known breached password lists).

For a small business, this means updating your password policies so that all staff with access to payment systems use strong, unique passphrases. Weak passwords are a common vulnerability, so this update helps ensure that a stolen or guessed password won’t be an easy entry point for attackers.

Continuous Security Monitoring:

Under PCI DSS 3.x, many security activities were performed periodically (e.g., quarterly scans or annual reviews). Version 4.0 emphasizes continuous compliance and monitoring. This means businesses should not treat PCI as a once-a-year checklist, but rather maintain security vigilance every day. The standard encourages real-time log monitoring, intrusion detection systems, and more frequent checks of your controls.

In practice, a small merchant might set up alerts for suspicious activity on their payment systems, regularly review security logs (or use a service to do so), and frequently test their defenses. The goal is to catch and fix issues before they lead to a breach, rather than just discovering them at the yearly audit.

Enhanced Anti-Fraud and Threat Detection Measures:

The updated standard acknowledges the evolving threat landscape, including web skimming (Magecart attacks on e-commerce sites), phishing, and other fraud schemes. New requirements in 4.0 focus on mitigating these threats. If you run an e-commerce website, PCI DSS 4.0 now requires you to ensure that any scripts or third-party content that run on your payment pages are authorized and monitored for changes (to prevent malicious code injections that steal card data).

There’s also a broader emphasis on maintaining up-to-date anti-malware software and having processes to detect and respond to suspicious activities.

Flexible, Customized Implementation (Outcome-Based Focus):

One of the philosophical changes in PCI DSS 4.0 is an allowance for a “customized approach” to meet specific security objectives. Large organizations with advanced security teams might design alternative controls that achieve the goal of a PCI requirement in a different way (with approval from a PCI assessor). While most small businesses will follow the defined requirements, it’s helpful to know that the standard is becoming more flexible and risk-based.

Essentially, PCI 4.0 focuses on security outcomes (the actual effectiveness of protecting data) rather than a checkbox process. This means you have some leeway to implement security in a way that fits your environment – as long as you meet the intent of the rules. If a new technology or process can better secure card data, PCI allows it, provided you document it and a QSA (Qualified Security Assessor) validates that it meets the objective.

Greater Accountability for Third-Party Service Providers:

Many small merchants rely on third parties – such as payment processors, cloud hosting providers, or IT contractors – that can affect cardholder data security. Under PCI DSS 4.0, there is a stronger emphasis on ensuring service providers are held to high standards and that merchants maintain oversight of those partnerships. This includes having clear agreements that the vendor will adhere to relevant PCI requirements, and obtaining proof of their compliance (e.g., requesting their PCI Attestation of Compliance certificate annually).

For the merchant, this means actively engaging with your partners: ask whether they are PCI DSS 4.0 compliant, inquire about how they protect your customers’ data, and ensure that security roles and responsibilities are well-defined. Payment partners will be conducting more frequent security assessments and are expected to be transparent about their controls. This change is ultimately good for merchants because a secure supply chain means fewer weak links in protecting card data.

Updated Encryption and Security Technologies:

PCI DSS 4.0 updates various technical requirements to keep pace with evolving security standards. For instance, encryption standards for data in transit and at rest have been strengthened. You must use strong encryption (e.g., TLS 1.2+ for data transmission and robust algorithms for any stored card data) to prevent hackers from eavesdropping or stealing readable data. If you’ve been using old protocols or weaker cryptography, now is the time to upgrade.

Additionally, there are updates to requirements around firewalls, change management, and testing. The standard even addresses emerging technologies (such as cloud and API security) as the payments landscape evolves. For a small business, ensuring your payment devices, POS systems, and websites use up-to-date software and encryption is key. Often, this is as simple as keeping your systems patched and using payment solutions from reputable, PCI-compliant providers that automatically include these security features.

PCI DSS 4.0 Compliance Checklist for Small Businesses

Efficient payment processing solutions for your business at Host Merchant Services.

Becoming PCI DSS 4.0 compliant can feel overwhelming, especially with limited IT resources. To help, we’ve compiled a practical checklist of steps and best practices tailored for small merchants. Use this as a roadmap to prepare for a PCI 4.0 assessment (or self-assessment) in 2026:

Understand Your Cardholder Data Environment (CDE):

Start by identifying where cardholder data is captured, transmitted, or stored in your business. This could be your point-of-sale terminal, your e-commerce website, a customer database, or even paper records. Map out all the systems and processes involved in processing payments.

The goal is to know what parts of your business must be secured under PCI rules. If possible, reduce your scope by eliminating the storage of card data you don’t need, or by using tokenization/encryption services so you don’t store raw card numbers. A smaller CDE means fewer things to secure and monitor.

Update Authentication Measures (Passwords & MFA):

Implement the new authentication requirements across your systems. Ensure that every user account that can access the CDE has multi-factor authentication enabled. Most cloud services or payment portals offer MFA options (like an authenticator app or SMS code – though app or hardware token is preferred for better security).

Also, update your password policy: require at least 12-character passwords or passphrases, and encourage a mix of uppercase, lowercase, numbers, and symbols (or use passphrases that are hard to guess but easy for employees to remember). Don’t allow default passwords or shared accounts. Consider using a password manager to help employees manage complex passwords. This step will address some of the most significant changes in PCI 4.0 related to access control.

Review and Enhance Your Network Security:

Make sure you have a firewall installed and properly configured to protect your network (e.g., the network your card payment systems are on). Verify that you’re not using vendor-supplied defaults for system passwords or security settings on your routers, wireless access points, and other devices – change them to secure values.

Segment your network so that systems handling card data are isolated from public internet-facing segments or other parts of your business network if possible. For example, your store’s Wi-Fi for customers should be completely separate from your payment-system network. PCI DSS requires these basics, and PCI DSS 4.0 continues to emphasize strong perimeter and internal defenses.

Protect Cardholder Data with Encryption:

Ensure that stored card data (if any) is encrypted using strong cryptography, or, better yet, avoid storing card numbers at all if you can. If you store any card data (including for recurring billing or customer profiles), use approved encryption methods and restrict access to only those who need it. For data in transit, confirm that you use secure protocols – for instance, your payment terminal or website shopping cart should be sending card data over HTTPS/TLS (not HTTP).

Under PCI 4.0, older encryption protocols are not permitted; verify that all your systems use up-to-date, secure versions. If you use a payment service provider, much of this is handled by them, but it’s your job to ensure it’s in place. Don’t forget to protect any paper records (e.g., receipts or forms with card numbers) by securing them or, ideally, not writing full card numbers.

Maintain Vulnerability Management and Software Security:

Set up a process to regularly scan and update your systems for vulnerabilities. PCI DSS has long required quarterly external vulnerability scans (usually done by an Approved Scanning Vendor). Make sure you are performing these scans or working with a provider who does. Additionally, apply security patches to your point-of-sale software, e-commerce platform, and any other relevant systems promptly – especially patches for critical security issues.

In PCI DSS 4.0, there’s an emphasis on continuous vulnerability management, so consider scheduling automated scans or at least monthly check-ins to stay current. If you have a website, use a web vulnerability scanner or enable your hosting provider’s security scan service. Also, ensure anti-malware software is running on all computers and servers in scope. Secure coding practices should be followed for any custom applications (or verify your software vendors follow them). Essentially, don’t let known security holes linger in your environment.

Implement Continuous Monitoring and Logging:

Enable logging for all systems that handle card data, and ensure the logs (records of activities such as logins, card data access, firewall events, etc.) are monitored regularly. For a small business, “continuous monitoring” can sound daunting, but it could be as simple as using built-in tools or affordable services that alert you to unusual events. Ensure your point-of-sale system logs administrative actions and that you review those logs or receive email alerts for suspicious login attempts.

