Category Archives: contactless

The great interoperability myth

BabelfishA question I’ve been asked many (many, many) times about payment cards is why do we keep old acceptance components on the card once we’ve migrated to EMV? For most you should read this as ‘why keep a magstripe?’ but it could equally be ‘why have embossed numbers?’ and ‘why have the PAN written on the card?’. There is a simple answer for these, but also a much more complex discussion.

First of all, the simple answer. As markets don’t all move to new technology at the same pace (re: US EMV migration) in order to ensure that one type of card can work everywhere, older interfaces are retained – this is called interoperability, or the ability for cards to work in infrastructures at different technology levels. If you were a mathematician, you’d call this working to the lowest common denominator. If you’re a banker it means that you’re making a risk-based decision to offer transaction availability (convenience) over fraud risk (security). It also means that MasterCard (and/or Visa, Amex, Discover, CUP, JCB…) can truly claim that the same card can be accepted at more than 35.9million locations worldwide [here] and talk about lots of other big numbers.

For the vast majority of cardholders, global interoperability is an unnecessary luxury as they will never use their cards in a face-to-face transaction beyond their own national borders [here], and of those adventurous types travelling, most will only reach neighbouring countries or travel within a region. This is why the first EMV terminals deployed in the US were on the borders of Mexico and Canada. It’s also why Belgium’s banks can happily close off acceptance of their Maestro cards beyond the borders of Europe as it affects only a minuscule percentage of their cardholders.

However, one of the additional reasons that we retain the magstripe on EMV cards is because the banking industry has used it for other things – the primary one being accessing an EMV-enabled ATM. Typically EMV-enabled ATMs use motorised readers and ‘swallow’ the card so that it is held in the reader during the transaction. To stop those of an adventurous nature from trying to shove other things into the card reader, such as library cards, bus tickets and anything by Panini, these readers have a small gate just inside that is triggered by presence of, and reading the first character of the bank card’s magstripe. Although we’re seeing first examples of non-motorised, separate readers from EMV cards in the Nordics, they’re not widespread. Other examples of magstripe usage include easier card orientation, entrance to bank vestibules, transaction fallback and locking mechanisms on hybrid dip readers on some POS terminals. This is all interoperability on a smaller scale.

Finally, legacy card data interfaces such as magstripe, PAN printing and embossing remain as the schemes/brands that manage global card franchises insist that they do so. Interoperability plays a large part in their USP – why use domestic debit when our debit works here, here and here as well! This is at least until the US EMV migration is complete as these US-based organisations are reluctant to kill the tool that is most prevalent in their home market. So a laser-printed, chip-only card for international use is still some years away as a mass market product. And herein lies the fundamental problem with the four-party cards system, as the Issuer and Acquirer may be on significantly different acceptance technologies and so the more advanced issuer has to ‘dumb down’ or face non-acceptance. All of this means that interoperability at a global level has a place, but we all pay for the benefit of a relatively small number of cardholders to be supported. So yes, interoperability makes sense, but should it really drive risk management in the way that it does?

Having the right change is wrong

cash is brokenNine years on from the tragic bombings that rocked London, Transport for London (TfL) have decided that the time has come to give a better reason for 7 July (7/7) to be remembered – the day that London’s buses went cashless (here).

The success of London’s Oyster contactless ticketing system (here) and the introduction of contactless banking card acceptance on buses just over a year ago (here) has increased the fall of cash usage below the 1% of passengers mark and allowed TfL to become a cashless transit system at the point of usage. The transit authority believes that it will gain significant savings by no longer accepting cash – particularly cash handling and service efficiency gains. This has been made possible by the legal tender laws in the UK and the right for a merchant to decide how they wish to be paid.

Contrary to popular belief, shops or individuals do have the right to refuse payment in coins or notes, even legal tender ones, before a transaction has taken place, and to demand payment in whatever form they choose. However, when the debt has already been incurred (which, under the concept of ‘invitation to treat’ the vendor has already supplied a good or service prior to payment), then they are obliged to accept settlement of that debt in legal tender currency up to the amount authorised in law (which in the case of £1 coins, is unlimited). – Chard legal information

This is in stark contrast to the legal tender recommendations created for the Euro currency (here). While these recommendations are not European law (i.e. not a Regulation or Directive), they would be taken as the start point for any case of dispute that was taken to the European Court. Primarily of interest has to be the opening point of the recommendations:

Where a payment obligation exists, the legal tender of euro banknotes and coins should imply:  (a) Mandatory acceptance: The creditor of a payment obligation cannot refuse euro banknotes and coins unless the parties have agreed on other means of payment.
– ELTEG recommendation number 1

Which means that potentially a customer could insist on paying with Euro cash even when the merchant states that they no longer accept it, as refusal of cash requires agreement of both parties. To date, examples such as Dutch retailer Van Gastel (here [in Dutch]) are meeting with strong public acceptance, but can you imagine the same thing happening in more cash-loving markets such as Germany?

