Account-to-Account Payments Explained: The Challenge to Card Networks
Moving money directly between bank accounts costs a fraction of what card networks charge merchants. The technology exists, the regulatory framework is in place, and the card networks are paying attention.
What account-to-account payments actually are
An account-to-account (A2A) payment moves money directly from one bank account to another, with no card network acting as intermediary. That single sentence conceals an enormous amount of infrastructure that most consumers never see — and that merchants, increasingly, resent paying for.
A standard card payment at checkout involves at least four intermediaries between the payer and the merchant's bank account: the merchant's acquirer, the card scheme (Visa or Mastercard), the issuing bank's processor, and the issuing bank itself. Each layer takes a cut. Interchange alone — the fee paid to the issuing bank — typically runs at 0.2–0.3% for consumer debit in regulated markets, higher for credit cards. Add scheme fees and acquirer margins and the all-in cost to a merchant frequently lands between 1% and 3% of transaction value.
A2A payments remove most of that stack. The payer's bank and the payee's bank communicate over a payment rail directly, with one or at most two intermediaries in the path. The cost per transaction drops to pence rather than percentages. For merchants processing at volume, the arithmetic is persuasive.
Push and pull: two fundamentally different flows
Not all A2A payments work the same way. The most important distinction is between push and pull.
A push payment is payer-initiated. The account holder instructs their bank to send funds to a specified destination. Classic bank transfers work this way. So does the UK's Faster Payments Service (FPS), where the payer authenticates and the money leaves their account immediately. Push payments are one-time, irrevocable once settled, and fully authorised by the person sending the money.
A pull payment is payee-initiated: the merchant or service provider collects money from the payer's account, with the payer's prior authorisation. UK Direct Debits are pull payments — the utility company, the gym, the insurance provider all draw from your account on a schedule, and the mandate can already support variable bills such as energy usage. Its trade-offs are batch timing, limited real-time controls and a consumer-protection model built around the Direct Debit Guarantee.
Variable Recurring Payments (VRP) offer a different control model. A VRP consent can let the payer pre-authorise variable payments within parameters such as a ceiling, frequency and date range. Sweeping between a customer's own accounts is established; wider commercial VRP between customers and third-party billers is still developing through an industry-led framework rather than being universally available.
The rails underneath
The speed and reach of A2A payments depend entirely on which payment rail the transaction travels over. These vary significantly by market.
In the UK, Faster Payments (operated by Pay.UK) has been the backbone of domestic A2A since 2008. It processes payments up to £1 million in seconds, runs 24 hours a day, seven days a week, and costs participating institutions pence per transaction. It is not a perfect system — access historically required sponsorship through a large bank, which disadvantaged smaller payment service providers, though this has improved — but it is fast, ubiquitous for UK bank accounts, and comparatively cheap. The industry's move toward ISO 20022 message formats is intended to carry richer payment data and improve reconciliation for business use cases.
Across the EU, SEPA Instant Credit Transfer (SCT Inst) provides the equivalent rail. Adoption was voluntary for years, and the uptake was uneven — many smaller institutions simply did not bother. That changed with an EU regulation requiring all payment service providers reachable for standard SEPA Credit Transfers to also be reachable for SEPA Instant. For PSPs in euro-area member states, the obligation to receive SEPA Instant payments applied from January 2025 and to send them from October 2025. PSPs in non-euro-area EU member states face later deadlines. Mandatory adoption is doing what voluntary uptake never did.
The United States has two competing instant payment rails: The Clearing House's RTP (Real-Time Payments), launched in 2017, and the Federal Reserve's FedNow, launched in July 2023. US adoption is fragmented across thousands of institutions. Neither rail approaches the market penetration that Faster Payments has in the UK, and the absence of a dominant consumer-facing product built on either rail has limited their commercial impact to date.
Why open banking is the missing consumer layer
Fast payment rails have existed for some years. The gap was never the rails — it was making A2A accessible as a checkout payment method for ordinary consumers who are not going to manually key in a sort code and account number at the point of purchase.
Open banking is what closes that gap. Under open banking frameworks — PSD2 in the EU and UK, with the UK maintaining equivalent rules post-Brexit — third-party payment initiation service providers (PISPs) can, with the consumer's explicit consent, instruct the consumer's bank to make a push payment on their behalf.
The checkout flow in practice: the consumer selects "Pay by Bank" at checkout; they are redirected to their bank's authentication screen or deep-linked into their bank's mobile app; they approve the payment; the PISP receives confirmation and the funds leave the consumer's account in real time. No card details entered. No card number stored with the merchant. No card network involved.
The user experience has improved substantially. Early open banking payment flows required clunky web redirects and suffered from poor bank-side implementations that frustrated users. Native app-to-app redirects, biometric authentication on mobile, and improved bank APIs have made the flow competitive with card wallet experiences at checkout — though it is still not universally seamless across all institutions.