If you have an IT service provider, ask if they can set up intrusion detection or file integrity monitoring on your systems. These tools will notify you if anyone attempts to tamper with critical files or settings. Regularly review user accounts and access rights (PCI 4.0 suggests making this a more frequent habit, not just an annual task).

Tip: Many payment platforms and merchant gateways now offer dashboards that show you security health or even include fraud monitoring – take advantage of those features to keep an eye on things in real time.

Train Your Staff and Establish Security Policies:

Even the best technology can fail if people aren’t trained. Ensure that you have basic security policies and procedures in place, and that all employees who handle payments or work on systems in scope are aware of them. For example, have a clear policy on how to handle card data (e.g., don’t write down CVV codes or email card numbers) and on what to do if they suspect a security incident.

Train employees on the new PCI DSS 4.0 requirements, including proper MFA use and how to identify phishing emails that could steal their credentials. Training doesn’t have to be overly formal – even a short briefing or an online training module once or twice a year can significantly improve awareness. Make security part of your business culture so everyone works together to protect customer data.

Work With Your Payment Partners:

Reach out to your payment processor, bank, or any other service providers to discuss PCI DSS 4.0. They might already have tools or guidance available to help small merchants comply (for example, some providers offer a portal to help generate your Self-Assessment Questionnaire and may include services like scanning or training at low or no cost). Verify that your partners are compliant with 4.0; you can request their latest Attestation of Compliance (AOC). If you use a web hosting or IT support company, ensure they understand the new requirements for your services.

Clarify who is responsible for each aspect of security. If you rely on a third-party online shopping cart, does it handle encryption and secure storage? If so, get documentation of how they meet PCI requirements. Cooperation with partners will make your compliance journey much easier, and it’s a requirement that you only work with compliant service providers.

Document Everything and Complete Your PCI Validation:

Finally, maintain good documentation of your compliance efforts. PCI DSS requires evidence for each control – such as policies, system configurations, or scan reports. Keep a file (digital or physical) with all relevant documents: network diagrams of your CDE, copies of security policies, employee training logs, screenshots or settings proving you’ve enforced 12-character passwords and MFA, encryption keys management procedures, etc.

When it’s time to validate compliance (usually once a year), most small merchants can do a Self-Assessment Questionnaire (SAQ) rather than a full on-site audit. There are different SAQ types depending on how you process cards (your bank or PCI SSC’s website can guide you to the right one). Complete the SAQ honestly, address any gaps you identify, and submit it, along with any required scan results, to your acquiring bank or merchant processor.

Completing this annual attestation is not only required to demonstrate compliance, but it also compels you to review your security posture regularly. In 2026, ensure you’re using the updated SAQ forms for PCI 4.0, as they have changed from the 3.2.1 version to include new questions (like those about MFA and updated password rules).

Implementing PCI 4.0 Requirements on a Small-Business Budget

Secure payment processing checklist for Host Merchant Services.

One of the biggest concerns for small merchants regarding PCI DSS 4.0 is cost, but compliance does not have to be expensive when approached strategically. Many businesses can start by leveraging the technology they already use, as modern point-of-sale systems and e-commerce platforms often include built-in security features such as encryption, firewalls, and multi-factor authentication that need to be enabled.

In addition, a wide range of free or low-cost security tools, such as authenticator apps for MFA, affordable password managers, open-source antivirus and intrusion detection tools, and basic firewall capabilities on existing routers, can significantly improve security without major investment. Costs can also be reduced by outsourcing sensitive payment functions to PCI-compliant providers via tokenization or hosted payment pages, which limit the amount of card data a business handles and reduce compliance scope.

When budgets are tight, merchants should prioritize spending based on risk, focusing first on the controls that address their most significant threats, whether that is web security for e-commerce sites or secure card readers and network protection for brick-and-mortar stores. Small businesses can further benefit from free guidance and assistance programs offered by merchant banks, industry groups, and the PCI Security Standards Council, which help reduce consulting and implementation expenses.

Rather than attempting a costly overhaul, incremental upgrades spread over time can make compliance more manageable, especially when combined with retiring unnecessary systems. Ultimately, investing in PCI compliance is far less costly than dealing with the financial and reputational damage of a data breach, and many small businesses find that improved security leads to greater efficiency, reduced fraud, and increased customer trust.

The Benefits of Embracing PCI DSS 4.0 Compliance

Complying with a security standard might feel like doing homework because you “have to,” but there are genuine business benefits to embracing PCI DSS 4.0 compliance, especially for small merchants:

Preventing Breaches and Avoiding Disaster:

The most obvious benefit is a significantly reduced risk of a data breach. By following PCI 4.0’s guidelines, you are implementing strong security practices – like using MFA, encryption, and continuous monitoring – that make it much harder for attackers to succeed. This can save you from the nightmare scenario of compromised customer card data. Consider what a breach could mean: you might have to pay for forensic investigations, incur heavy fines from card brands, face potential lawsuits, and cover the cost of providing credit monitoring for affected customers.

Many small businesses never recover from a significant cyber incident. Compliance is like an insurance policy: it’s better to have controls in place than to pick up the pieces after a security disaster. In short, prevention is far cheaper and easier than dealing with a breach.

Avoiding Fines and Penalties:

While the primary goal of PCI DSS is security, there’s also a compliance enforcement aspect. If you are found grossly non-compliant, especially in the event of a breach, you could face fines from your acquiring bank or payment brands. Additionally, you might lose the ability to process credit cards if you’re deemed too high-risk. By staying compliant with 4.0, you keep your business in good standing with banks and avoid those penalties.

Also note that some of the new 4.0 requirements (the “future-dated” ones) have a grace period until 2025; failing to implement them by their deadline could result in non-compliance. Avoiding these situations by being proactive ensures you won’t be surprised by fees or higher transaction costs.

Protecting Your Reputation and Customer Trust:

Customers today are pretty aware of data breaches and identity theft. When they hand over their card or enter their payment details on your website, they’re putting trust in your business. A publicized breach can severely damage that trust – customers may take their business elsewhere, and it can be hard to win them back.

On the flip side, being able to confidently tell your customers (or display on your website/store) that you take security seriously and are PCI DSS compliant can be a selling point. It shows that even as a small business, you hold yourself to high security standards. Over time, this builds a strong reputation as a safe place to shop. It can set you apart from competitors who may not be as diligent. Trust is invaluable to customer loyalty, and security is a key factor in maintaining it.

Operational Improvements:

Following PCI DSS 4.0 can also inadvertently improve your overall operations. For example, the push for continuous monitoring means you’ll likely catch IT issues early (not just security issues, but possibly other system errors), which can improve uptime. The requirement for up-to-date systems may prompt you to upgrade legacy hardware or software that was slowing your business processes.

Training staff on security can also make them more aware of other aspects of their work and help prevent mistakes (for example, phishing awareness can help employees avoid clicking malicious links that could disrupt your business with malware). Many merchants find that after implementing PCI controls, they experience fewer incidents, less downtime, and more streamlined processes, which can save time and money over the long term.

Competitive Advantage and Partner Confidence:

As larger companies and even consumers become more security-conscious, they prefer to do business with compliant vendors. For example, a corporate client might ask if you are PCI compliant before signing a contract with you. If you can confidently say yes and even outline the strong measures you have in place thanks to PCI 4.0, it could win you business. Likewise, payment partners (such as banks and vendors) prefer working with merchants that maintain compliance, as it reduces everyone’s risk.

In some cases, being compliant might also help with other regulations or standards (PCI DSS’s best practices overlap with general cybersecurity good practices), so you’re better positioned if new laws or requirements come up. In short, security can be a selling point and a requirement in B2B relationships – by being ahead on PCI DSS 4.0, you’re positioning your business as a trustworthy and professional operation.

Conclusion

Preparing for PCI DSS 4.0 compliance in 2026 is achievable for small merchants with a straightforward, proactive approach. The updated standard strengthens security against modern threats, and steps such as multi-factor authentication, stronger passwords, regular system monitoring, and close coordination with payment partners can significantly reduce risk.