So it means for now is that we have a British example of the future analogue cash-free society and there at least is seems that the law is on the side of progressive electronic payments and the gradual removal of the criminals’ friend – cash – and of course TfL no longer spending tax payer’s money on stickers saying ‘Correct change only’.

in2payments on Rebelmouse

If you want more information on the payments world, but are afraid to ask, don’t fear – in2payments live is now available on Rebelmouse to bring you all the latest news stories and tweets from across the web. Click the link below or the Rebelmouse button from our homepage.

Buying a hypercar for the school run

bmw 300 A friend of mine in Belgium owns a beautiful BMW M5, capable of doing nearly 300km/h if de-restricted. The national speed limit is 120km/h. He doesn’t go to track days, but he does drop his kids off at school each day and they certainly arrive in style. He says that he owns it for the thrill of the acceleration and performance, but to be honest he could have spent a whole lot less and got himself an Ariel Atom (here) and made the kids walk to school. Or moved to Germany.

Why am I telling you about this in a payments blog? Well I’m here in the States at the SCA Payments Summit in Salt Lake City listening to the latest info and thoughts on the US EMV rollout. The International Brands, Visa; MasterCard; Discover; AMEX; have all reiterated their liability shift timetables and so come October 1, 2015, those not compliant in the US will become liable for any fraud. Yay! Issuers are already putting EMV chip cards into market – starting with their high transactors first (here) – and merchants such as Wal-Mart are already switching on EMV acceptance capability in high tourist areas. This is all great news and very promising as the migration gathers pace. There is however one flaw – and here we go back to my friend’s BMW…

While others are openly explaining that Chip with PIN is the most secure option, Visa continue their declaration that the US should be a Chip and Signature market – merely mimicking the current magstripe environment but on EMV cards. Visa is telling card issuers to buy a hypercar for the school run – getting a huge leap forwards in technology and security possibilities, then running it in first gear. I’m not going to speculate on the reasons why here, as there are a few possibilities to do with business model, pragmatism and blind faith in the current system. However, what is clear is that this advice isn’t good for the long term future of the market. US Issuers should be encouraged to do as much as possible in the first instance to build systems that take them forwards instead of spending the estimated $11bn cost of migration just to stand still.

It’s fine to have a minimum standard, but it just won’t bring the intended benefits to the market if the majority only achieve this baseline. Furthermore, merchants understand the value of PIN. They understand that signature has near-zero value as a cardholder verification method (CVM) and certainly doesn’t stand up in the chargeback process. They also understand that in chip-on-chip transactions (which will be about 40% of volumes come liability shift) signature is not going to help them out much.

Clearly the added cost of offline PIN and the intrinsic difficulties of PIN change that it brings will be a step too far for most Issuers. However, as the majority (if not all) cards will be issued with online PIN for ATM, why not just extend this to POS and make a bold statement to the merchant community – the US will be Chip and (online) PIN with signature fallback because we want to protect transactions and integrity of our payments system. During the tricky migration period, which will last probably until 2021, magstripe fallback will be the norm and so counterfeit will continue through cards with disabled chips and counterfeit magstripe. Signature as the main CVM will not stop this and so the fraud will go on, and on. PIN won’t stop data breaches, but it will greatly reduce the capacity for replay of counterfeited cards into the POS channel.

Merchants are calling for PIN and most processors I’ve spoken to believe that it’s the right option, all they need is a little advice from the International Brands. It’s time to unleash the US’s new hypercar on the Bonneville Salt Flats rather than sitting at 55 on Route 66.