The economics for merchants
The commercial case for A2A does not require complex modelling. Card acceptance costs merchants roughly 1–3% of transaction value, depending on card type, market, and acquirer. A2A payments via a PISP typically cost 0.1–0.5%. That gap compounds at scale.
Consider a UK retailer processing £1 billion in annual card turnover at an average blended cost of 1.5%. Total card fees: £15 million per year. If half that volume migrates to A2A at an average cost of 0.3%, the saving is £6 million annually — before any other consideration.
The use cases where A2A is gaining fastest traction reflect where the savings are most material and where the consumer experience friction matters least: utility bill payment, online gaming (where consumers are motivated to complete deposits quickly), regulated financial services, and high-average-order-value e-commerce where the consumer is already in a deliberate authentication mindset. In these segments, the merchant's willingness to offer an incentive — a discount, a loyalty benefit — for choosing A2A over card can accelerate adoption in a way that would be difficult at the sub-£10 impulse purchase tier.
The B2B embedded finance opportunity is arguably even larger. Business-to-business payments frequently involve high values, established counterparty relationships, and tolerance for a brief authentication step — all conditions that suit A2A well. Replacing card-on-file arrangements in B2B procurement with VRP mandates, where the buyer pre-authorises the supplier to collect within agreed parameters, could displace substantial card volume.
Variable Recurring Payments: the unfinished chapter
VRP's potential is significant enough to deserve its own treatment. It could compete with Direct Debit and card-on-file for recurring billing by giving customers more granular, real-time control over variable collections.
The technology is not the bottleneck. VRP for sweeping — moving money between a consumer's own accounts — launched commercially in the UK in 2022, and the major banks built compliant implementations. The problem is commercial VRP: payments between a consumer and a third-party merchant.
Progress has been slower than the industry's early roadmaps suggested. The FCA, Payment Systems Regulator and industry participants have continued work on an industry-led commercial framework, including pricing, liability and consumer protection. Direct Debit's Guarantee sets a high benchmark that a VRP alternative must meet. Until that framework achieves broad bank and merchant participation, most recurring billing in the UK will continue to run over Direct Debit or card-on-file.
The APP fraud problem
A2A push payments carry a fraud risk that card payments do not: Authorised Push Payment (APP) fraud. The mechanics are straightforward and the losses are substantial.
In an APP fraud scenario, the payer is manipulated — typically via a phone call, text message, or spoofed email — into believing they are sending money to a legitimate destination: their own savings account, a solicitor handling a property purchase, a utility requiring an overdue payment. They authenticate the transaction themselves. The funds reach the fraudster's account. Because the payment was authorised by the account holder, the traditional position was that the bank bore no liability and the consumer had little recourse — a sharp contrast to card fraud, where the card network's chargeback rules provide a straightforward path to recovery.
UK Finance data has consistently shown APP fraud losses running at hundreds of millions of pounds annually. The Payment Systems Regulator's response was a mandatory reimbursement framework that came into effect in October 2024, requiring banks and payment service providers to reimburse APP fraud victims up to £85,000 per claim. (The initial proposal was a £415,000 cap; industry lobbying reduced it significantly before implementation.) The liability is split between the sending and receiving firms.
For payment providers building A2A products, the reimbursement obligation changes the cost model materially. Fraud controls — confirmation of payee, real-time transaction monitoring, behavioural analytics — are no longer just risk management niceties. They are directly tied to the firm's loss exposure. This has driven investment in fraud prevention infrastructure among the major open banking payment providers, but it also narrows the margin advantage for smaller entrants who cannot spread the fraud risk across a large portfolio.
How the card networks are responding
Visa and Mastercard are not passive observers of the A2A trend. Their response has been to acquire their way into the open banking infrastructure layer.
Visa announced the acquisition of Tink, the Swedish open banking platform, in 2021 and completed the deal in 2022 for approximately €1.8 billion. Mastercard announced its acquisition of Aiia, a Danish open banking provider, in 2021, alongside a broader set of open banking assets accumulated over the preceding years. Both networks are now positioned to offer A2A payment services through their own infrastructure — meaning that even as A2A displaces card-scheme intermediation, the card networks capture some of the value through platform ownership.
Mastercard also offers Pay by Bank and open-banking services across several markets. The underlying products and protections vary by market, so they should not be treated as a single card-like dispute framework; the strategic point is that the network is building fee-generating services around A2A even where interchange is absent.
Whether this is a successful hedge or a strategic concession to A2A's momentum is a question the market has not yet answered. The interchange revenue that card networks depend on is enormous; A2A cannot generate equivalent per-transaction fees, even if the networks own the pipes. But owning the infrastructure that processes A2A, and charging for that, is better than ceding the space entirely.