Using a practical checklist and trusted resources from the PCI Council and your payment provider helps turn compliance into manageable actions. PCI compliance is an ongoing responsibility, and treating it as part of daily operations helps build customer trust, protect sensitive data, and support long-term business stability.

Frequently Asked Questions

Do all small merchants need to meet every PCI DSS 4.0 requirement?
Not necessarily. The exact requirements depend on how you accept, process, and store card data. Many small merchants qualify for a reduced compliance scope if they use PCI-compliant payment terminals, hosted checkout pages, or tokenization that keeps card data out of their systems.
What happens if a merchant is not PCI DSS 4.0 compliant in 2026?
Merchants that fail to meet PCI DSS 4.0 requirements may face higher processing fees, monthly non-compliance penalties, increased scrutiny from banks, or account termination after a data breach. Non-compliance also increases liability if cardholder data is compromised.
Can PCI DSS 4.0 compliance be handled without in-house IT staff?
Yes. Many small businesses achieve compliance by working with PCI-compliant payment providers, managed security services, and third-party scanning vendors. Using hosted payment solutions and cloud-based tools significantly reduces technical complexity.
How long does it typically take a small business to prepare for PCI DSS 4.0?
Preparation timelines vary, but most small merchants can complete initial PCI DSS 4.0 readiness within a few weeks if systems are already modern and payment partners are compliant. Businesses with outdated hardware or unclear data flows may need additional time.
Is PCI DSS 4.0 a one-time upgrade or an ongoing requirement?
PCI DSS 4.0 is an ongoing compliance requirement. Merchants must continuously maintain controls, monitor systems, train staff, and validate compliance annually to remain in good standing and reduce security risk.

AI Meets Commerce: Personal Shopping Assistants and Agentic Payments

Advances in artificial intelligence are rapidly transforming how we shop and pay online. Today’s AI shopping assistants can converse with users, answer product queries, compare options, and even complete transactions. At the same time, payment networks are developing new tools that let AI agents handle routine tasks, such as invoicing and checkout, via simple chat prompts.

Together, these developments herald an era of agentic commerce, where intelligent assistants do more than fetch information – they act on behalf of customers and merchants. PayPal now offers its users early access to Perplexity’s new AI “Comet” browser, which features an integrated AI assistant, native answer-focused search, and product comparisons. Comet serves as a personal shopper within the PayPal app.

Likewise, Visa and Mastercard are rolling out developer toolkits to let both coders and non-technical teams create AI-driven payment agents by typing simple requests (e.g., “generate an invoice” or “create a payment link”). These tools – built on Visa’s Intelligent Commerce platform or Mastercard’s new agentic payments framework – handle everything from completing transactions to summarizing revenue reports, all via conversational commands. This article explores these innovations, from front-end shopping bots to back-end payment assistants, and how they are ushering in a new age of AI-driven commerce.

How AI Shopping Assistants Are Reshaping the Buying Experience

Efficient Host Merchant Services for seamless payment processing and business growth.

AI shopping assistants are intelligent virtual concierges that help customers find and buy products. Unlike static search, these assistants use natural language processing and large language models to interact in real time. In other words, an AI shopper works like a personalized digital sales agent. AI shopping assistants are no longer optional – they’re essential for meeting modern consumer expectations.

They promise shoppers faster results, personalized recommendations, and on-the-spot comparison shopping at scale. A consumer might ask an assistant, “What are the best running shoes under $100?” and receive a curated list of relevant products with pros/cons. These assistants can also handle follow-up questions (“How do they differ?”) or even complete the checkout, all within the same interface.

PayPal’s recent partnership with Perplexity is a prime example. In September 2025, PayPal announced that U.S. PayPal and Venmo users could skip the waitlist for the Perplexity Comet browser by signing up for a free 12-month trial. Comet is like a personal shopper and personal assistant all in one. Instead of bouncing between apps, users can now do AI-powered product research and comparisons from within PayPal’s interface. This tight coupling means a user could, for instance, discover a deal and immediately pay for it without leaving the PayPal app.

Beyond PayPal, other tech companies are embedding AI into shopping workflows. OpenAI’s ChatGPT has added new shopping features: it now offers a “Shopping Research” mode (introduced November 2025) that builds personalized buyer’s guides based on user queries. For complex questions (“Find a quiet stick vacuum under $150 for a small apartment,” etc.), ChatGPT will ask clarifying questions and present a researched comparison of options as a conversational guide.

In late 2025, OpenAI also launched Instant Checkout within ChatGPT (in partnership with Stripe), allowing users to purchase from supported merchants directly in chat. This means you can find an item in ChatGPT’s search results and tap “Buy” to pay immediately, without leaving the conversation.

These examples highlight how conversational AI is turning e-commerce into a dialogue: users ask; the AI responds with choices and even handles checkout. The result is a more natural, guided buying experience. Compared to older rule-based bots, modern AI assistants can interpret nuanced queries, learn about personal preferences, and proactively suggest relevant deals.

Because they can pull real-time data from thousands of sources, today’s shopping assistants are much more versatile. In retail, brands report that these tools can boost customer engagement and sales: studies show that intelligent shopping assistants help increase average order value and reduce service costs by handling routine queries. With 24/7 availability, they support customers at any time without added staff costs.

Agentic Payments and AI-Driven Checkout

Smartphone with payment analytics and a robot mascot, representing Host Merchant Services' payment processing solutions.

Behind the scenes, payment networks and fintech companies are also racing to support this new AI-driven commerce. In the “agentic commerce” model, the AI assistants described above act as agents that carry out transactions on behalf of users, but this requires a new payment infrastructure to ensure safety and efficiency. Agentic commerce is where AI agents can browse, purchase, and manage transactions on behalf of users, securely and with minimal friction. This means connecting AI agents to the payment network and merchant systems with strong security controls and easy integration.

Visa has been particularly active with this vision. In April 2025, Visa launched the Visa Intelligent Commerce initiative, a set of APIs and protocols to enable agent-led shopping. By September 2025, it announced two primary tools. First, a Model Context Protocol (MCP) Server that acts as an integration layer: AI agents can now plug into Visa’s Intelligent Commerce APIs via MCP, avoiding weeks of custom coding. Second, a new Visa Acceptance Agent Toolkit (in pilot) that lets even non-coders use plain-language prompts to trigger payment actions.

The Toolkit provides prebuilt workflows (such as invoicing and “pay by link” generation) and enables users to type commands in a simple chat interface. A merchant support agent could chat, “Create an invoice for $100 for John Doe, due Friday,” and the AI would automatically call the Visa Invoice API and generate a payment link, without any manual development.

Similarly, a business analyst could ask, “Create a summary of today’s revenue across all invoices,” and the agent would securely query the transaction data and compile the report.

Mastercard is pursuing parallel strategies. In September 2025, the company announced a suite of agentic commerce tools and standards. A significant focus is Mastercard Agent Pay, a framework working with industry partners (Stripe, Google, Ant, etc.), so that by the holiday season, all U.S. Mastercard accounts can participate in AI-enabled checkout. To help developers, Mastercard unveiled:

Agent Toolkit: Available via the Mastercard Developers portal, this toolkit lets AI assistants consume Mastercard’s API documentation via the MCP server (as with Visa’s). An AI agent can use natural language to discover and call Mastercard payment APIs, integrating with platforms like GitHub Copilot or browser extensions.
Agent Sign-Up: A mechanism for companies to register and identify their AI agents, so that the payment network can authenticate the agent’s identity before enabling transactions.
Insight Tokens: Permissioned data tokens that allow AI agents to retrieve personalized or contextual information (like loyalty balances) with user consent. This builds Mastercard’s existing token and loyalty technology to deliver tailored recommendations in an authorized way.
Agentic Consulting: Mastercard is also offering expert consulting services to help banks, merchants, and developers design compliant AI shopping solutions.