Monetising Mobile Payments

Or why Banks are REALLY scared of mobile payments

For me, mobile payments began back in 2000 in the innovation area of MasterCard. Using an Ericsson R380 mobile, and a server-based wallet in conjunction with the SET protocol and possibly the most expensive data connection known to man, we tapped our stylus and paid for an item a little under three minutes (yes, minutes). This was the future, this was the next big thing.

Mobile PaymentHere we are now, almost 13 years to the day and mobile payments are still the ‘next’ big thing. There’s been a lot of issues getting mobile payments into the mainstream – some of which are to do with a lack of a strong consumer offer. Some recent initiatives looked promising – the Six Pack in the Netherlands, a similar Belgian initiative, Oscar in the UK, ISIS in the US – but none make it past commercial pilots or more often the initial talks. Part of the reason is that there are a number of misconceptions about the payments world, which mobile players trying to enter the market naively accepted as truth – not in the least helped along by regulators claiming that the payments world was awash with transaction revenues.

Take for example a 100 EUR transaction made with a credit card in Belgium. It will cost the merchant around 2,20 EUR to accept. This fee is the Merchant Service Charge which is composed from the Acquirer’s 3-4% margin plus fees to cover all other aspects of the transaction, which are passed through to other players through the transactional model. The most visible of these is interchange – which is a balancing fee sent to the Issuer of the card to compensate them for providing the card and account to the cardholder. In our example this results in a net revenue for the Issuer of around 90 cents. From the money that they receive, they will fund transaction processing – either on internal systems or more usually today with a third party processor such as SIX card, ATOS or First Data. The cost for this would be around 6,5 cents per transaction. This leaves the Acquirer with around 60 cents revenue to pay their costs and provide margin.

However, all three of these entities will then pay a substantial fee towards the payment scheme – typically MasterCard or Visa – which amounts to around 65 cents in our model. Proposed European legislation on interchange will reduce the Issuer’s revenue to 0,2% of the transaction value – a cut of around 70 cents in this model. However, it is unlikely that the Merchant Service Charge will reduce by this amount.

Recent years have also highlighted the continuing issues that Banks have with customer intimacy, lost during years of increasing automation of Bank process rather than customer engagement (here) yet they retain a reluctance to allow others to provide that intimacy. A word that is used often in the industry is ‘disintermediation’ – which means someone else getting in between them and their customers. It created such a fear in the industry that rather than co-operate, they do other silly things.  MasterCard was so terrified of new wallet players that they imposed a fee on funding transactions for deported wallets that isolate the banking world from the actual commercial transaction (and the data that goes with it). This includes people such as Google, ISIS and PayPal.

In reality though, PayPal gross transaction value accounts for only 60bn USD of the estimated 30 trillion USD made in credit and debit card transactions each year, equal to roughly the transaction value in Belgium. The banking world is in reality more fearful of the public perception of PayPal than the reality of it.

Alongside the interchange regulation and a raft of other changes, Europe’s legislators are creating an entirely difficult environment for payment innovation. As well as investigating conglomerates such as the Dutch six pack, the law makers and regulators are also making it particularly difficult for new entrants to obtain the licensing that they need. This puts the brakes on new payment providers once they reach critical mass. Payments is profitable, but it’s hard to enter new markets and harder to get REALLY big. Even players like Google, who have a banking license, have found this a difficult playground.

The key seems to be to stand the current model on its head and forget transaction revenues altogether. In the transaction acceptance world there has been a successful and silent mobile revolution. Although it’s been driven by technology of plugging a device into a mobile phone to create a mobile POS, the revolution was actually in the business model for cards acceptance. Non traditional players such as Twitter’s Jack Dorsey (as Square) and iZettle’s Jacob de Geer and Magnus Nilsson have redefined the market by creating services designed for previously unserved merchants.

In Europe today, 20 million companies do not accept card payments. “These companies are small in terms of turnover, typically they have between 1-3 employees,” stated de Geer in a recent speech. “Accumulated they account for 20 percent to 30 percent of GDP in any European market”.

The reason for this lack of card payments is simple: it’s too complicated. The barriers to becoming an acceptance point are too high. Merchants face complicated applications, fixed fees, long-term contracts and high monthly fees.

But these companies approach the business differently – viewing the transaction as a commodity and seeing the importance in customer experience and the value that can be derived from the data generated by the system. Square is able to know what flavour of pizza is most popular at 3am in the New York Village and can sell that information to a Domino’s franchise looking to open a new store. This is the new reality, payments are now a means of gathering information on transactional behaviour and the costs typically attributed to payments need to be reallocated based on value.