The merchant checkout reality
Despite favourable economics and improving user experience, A2A at checkout has not displaced cards for mainstream UK or EU e-commerce. Understanding why is as instructive as understanding the opportunity.
Consumer habit is powerful. Stored card credentials on Apple Pay, Google Pay, and browser autofill make card checkout frictionless for the majority of online purchases. The cognitive overhead of switching to a "Pay by Bank" option — even a smooth one — requires a reason, and saving the merchant money is not, in itself, the consumer's reason.
The absence of universal VRP means A2A cannot easily replace recurring card-on-file arrangements. Many subscription businesses use a stored card as the default collection mechanism precisely because the consumer authorised it once and has largely forgotten about it. Recreating that dynamic with VRP requires consumer action at the point of switching.
And there is the goods-dispute question. Card chargebacks protect consumers not just against fraud but against merchants who fail to deliver: the item that never arrived, the service that was not as described. A2A push payments offer no equivalent mechanism. The PSR reimbursement framework covers APP fraud, not commercial disputes. For consumers purchasing goods they might need to dispute, the card's chargeback right is a genuine advantage that A2A does not yet offer a clean substitute for.
The sectors where A2A is genuinely gaining are those where the consumer's motivation aligns with the merchant's economics: high-value purchases, utility and bill payment, regulated financial product purchases, and contexts where the merchant can credibly offer an incentive for the A2A choice. The broader displacement of cards at general retail checkout remains, for now, a medium-term prospect rather than an immediate reality.
Sources and methodology: This article draws on UK Payment Systems Regulator (PSR) publications on APP fraud reimbursement; Pay.UK Faster Payments statistics; European Central Bank SEPA Instant statistics and regulation; publicly available corporate announcements from Visa, Mastercard, and named fintech providers. No proprietary data is cited.
Frequently asked questions
What is the difference between an A2A payment and a standard bank transfer?
Functionally, very little — both move money directly between bank accounts without a card network in the path. The distinction that matters commercially is how the payment is initiated. A traditional bank transfer requires the payer to manually enter the recipient's account details (sort code and account number in the UK). A2A at checkout uses open banking: a payment initiation service provider (PISP), with the consumer's consent, instructs the bank to make the transfer automatically. This removes the manual friction, making A2A viable as a merchant payment method rather than just a banking tool.
Are A2A payments safe for consumers?
The answer differs depending on which side of the transaction you are on. For the recipient, A2A is highly secure: settlement is near-instant, funds are irrevocable once cleared, and there is no card data to steal. For the sender, the principal risk is Authorised Push Payment (APP) fraud — where a fraudster manipulates the sender into authorising a payment to a fraudulent account. Unlike card fraud, there is no chargeback mechanism. However, since October 2024 the UK's Payment Systems Regulator requires banks and payment firms to reimburse APP fraud victims up to £85,000, which substantially changes the consumer protection picture for UK payers.
Does A2A support refunds?
Yes, but the mechanism is a separate payment rather than an automatic reversal. If a merchant needs to refund a consumer for a returned item or cancelled order, they initiate a new push payment from their account to the consumer's account. There is no built-in reversal flow equivalent to a card chargeback, where the card network can forcibly recover funds from the merchant. This means A2A refunds depend on the merchant's willingness and ability to repay, and disputes about whether a refund is owed have no equivalent self-help remedy for the consumer.
What is a Variable Recurring Payment (VRP) and will it replace Direct Debit?
A VRP is a payment mandate that allows a merchant or service provider to pull variable amounts from a consumer's bank account in real time, within parameters the consumer sets — a maximum amount, a frequency, a date range. It is designed to replace Direct Debit for recurring billing where the amount changes each period (energy bills, usage-based subscriptions, insurance premiums). In the UK, VRP for sweeping between a consumer's own accounts launched in 2022. VRP for commercial payments to third-party merchants is taking longer: the Payment Systems Regulator and major banks are still working through the commercial model, including liability allocation and the fee structure. Direct Debit is likely to remain the standard for most recurring UK billing until that framework is agreed and
Can EU merchants accept A2A payments at checkout?
Yes. SEPA Instant Credit Transfer provides the payment rail, and open banking PISPs licensed under PSD2 can initiate payment from a consumer's EU bank account at the point of checkout. The consumer experience — a redirect or deep link to their bank's authentication — is broadly similar to the UK model. Practical availability varies: SEPA Instant adoption among EU banks was patchy until the 2025 mandatory-reachability rules accelerated uptake, and not all checkout platforms have integrated a PISP option. The strongest A2A adoption in the EU has been in markets with high online banking penetration and early open banking investment — the Netherlands, Germany, and the Nordic countries in particular.