These tools aim to lower the barrier for building intelligent payment experiences. Together, Visa’s and Mastercard’s initiatives provide APIs, standards, and safety rails so that AI agents can reliably handle orders, payments, and settlements. Crucially, they emphasize security and trust: for example, Visa’s Intelligent Commerce program ties together tokenization, authentication, spending controls, and privacy safeguards into a cohesive system.

And both companies are working on protocols to recognize legitimate agents: Visa published a Trusted Agent Protocol (in partnership with Microsoft and Cloudflare) to signal agent intent and verify shopper consent. Mastercard similarly stresses that it will register and authenticate any agent before a transaction.

Key Examples and Capabilities

Instant Invoicing & Analytics: Using the Visa Acceptance Toolkit, a non-technical user can type a request like “Create an invoice for $100 for John Doe, due Friday.” The system then calls Visa’s invoice API and returns a payment link automatically. Similarly, asking “Summarize today’s revenue” triggers an analysis of transaction data and the generation of instant reports. This means businesses can automate billing and reporting tasks with simple language.
Plain-Language Integration: Both Visa and Mastercard emphasize “no-code” access. Visa’s toolkit requires no coding and uses plain prompts. Mastercard’s Agent Toolkit via MCP makes API documentation machine-readable so that AI tools can understand and use it. Agents can interpret requests and apply Visa APIs “in new contexts,” considerably speeding up development.
AI-Driven Checkout: On the consumer side, tools like OpenAI’s Agentic Commerce Protocol enable ChatGPT to complete checkout on sites (via Stripe) with one click. The Agentic Commerce Protocol, which Visa and others support, defines how order details flow from the AI to merchants’ systems. Shopify, Etsy, and many payment partners are already aligned with this emerging standard. Similarly, Google introduced its own Agent Payments Protocol (AP2) for secure AI transactions in late 2025. These efforts indicate that big tech players are converging on open standards for agentic commerce.

Collectively, these back-end innovations create a new layer of commerce where AI agents and financial networks speak the same language. Developers can now focus on AI behavior, while standardized protocols handle plumbing payments.

Soon, shoppers could tell their phone or chatbot to buy a recommended product and rest assured that the network will securely route the transaction through the correct channels.

AI Shopping Assistants – Benefits, Challenges, and Outlook

Merchant services with Host Merchant Services for seamless payment processing solutions.

The rise of AI shopping assistants and agentic payments promises several benefits. For consumers, the experience becomes far more convenient: the AI assistant handles tedious tasks such as searching across dozens of sites, tracking orders, and entering payment details. Personalization can also be improved by using AI to automatically surface deals or reward points based on a shopper’s past behavior and loyalty data (via insight tokens).

Early adopters report higher engagement and conversion rates: retailers using AI shopping agents find that customers discover products faster and complete purchases more often. For businesses, these tools can reduce support costs by automating routine inquiries (e.g., refund status or order updates) and increase sales by embedding the checkout right into conversational interfaces.

On the industry side, agentic commerce opens new opportunities. Online marketplaces and payment platforms gain fresh touchpoints with customers. Payment networks can reinforce their central role by powering these AI assistants behind the scenes. For example, by serving as the default payment rails for agentic transactions, Visa and Mastercard hope to extend their reach into AI-driven ecosystems. Fintech innovators like Stripe and Square are also building APIs (Stripe co-developed OpenAI’s protocol) so that their merchant customers can join this trend seamlessly.

However, there are challenges to address. Security and fraud prevention are paramount: networks must ensure that an AI agent truly represents an authorized shopper. That is why Visa and Mastercard emphasize verified agent identities and consent mechanisms. Privacy is another concern: because AI shopping might draw on personal data, systems must minimize data sharing and use encryption (as stipulated by the Agentic Commerce Protocol).

Regulations may eventually require new disclosures or require opt-in for AI-driven purchases. Finally, there is the practical hurdle of adoption: merchants and developers will need time to integrate these new APIs and trust the system. Both Visa and Mastercard note that their pilots will gradually scale – for instance, Mastercard plans a broad roll-out of its Agent Pay system by the 2025 holiday season.

Looking ahead, AI in commerce seems poised to grow rapidly. Industry analysts predict that agentic AI could account for many billions of dollars in online sales. Already, holiday season data has shown surges in AI-driven shopping traffic (one analysis found generative-AI referrals to retail sites jumping 4,700% by mid-2025).

As more consumers experiment with voice assistants, chatbots, and AI browsers, the volume of agent-led purchases will rise. The ecosystem is also aligning: major platforms like Shopify, Salesforce, and even Google are integrating agentic standards.

Conclusion

We are at the cusp of a new phase of digital commerce. AI shopping assistants are moving beyond novelty to become everyday tools, and payment providers are racing to back them with secure infrastructure. This is a shift where one prompt, one payment, one breakthrough at a time will redefine the shopping experience.

By blending seamless search, personalized recommendations, and conversational checkout, AI agents promise to make buying faster, easier and more intelligent. Consumers and businesses who embrace these agentic tools stand to benefit from greater convenience and efficiency, even as the industry works to ensure trust and safety in this bold new era of AI commerce.

Frequently Asked Questions

What are AI shopping assistants, and how do they improve the buying experience?
AI shopping assistants are virtual agents powered by natural language processing and large language models. They help customers search for products, compare options, ask follow-up questions, and even complete purchases. They streamline shopping by turning it into a conversational, guided experience that’s faster and more personalized than traditional search or browsing.
What is “agentic commerce” and why is it important?
Agentic commerce is a new model in which AI agents can independently browse, evaluate products, and manage transactions on behalf of users. This approach reduces friction at checkout, automates routine tasks, and enables seamless end-to-end shopping—from discovery to payment—using simple conversational prompts.
How are payment networks enabling AI-driven checkout?
Payment networks are developing toolkits and protocols that let AI assistants securely interact with their APIs. These include plain-language tools for generating invoices, payment links, and revenue summaries, as well as authentication systems to verify an AI agent’s identity. Together, these technologies enable AI agents to initiate and complete transactions for users safely.
Are AI-driven purchases secure?
Yes. Modern agentic payment frameworks emphasize security using tokenization, strong authentication, and consent verification. Payment networks and fintech companies are introducing protocols to confirm that an AI agent truly represents the user and is authorized to complete the transaction, helping prevent fraud and misuse.
How will AI change online shopping in the near future?
AI is expected to play a significant role in online commerce, with shopping assistants handling product research, comparisons, and checkouts. As more merchants adopt agentic payment tools, customers will be able to complete purchases directly through chatbots, voice assistants, or AI browsers. This will make shopping faster, more personalized, and increasingly automated.

Bridging Cash and Digital: Fintech Solutions for the Cash Economy

The U.S. remains a cash-centric society even as digital payments grow. Studies show roughly 83% of adults used cash at least once in the last month, and cash still accounts for about 14-18% of all transactions nationwide. Low‑income and older Americans in particular rely heavily on cash, as 22% of payments by people over age 55 and 28% by households earning under $25,000 were made in cash.

Fintech firms are now building innovative services that turn physical cash into digital money. For instance, Green Dot’s recent partnership with Stripe lets users deposit cash at grocery and pharmacy registers in exchange for instant online account credits. These solutions ensure that cash‑preferring consumers and businesses can participate in the digital economy.

Merging cash and digital platforms is essential for financial inclusion and commerce. It lets underbanked households access online banking without a traditional bank account, and it opens new markets for merchants and fintech providers. Mobile wallets, prepaid cards, and embedded-banking APIs: fintechs are effectively “digitizing” cash by leveraging retail networks. This blog examines the scale of America’s cash economy, the fintech tools linking cash and digital, and why closing this gap benefits consumers, small businesses, and the broader economy.