PayPal recently launched PayPal Beacon, a device that works with the PayPal mobile app as a user enters a store and pre-authenticates them at the cash register – giving the merchant a photo if wanted and supplying details on past purchases. This means that there is not even a need to implement NFC to get mobile moving.

Banks are ill-equipped to do what PayPal does. If the future of payments is profit from data, then this suggests that Banks are not currently the future of payments. A Clear2Pay survey in conjunction with Finextra earlier this year showed that over 75% Banks do not currently have the resources, staff or knowledge to deal with the big data that they realise is incredibly important. In short, they are not able to change at the pace the market demands.

This is a space where they need help – and are potentially willing to share revenues to support it – yet after a number of headline failures in banking-telecommunications initiatives, third party appetite may be waning.

Ultimately, the winners in mobile payments will be those that bring real value to Consumers, solve the Banking issue with Big Data, lower costs for Merchant Acceptance while pleasing the Regulators and becoming profitable.

It’s that simple…

Doing something with mobile because…

elephant in the roomThere are a number of generally held perceptions in the executive strata about the future of mobile NFC payments, some of which are true, some of which are most certainly not. Invariably, these mobile truths and myths end up driving projects where the rationale is invariably “we are doing something with mobile because…”

Real innovation in the card payments industry is rare due to the simple fact that it works pretty well as it is. And it does that because it’s evolved over time with a strong focus on ensuring the integrity of every payment while increasing convenience and offering additional features that improve the experience of the cardholder or merchant – NFC for payments actually came into being over 10 years ago. However, the big flaw with this trickling, steady evolution is that the world of commerce has down-shifted, floored the accelerator and is now changing at a rate hard to keep up with. This is where mobile is looking to bridge the gap.

…there are more mobile phones than payment cards

While the statement that there are more mobile phones than payment cards is perfectly true (nearly 7bn versus nearly 2bn), the same could be said for cars (over 1.2bn today and 2bn by 2025) which are typically shared by a number of people meaning that around 3bn people now have access to one. Just because something has become ubiquitous doesn’t mean that it fits the need for payments, as aptly demonstrated by the lack of take-up for BMW’s PayPass-enabled car key. The essential component of a payment transaction is a transfer of value from the cardholder to the merchant in return for goods or services, the reciprocal action to a commercial transaction. In order to find the right token to do this with, currently the card, then we need to examine more closely how cardholders use the tools that they have to perform other tasks.

…our customers expect us to

Expectation weighs heavy on some businesses. In the mobile world they know about expectation with every hotly-followed model launch by Apple, Samsung, RIM, Google et al apparently determining whether these international behemoths will rise or fall. There is a great part to this reason, ‘customer’, which is the only place to begin when creating a new solution. However, there is growing evidence that while consumers are interested in mobile payments, few actually want them, and they do not figure in the rationale for changing banking provider for the vast majority of people.

…if not us, someone else will

For a long while there were many that panicked over the impending overtaking of all payment services by Google and PayPal. To date it hasn’t happened. Sure enough there are many non-bank players that have captured a share of the estimate annual 3.5 trillion electronic payment transactions, but the reality is there’s a pretty big pie to carve up and the losers will be those for which payments was a peripheral business anyway. However, if you do nothing and others expand their services, there is a danger of you losing some customers, but typically with few disruptive players aiming at the full service banking market it is more a risk of disintermediation than total separation.

…it is inevitable that people will pay this way

Consumers have a habit of grasping the most ridiculous of concepts or things, and ignoring the absolute deep-seated logic of a well-constructed product. On the face of it, the electronic purse card for low value payments was a sound invention, yet no implementation could be termed successful. When mobile phones moved into mainstream use, who could have predicted the success of SMS as a service and how it has now changed the way we communicate and the way that language is used. The traditional logic for mobile NFC is sound – mobiles have become an everyday tool and create an interactive environment allowing enhanced transaction security. However, there is growing evidence that the device of choice for banking in many markets is the larger tablet format, with a recent customer survey by ING showing that tablets have overtaken PCs as online banking device of choice and drive consumers to pay bills more on time and reduce time spent in overdraft.