The Enduring Cash Economy

Even after decades of credit cards, debit cards, and mobile payments, cash remains widely used. The Federal Reserve’s consumer payment surveys find that nearly 9 in 10 consumers hold or use cash, and cash accounts for roughly 1 in 5 transactions. “Cash” means anything from paper bills and coins to money orders and prepaid cash cards. Many Americans – not just the unbanked – prefer cash for everyday spending because it is familiar, private, and widely accepted. For example, 83% of U.S. adults used cash in the past 30 days, and 93% say they have no plans to stop using cash.

The cash economy is especially vital for specific groups. Millions of households lack a convenient bank account or digital payment method. About 5.6 million U.S. households (4.2%) were unbanked entirely in 2023 (no checking or savings account), and another 19.0 million (14.2%) were underbanked (they have an account but also rely on alternative financial services).

Unbanked and underbanked consumers typically earn less income or live in rural or minority communities, and they use cash and cash‑like services out of necessity. In fact, unbanked households are far more likely to pay bills or receive wages via paper channels: over 90% of those who used money orders did so to pay bills, and 75% of those who used check‑cashing did so to access pay or government benefits. This shows that for large segments of the population, cash isn’t just a preference – it’s an essential part of managing everyday finances.

Merchants and small businesses also drive cash usage. Many mom-and-pop shops, food trucks, and services still transact predominantly in cash. A company that sees mostly cash sales needs a way to deposit that cash or pay vendors digitally. Until recently, such merchants had to go to a bank branch or use expensive cash pickup services. Now fintech solutions are emerging that turn any store into a “de facto ATM” for cash deposits or digital credits.

These trends have not gone unnoticed by regulators and industry. The Federal Reserve and Treasury emphasize that Americans need accessible transaction accounts and cash services to avoid exclusion.

Fintech Innovations: Connecting Cash and Digital

Fintech firms have devised several approaches to bridge cash with digital money. Key strategies include leveraging retail networks, embedding banking services in platforms, and creating cash‑reload channels for online accounts. Some of the leading solutions are:

Retail Cash Deposit Networks:

Fintech platforms partner with retail stores (grocery, pharmacy, convenience) to accept cash deposits on behalf of digital accounts. Green Dot’s Arc platform powers a nationwide “Cash Access Network” of tens of thousands of stores. In a recent rollout, Stripe Treasury users can visit any of over 90,000 Green Dot retail locations (including Walmart, Walgreens, CVS, etc.) to deposit cash directly into their Stripe online account.

Likewise, small businesses can use Clip Money’s service: by partnering with Green Dot and major retailers, Clip Money lets business owners drop off cash at 4,000+ store counters to be deposited into a linked bank account. These networks work like distributed ATMs: the store collects the money, and the fintech (via its partner bank) credits the user’s digital balance instantly. Customers avoid bank branch visits or carrying large bills, while businesses (and gig workers) gain a safe, after-hours way to bank their cash revenues.

Cash‐to‐Wallet Reloads:

Payment services offer programs that allow consumers to convert cash into digital wallet balances or gift cards. A prominent example is Amazon Cash (launched in 2017) – users obtain a QR code (from the Amazon app or a printout) and go to a participating retailer (CVS, Speedway, Kum & Go, etc.). The cashier scans the code, and the customer hands over the desired amount in cash (typically $15–$500). Amazon then adds that amount to the customer’s Amazon balance instantly.

This lets cash-only shoppers pay on Amazon.com without a bank account or card. Similarly, PayPal and other e-commerce platforms partner with networks of retail cashiers and prepaid reload cards (e.g., Green Dot’s MyCash) to let users top up their online wallets. These cash-loading options “turn paper money into digital currency” with minimal friction for the user.

Embedded Finance APIs:

Fintechs are enabling “embedded finance” – integrating banking features into apps and platforms – so that non-bank companies can offer cash services without building a bank themselves.

Green Dot’s Arc is one such embedded finance platform: it provides a complete banking backend (FDIC‑insured accounts, transfers, processing) through a single API. By integrating Arc into Stripe Treasury, Stripe can treat cash deposits the same as other payment rails.

A Stripe customer (even a simple gig‐worker or marketplace seller) can receive cash via the Green Dot network and see it flow into their Stripe balance, all orchestrated behind the scenes by Green Dot’s embedded platform. Embedded finance abstracts away the complexity: merchants and app developers specify how much cash to add or withdraw, and the platform handles routing, compliance, and settlement.

Prepaid and Cash‐Reload Cards

Prepaid debit cards and reloadable gift cards also bridge the gap. Customers can buy a prepaid card (or use a card they already have) and add cash value at retail checkout. Services like NetSpend or InComm’s products allow users to swipe a prepaid card and hand over cash to reload it. The value is available immediately for online purchases or ATM withdrawals. Visa’s ReadyLink network and Blackhawk’s Reloadit provide storefronts for loading cards with cash.

For many underbanked consumers, a prepaid card loaded with cash offers a quasi-bank account: they can pay bills online, get direct deposit, or transfer money, all anchored by that cash balance. Many card providers find that making reloads secure, convenient, and cost-effective is key to helping underserved users shift into digital payments.

Kiosks and Partners:

Other models include money-order providers and automated kiosks. Coinstar machines let shoppers insert cash and convert it to an e-gift card or PayPal transfer (for a fee). Bitcoin or crypto ATMs turn cash into digital coins. Even local shops are becoming payment agents: Western Union or 7‑Eleven stores let customers deposit bills that can fund online accounts elsewhere.

And specialized apps like Sonect (in Europe) connect users with local businesses that will accept cash deposits on their behalf. In all cases, the principle is the same: a physical cash point is linked to a digital ledger so that the cash effectively “jumps onto the grid” when deposited.

These fintech solutions work together to close the cash loop. Retailers and payment processors jointly become surrogates for banks, addressing the needs of cash-reliant customers. Embedded finance platforms ensure this all happens within the regulated banking system, so funds remain insured and compliant even if the user never visits an actual bank.

Why It Matters: Inclusion and Opportunity

Bridging cash to digital payments has significant benefits for inclusion, businesses, and fintech innovation:

Serving Cash‑Dependent Consumers

About 5.6 million U.S. households (4.2%) are unbanked, and another 19.0 million (14.2%) are underbanked. For these Americans, convenient access to cash services is literally life-changing. By converting cash to digital balances, fintechs give unbanked people access to the broader financial system (online bill pay, e-commerce, P2P transfers, etc.) without forcing them to open a traditional account.

This helps low‑income, rural, and minority communities – Hispanic households are far more likely to be unbanked (10%) than White households (3%). Enabling cash deposits means these communities can participate in online banking, savings, and credit opportunities they were previously shut out of.

Empowering Small Businesses

Many small merchants operate primarily in cash and lack easy access to banking services. Fintech cash deposit networks turn local grocery stores, pharmacies, or convenience stores into mini-banking outlets. A café owner can drop off $500 of cash receipts at a neighborhood store on Sunday night and have that money in her digital payment account the next morning.

This reduces the operational burden of cash (safer transport, fewer armored trucks or cash pickups) and expands where businesses can bank (beyond bank branch hours). Especially in areas where banks are closing branches, the Green Dot network covers 96% of Americans within 3 miles of a cash point. That means even underbanked shops gain affordable banking services simply by partnering with fintech cash networks.

Enhancing Financial Inclusion

Globally, over 1.4 billion people remain unbanked. Fintech-led cash solutions contribute to the goals of financial inclusion (a focus of the U.S. Treasury’s strategy and international organizations). They make it easier to achieve key inclusion metrics: safe transaction accounts, digital payments access, and lower reliance on cash.

Fintech innovations such as mobile money and API banking have a proven track record of reducing poverty and boosting GDP in developing markets. In the U.S., enabling cash-to-digital flows helps historically underserved groups (older adults, low-income, immigrants) gain footholds in the mainstream financial system.

Opportunities for Merchants and Fintechs

Accepting cash and converting it to digital expands the potential customer base. Retailers that enable cash deposits can build loyalty among cash-paying customers. For fintech companies, these services open new revenue streams.

Green Dot, for example, and its partners may charge small fees or earn interchange on cash reloads. Prepaid card firms can increase card usage and demand for reload services. Overall, enabling cash broadens the market for digital payments.

Policy and Trust

From a regulatory perspective, cash‑to‑digital services can reduce the underground economy and improve tax compliance (digital trails record transactions that were previously anonymous). They also address social equity goals: by making banking more inclusive, fintechs can bolster community development and economic mobility. The U.S. government has explicitly targeted expanding access to basic transaction accounts as a policy objective.

Fintech solutions align with this by effectively providing “banking on demand” even where banks have retreated. Plus, by partnering with insured institutions (as embedded platforms do), these services keep consumer funds protected by regulation and deposit insurance.

Conclusion

Cash is not disappearing anytime soon, but fintech’s job is to meet people where they are. Through networks of retail partners, mobile APIs, and innovative prepaid products, today’s fintech companies are blurring the lines between physical currency and digital money. These bridges bring tangible benefits: unbanked individuals gain access to online financial tools; small businesses lower their banking barriers; merchants capture more sales; and fintech providers expand their markets.

Moving forward, we can expect continued innovation in this space. Regulators and policymakers will likely encourage more such solutions, given their alignment with inclusion goals. In the meantime, consumers and businesses alike stand to gain from a future where the physical and digital realms of money are seamlessly connected – ensuring nobody is left behind just because they carry cash.

Frequently Asked Questions

Why is bridging cash and digital payments important?
Because millions of Americans still rely heavily on cash, linking cash to digital accounts ensures they can access online payments, bill pay, and e-commerce without needing a traditional bank account. It directly supports financial inclusion.
How do fintech firms convert cash into digital money?
Fintechs partner with retail stores, kiosks, and prepaid card networks to accept cash and instantly credit it to a user’s digital wallet or account. These systems act like distributed ATMs, turning physical bills into usable online funds.
Who benefits most from cash-to-digital solutions?
Unbanked and underbanked consumers, small businesses with mainly cash sales, and older or low-income Americans. These tools give them convenient access to digital banking, safer cash handling, and broader economic participation.
What are some examples of fintech cash-deposit services?
Services like Green Dot’s retail cash network, Amazon Cash, PayPal reload cards, and Clip Money let consumers or merchants bring cash to participating stores and instantly add funds to their digital accounts—no bank branch visit required.
How do these solutions support financial inclusion and trust?
They expand access to regulated, insured financial services, even for people without bank accounts. By creating digital transaction trails, they reduce reliance on the informal cash economy and help integrate underserved communities into the financial system.

Cross-Border Payments Innovation: Fintech Partnerships Go Global

High costs, slow settlement times, and complex banking networks have long hampered cross-border payments. Sending money internationally often involves multiple intermediaries, costly correspondent banks, and manual processes – meaning payments can take days to clear and incur fees of 5-7% or more. Governments and industry groups have set goals to cut remittance costs (e.g., to 3% of amounts) and accelerate timelines, but until recently, progress was slow.

Now, new collaborations between fintech innovators and traditional banks/payment networks are changing the game. With the help of modern payment platforms, APIs, and distributed ledger technology, these fintech partnerships are beginning to deliver near-real-time transfers worldwide.

Developers and financial institutions are building on fintech infrastructures and shared standards (ISO 20022, APIs, fast payment schemes) to eliminate friction. This blog explores how such collaborations – from Mastercard’s payment network integration to bank-fintech pilots – are making international payments faster, cheaper, and more transparent. We cover the enabling technologies (blockchain, instant payment platforms, digital wallets, APIs) and highlight the benefits for businesses and consumers, including lower fees, faster settlements, and broader reach.

Why Old Cross-Border Payments Are Broken

Easy merchant bank transfer icons representing Host Merchant Services payment solutions.

International money transfers have traditionally relied on correspondent banking networks and manual reconciliation. Each cross-border transaction might pass through two or more correspondent banks, each charging fees and causing processing delays, resulting in high costs and slow speed. Recent reports suggest that as of 2023, the global average fee for sending $200 was over 6%, far above target levels. Within some corridors (e.g., Turkey-Bulgaria,) costs can exceed 50% due to multiple intermediaries. In addition, processing times often span days rather than hours, and payment details can get lost or delayed at each step.

Businesses feel these pains too. Companies paying suppliers overseas tie up cash while waiting for slow bank transfers. They also face opaque FX spreads and little visibility on payment status. For e‑commerce and gig‑economy companies, the inability to move funds instantly across borders limits growth. Likewise, consumers remitting money abroad pay high fees and endure delays. In many developing regions, remittance inflows are a lifeline; yet inefficiencies can mean households get less support.

The market size reflects the urgency for change. In 2024, the global cross-border payments market was already on the order of hundreds of billions of dollars (estimated ~$212.5 B in cross-border payment revenues, growing to ~$320.7 B by 2030). Even more telling is the volume of underlying cross-border flows because worldwide cross-border trade and transactions totaled about $195 trillion in 2024.

With such massive flows crossing borders annually, even small efficiency gains translate to substantial cost savings. This has spurred international initiatives such as the G20/FSB Roadmap, which sets targets for faster, cheaper, and more transparent cross-border payments by 2027.

Fintech–Bank Partnerships Transforming Global Transfers

In response, banks and fintech firms are partnering to create new cross-border payment solutions. These collaborations unite the agility of fintech platforms with the reach of established networks. The result is a ready-made infrastructure for global money movement. Below are key examples of these partnerships in action:

Infosys + Mastercard Move

In August 2025, Infosys and Mastercard announced a strategic collaboration to integrate Mastercard’s Move cross-border payment network with Infosys’s Finacle core banking platform. This means any bank using Finacle can more easily access Mastercard’s global payments. Mastercard Move already covers over 200 countries and 150+ currencies, reaching about 95% of the world’s banked population.

By embedding Move into the banking system, institutions can deploy fast, secure international transfers with much less development work. The result is near-real-time, full-value payments to customers worldwide, with streamlined onboarding and compliance. Mastercard and Infosys emphasize that this partnership lets banks match fintech challengers by delivering cross-border payments “quickly and securely” while maintaining risk and cost controls.

Citi + Mastercard

In late 2024, Citibank became the first global bank to enable cross-border payments directly to Mastercard debit cards. Citi’s WorldLink network was integrated with Mastercard Move so that a corporate or individual can send funds as though there are no borders, no currencies, no constraints. The solution allows near-instant, full-value transfers to debit cards in 14 receiving countries (with plans to expand), covering over 180 countries and 150 currencies in total.

Use cases range from gig-economy payouts and insurance claims to merchant refunds. By combining Citi’s global payment rail with Mastercard’s card network, customers effectively get the ease of domestic transfers when paying overseas. This collaboration has already expanded Citi’s payout options (WorldLink now supports wire, ACH, instant payments, digital wallets, and card rails).

Standard Chartered + Dandelion Payments

In October 2025, Standard Chartered announced a partnership with fintech Dandelion to broaden its cross-border disbursements. Dandelion provides an “extensive payments infrastructure” connecting local ACH systems and major instant-payment and wallet rails worldwide. By linking Standard Chartered’s PrismFX treasury service with Dandelion’s network, clients can send foreign currency payments more efficiently into both bank accounts and digital wallets globally.

This tie-up reflects how banks are adding “mobile-first” payout channels: many emerging markets now rely more on mobile wallets than traditional banking. The partnership promises faster, cheaper transfers and greater transparency – exactly the goals highlighted by regulators and industry initiatives.

In addition to these marquee deals, many other collaborations are emerging. For instance, banks are embedding payment APIs from fintechs (like Currencycloud, Earthport/Wise, or Modulr) to automate multi-currency accounts. Banks and card networks (Visa, Mastercard, PayPal) are experimenting with blockchain and stablecoin rails. And software providers (SAP, FIS) are partnering with fintechs to offer real-time corporate payments.

Even central banks are cooperating on payments modernization. The ECB is working with partners to link Europe’s TIPS instant-payments system with India’s UPI network. All these efforts share a common theme: leveraging networks and technology to make cross-border transfers seamless and akin to domestic transfers.

Technologies Enabling Instant Global Payments

Convenient mobile payment processing for small businesses with Host Merchant Services.

These partnerships ride on a wave of enabling technologies and new payment rails. Key innovations include:

Distributed Ledger and Blockchain Ledgers:

Consortium blockchains are being built for cross-border payments. In 2025, SWIFT announced, with over 30 banks, the development of a shared digital ledger for international transactions. The idea is to record, sequence, and validate payments on a blockchain platform, using smart contracts to settle immediately. Because SWIFT’s existing network connects 11,000 banks in 200+ countries, adding a blockchain layer could enable 24/7 real-time settlements without sacrificing global reach.

Similarly, banks like UBS have piloted permissioned blockchain payment systems (e.g., “UBS Digital Cash”) for intra-bank and corporate transfers. These platforms let firms pre-fund and move liquidity across borders instantly, with complete visibility into balances. In practice, this means multinational clients (e.g., exporters, asset managers) can send USD, EUR, CHF, CNY, etc., on a secure ledger in seconds.

Central banks and regulators are also exploring blockchain: more than 90% of the world’s central banks are researching CBDCs (Central Bank Digital Currencies). While CBDCs are still nascent, pilots continue (e.g., BIS Innovation Hub projects) and could one day provide super-fast, tokenized cross-border rails.

ISO 20022 and Real-Time Payment Networks:

Legacy messaging and settlement networks are being overhauled. The global ISO 20022 standard is being widely adopted for payments, making messages richer and more interoperable. Many countries have launched high-speed “instant payment” schemes (the UK’s Faster Payments, China’s CIPS, India’s UPI, the Eurozone’s TIPS, etc.), and efforts are underway to link these systems. The ECB plans to interconnect TIPS with India’s UPI via the BIS Nexus network, enabling direct euro–rupee transfers.

Over 70 national real-time systems exist, and linking them removes the need for correspondent banks in each corridor. In practice, a person in Europe could send euros via TIPS into a UPI-linked wallet in India in real time, and vice versa – a dramatic leap from legacy wires. Meanwhile, SWIFT’s GPI (Global Payments Innovation) service and new instant rails enable banks to push payments in seconds or minutes rather than days, with end-to-end tracking.

API Platforms and Virtual Accounts:

Open APIs and cloud banking platforms allow financial institutions to plug into fintech ecosystems. For instance, banks can use virtual accounts in foreign jurisdictions to simulate local payments. A U.S. importer might open a virtual rupiah account with an Indonesian partner bank; when they pay into that account, the funds clear instantly in Indonesia. APIs also enable real-time FX quotes and instant execution.

Fintech banking cores (such as Infosys Finacle or Temenos Transact) often include prebuilt connectors to global networks (such as Mastercard Move or SWIFT). This composable architecture means banks don’t have to build custom integrations. At the same time, embedded fintech tools (payment gateways, ERP integrations) let businesses automate B2B cross-border transactions through a single interface.

Stablecoins and Cross-Border Tokens:

Digital stablecoins – crypto assets pegged to fiat – are increasingly viewed as a way to accelerate remittances. Although still emerging, stablecoins can settle globally in minutes when on public blockchains. Partnerships are forming around regulated stablecoin networks. Visa and some banks have piloted USD-backed stablecoins to facilitate international fund transfers.

In the future, one can imagine corporate treasuries or payment providers issuing a stablecoin on a blockchain, settling cross-border instantly, and then redeeming it into local currency on the other side. (Citi and other banks have noted that as much as $425 billion in payments per month might flow through stablecoins if integration ramps up.)

Regulatory guardrails remain (to address fraud, AML), but stablecoins are increasingly mainstream: one report forecasts $4 trillion in stablecoins by 2030. Over time, they may be integrated into traditional systems as an additional corridor, particularly where no domestic fast rail exists.

Together, these technologies form a modern cross-border stack: universal messaging standards, real-time clearing systems, global money movement networks, and new rails like DLT and tokenized money. Fintech partnerships essentially connect the dots. A bank can tap an API that routes payment via SWIFT GPI or blockchain, or embed a fintech’s service that executes FX instantly.

Real-World Impact: Faster Payments, Lower Costs

These innovations bring tangible benefits for businesses and end users. Compared to the old multi-day wires, modern cross-border solutions offer:

1. Near-Real-Time Settlement:

Recipients can receive funds in minutes or even seconds, rather than days. For example, bank clients on the Infosys–Mastercard platform can send near-instant cross-border transfers because the integration supports real-time messaging. Similarly, Citi and Mastercard’s joint solution allows 24/7 availability, so payments clear virtually immediately in the cardholder’s account.

For businesses, this means improved cash flow and liquidity. An importer paying a supplier overseas no longer has to wait 2–3 days for funds to clear; they can synchronize payments with the goods shipment, reducing currency risk.

2. Lower Fees and FX Costs:

By collapsing multiple correspondent steps into a single API or network call, providers pass on lower fees. Alternative cross-border services (such as fintech remittance apps) already charge fractions of traditional fees by leveraging pooled liquidity and efficient rails. New bank-fintech networks aim to do the same at scale.

Because transfers happen faster and with transparency, banks can more easily justify smaller FX spreads. Industry studies show that as new rail links connect countries, average remittance costs (now ~6%) can fall toward G20 targets (~3%). In some corridors, fees are already plummeting. For example, linking digital rails may eliminate the need for a Middle Eastern or European correspondent bank, saving 1–2% on transfer costs.

3. Enhanced Transparency and Tracking:

Corporate users gain complete visibility into payment status and fees. Unlike old wires, where a payment’s progress is opaque, modern networks can track each hop. Systems like SWIFT GPI and Mastercard Move report confirmations back to the sender as funds move. This transparency reduces disputes and compliance overhead. Consumers also benefit: a person sending money to family abroad can see precisely how much will be credited, avoiding hidden charges. In essence, end-to-end visibility removes uncertainty around delivery times and fees.

Broader Access (Wallets and Smaller Currencies): Many modern solutions expand reach beyond traditional bank accounts. The Standard Chartered–Dandelion partnership explicitly extends to digital wallets and local payment apps. This means a business in the U.S. could pay workers in India directly into their UPI-linked wallets, even if the sender or receiver has no local bank account.

Smaller currencies and emerging markets gain easier access to. Historically, a bank in Africa might not support direct transfers to remote nations; through a global network partner, it can now pay into local banks or wallets across Asia or Latin America. Greater inclusion helps migrant workers and small exporters who previously were underserved.

4. Compliance and Security Improvements:

Although faster systems might sound riskier, fintech partnerships can actually strengthen compliance. Automated rails can incorporate KYC/AML checks instantly and enforce sanctions screening in real time. Many digital networks use cryptographic proofs and audit logs (especially on blockchain), so transactions are secure and traceable. Banks also maintain control; for example, Mastercard’s solution enables them to enhance control over risk, operations, costs, and liquidity even as they speed up payments. Thus, regulators and institutions can meet both the demand for speed and the requirement for oversight.

For business executives and developers, these changes mean new business models and capabilities. A software provider can embed cross-border payments into its platform via APIs, enabling customers to complete instant multi-currency checkout. A multinational can concentrate cash in a few clearing accounts and distribute it globally on demand, rather than maintaining large balances with many correspondent banks.

Financial institutions that adopt these partnerships can capture the previously hard-to-reach “low-value, high-volume” segment of cross-border pay (the retail remittance market) that fintech challengers had taken. In short, the ecosystem becomes more efficient, resulting in cost savings that can be passed on to clients.

What This Means for a U.S. Exporter

Imagine a U.S. manufacturing company that sells machinery to clients in India, Brazil, and Europe. Under the old model, they would send invoices in different currencies, wire funds through a domestic bank’s correspondent network, and wait days for payments to arrive (paying hefty fees). With the innovations described:

Faster Receipts: The U.S. exporter can instruct its bank (using, say, Mastercard Move via Finacle) to pay its Indian customer in rupees. Instead of a three-day SWIFT wire, the transfer might arrive in minutes via the linked UPI/TIPS rails. Similarly, payments to Brazil could be routed through a stablecoin corridor or a local instant payment system, reducing settlement time to hours.
Lower Fees: By using the Mastercard network or another integrated platform, the exporter avoids middlemen. They pay a simple network fee (often <1%), rather than a chain of correspondent fees. Over hundreds of transactions, this slashes annual costs.
Real-Time Tracking: The exporter sees each payment’s status in real time. If a payment stalls or is rejected, they know the reason at once. This certainty allows tighter treasury forecasting and reduces finance disputes.
Multiple Channels: The exporter can offer customers a choice of channels. A Brazilian client might prefer receiving funds via PIX (Brazil’s instant-pay system) if the bank supports it. A European client could accept a euro transfer into a digital wallet (like Revolut or Wise). The exporter’s billing software, integrated via API, handles all this behind the scenes.

Overall, cross-border trade becomes as seamless as domestic transactions. Such advantages are not theoretical: many companies report dramatically improved cash flow and customer satisfaction when switching to modern payment rails.

Future Outlook

The trend toward global instant payments is still accelerating. International bodies and central banks remain committed to modernization: projects like the G20’s roadmap and the BIS Nexus initiative aim to link more real-time systems and currencies.

On the private side, we expect more fintech-bank partnerships and platform alliances. Large banks may integrate with multiple rails (card networks, blockchains, local instant systems) to cover every region. Fintech firms will continue expanding their networks (e.g. currency networks, wallet networks). With increasing regulatory clarity on digital assets, stablecoins or CBDCs could become mainstream options for cross-border settlement.

However, challenges remain: harmonizing regulations across jurisdictions, ensuring cybersecurity, and achieving widespread adoption. Legacy banks must update their core systems (often a multiyear effort) to fully leverage these innovations. Cultural and contractual changes are needed too, as banks move from cautious correspondent models to open digital ecosystems.

Despite these hurdles, the trajectory is clear. By 2026–2027, many corridors that were days apart will become near-instant. Fees are likely to continue trending downward as competition increases. For end users – small businesses, expatriates, multinational corporations – the experience of sending money abroad will increasingly resemble local transfers: quick, low-cost, and reliable.

Conclusion

Fintech partnerships are driving a revolution in cross-border payments. By combining the technological agility of fintechs with the scale of banks and card networks, these collaborations are tearing down old barriers. From Infosys–Mastercard enabling 200-country, 150-currency transfers to central banks linking Asia and Europe for instant settlement, the landscape is changing fast.

The result for businesses and consumers is profound: more accessible global commerce, greater financial inclusion, and the promise that tomorrow’s cross-border payment will be seamless, fast, and inexpensive.

Frequently Asked Questions

Why are traditional cross-border payments so slow and expensive?
Traditional international transfers pass through multiple correspondent banks, each adding fees and processing delays. This creates high costs, slow settlement times, and limited visibility for both businesses and consumers.
How are fintech–bank partnerships improving global payments?
Fintechs provide modern APIs, instant-payment rails, and digital platforms, while banks offer global reach and compliance infrastructure. Together, they enable faster, cheaper, near-real-time transfers across more countries and currencies.
What technologies are driving modern cross-border payment innovation?
Key technologies include distributed ledgers, ISO 20022 messaging, real-time payment systems, open APIs, virtual accounts, and emerging stablecoin rails. When combined, they reduce friction and support 24/7 global settlements.
How do these innovations benefit businesses and consumers?
Businesses gain faster cash flow, lower fees, and real-time payment tracking. Consumers enjoy transparent pricing, quicker fund disbursement, and broader access—primarily through digital wallets in emerging markets.
What does the future of cross-border payments look like?
By 2026-2027, many corridors will support near-instant, low-cost international transfers as more countries link real-time systems and fintech partnerships expand. Stablecoins, CBDCs, and unified global rails may further accelerate speed and reduce costs.

Background: Section 1033 and the Open Banking Rule

Why an Interim Final Rule?

Funding Battles and the Fight to Dismantle the CFPB

What Would an Interim Open Banking Rule Require?

What Can We Expect in the Near Term

Shifting the Timeline for Open Banking

Looking Ahead

Conclusion

Frequently Asked Questions

What is an “interim final” rule in open banking?

Why is the CFPB low on funding, and how does that affect open banking rules?

What was the original open banking rule meant to do?

How might an interim rule differ from the original open banking rule?

What does this mean for consumers and fintech companies?

What Is Agentic Commerce?

Stripe Agentic Commerce Suite Features

Early Adopters and Partners

Opportunities for E-Commerce

Security and Trust Challenges

Conclusion

Frequently Asked Questions

What does “agentic commerce” mean?

What is included in Stripe’s Agentic Commerce Suite?

Which companies are using Stripe’s agentic commerce tools?

Why is agentic commerce important for the future of shopping?

What risks and challenges come with agentic commerce?

Rising Card Swipe Fees and Pressure on Margins

Dual Pricing, Cash Discounts, and Surcharges

Implementing Cash Discounts – Practical and Legal Considerations

Impact on Diners and Market Dynamics

Looking Ahead: Policy and Industry Trends

Conclusion

Frequently Asked Questions

What are credit card surcharges and cash discounts in restaurants?

Why are more restaurants adding these fees now?

Is it legal for restaurants to charge extra for credit card payments?

How do customers usually react to dual pricing?

What other ways can small restaurants manage card fees?

Understanding Real-Time Payments

FedNow: The Fed’s Instant Payment Network

The Clearing House RTP Network

Why Instant Payments Matter for Small Businesses

Instant Payments Trends: What To Watch In 2026

1. Continued Growth in Participation

2. Higher Transaction Limits and Big-Business Use

3. “Request for Payment” (RFP) Goes Mainstream

4. Multi-Rail as the Norm

5. Integration with Digital Wallets and Gateways

6. Enhanced Fraud Controls and Data

7. Government and Payroll Use

8. Cross-Border and New Markets

Getting Started: Using Real-Time Payments in Your Business

Conclusion

Frequently Asked Questions

What are real-time payments, and how fast are they?

What’s the difference between FedNow and RTP?

Do small businesses need special software to use instant payments?

Are real-time payments safe and reversible?

How will instant payments change small businesses in 2026?

Friendly Fraud on the Rise

Chargeback Tsunami – Costs and Trends

Tools and Tactics to Combat E-Commerce Fraud & Chargebacks

1. Robust Fraud Screening

2. Clear Billing Descriptors & Policies

3. Proof of Delivery and Order Tracking

4. Fast Response and Representment Tools:

5. Leverage Card Network Rules (Compelling Evidence, PSD2, etc.)

6. Excellent Customer Service as Prevention

7. Monitor Chargeback Metrics

Conclusion

Frequently Asked Questions

What is friendly fraud, and why is it growing?

How much do chargebacks really cost a business?

How can I prevent fraud on my online store?

How can I fight chargebacks I believe are invalid?

What new tools or trends are helping merchants with fraud and chargebacks in 2025?

How Tap-to-Phone Works

Simple Setup: Phone and App

Why Small Businesses Tap-to-Phone Payments

Security and Compliance