Although the market has settled on the bar format for mobile phone during the last few years, a new format war is about to begin amongst the major mobile manufacturers. Apple, RIM and Samsung have all mooted plans for a big move to the watch format, Google continue their experiment with Google Glass and more wearable devices, all of which take us back to the original concept behind contactless cards and NFC (and mobile) – when the R&D guy at MasterCard in 2001 uttered the immortal words ‘wouldn’t it be cool if instead of a card you could pay with your watch?’ Of course, back then at the turn of the century most people wore a watch – mobile proliferation wasn’t anywhere near today’s levels and telling the time was a matter of looking at your arm and not in your pocket (unlike at the turn of the previous century when people kept their watches there!).

Initial contactless efforts were hence focussed on the watch format – but as the noughties drew to a close, numbers of watches being sold was in decline as consumers looked at their phone instead, and so the associated card genii tried to work out what to do with their huge investment in contactless. The answer, it seemed, was in targeting the device that had replaced the watch – the ever-present mobile phone. And so in 2011 we had ‘the year of mobile payments’, and again in 2012, 2013 and probably next year as well. But what of the humble watch, did it give up its contactless ambitions? Not just yet. There is growing evidence that the wrist-watch is making a comeback as a re-invented status symbol, and as mobile manufacturers return to more wearable formats, your arm may find itself useful again.

Defining the ‘something’

We’re finally seeing some big issuance and acquiring programs in a number of markets globally – and the ongoing battle for customer ownership in mobile payments – but perhaps, as mobiles become more personal, and less likely to be left behind as they are now wearable, the original idea of contactless payments will be the potential next evolution of mobile NFC. So what does this mean for NFC payments with mobile?

It means that there are a few choices ahead of banks looking to deploy something in this area – continue with the traditional format and create something with potential limited consumer lifespan; race to get ahead of the curve and solve the ‘wearable’ problem; or focus more on the increasing use of the tablet format and see how it can be developed further for NFC. Which customer segment or transaction segment to target – closed loop, mass, LVP?

With these choices comes complexity as invariably most banks will dabble with each of these until a standardised solution emerges from consumer-driven preferences. And of course, taking into account the considerations of any solution towards the merchant community and ensuring that both sides of the commercial equation are supported.

Complexity breeds more complexity

Today we have a card. It has embossing and magstripe for certain, probably an EMV chip and potentially a contactless interface – all of which have many variables, but finitely defined in order that they can be fully certified to ensure the integrity of every payment. Even simple implementations of mobile NFC add a new layer of complexity due to the considerable variety of devices, location of the SIM and battery, security of the app or other interface and the open nature of the device. Begin to add more device types and formats and your issues grow.

So how to tackle this estuary of complexity? The first place of course is to talk to your customer base – run ideas through focus groups and ensure that there is consumer desire. Work with merchants to ensure that there will be acceptance once you hit the market. And work with an understanding vendor to help you through the certification process as everything else is a pointless exercise if when your solution goes to market it doesn’t work first time, and every time then your customers will invariably be dissatisfied and your ‘something with mobile’ will be an expensive and potentially embarrassing folly.

First published in Globalsmart NFC & Contactless report 2014 (here)

What goes around, comes around

My watch

One of the nice things about being in the payment industry is that you if you have an idea that doesn’t work today, put it in the cupboard because things might be different in a few years time. There’s a few things that I’ve worked on over the years that were perhaps ‘ahead of their time’ or the macro conditions were not ready yet to launch – after all, payments typically are a reciprocal function of other actions in society such as trade and so are influenced to a greater extent by market acceptance than most other.

Take, for example, the original concept behind contactless cards and NFC – one of my former colleagues at MasterCard in 2001 uttered the immortal words ‘wouldn’t it be cool if instead of a card you could pay with your watch?’ Of course, back then (now over a decade ago) at the turn of the century most people wore a watch – mobile proliferation wasn’t anywhere near today’s levels and telling the time was a matter of looking at your arm and not in your pocket (unlike at the turn of the previous century when people kept their watches there!). Initial contactless efforts were hence focussed on the watch format – but as the noughties drew to a close, numbers of watches being sold was in decline (here) and so the associated card genii tried to work out what to do with their huge investment in contactless. The answer, it seemed, was in targeting the device that had replaced the watch – the ever-present mobile phone. And so in 2011 we had ‘the year of mobile payments’, and again in 2012, 2013 and probably next year as well. But what of the humble watch, did it give up it’s contactless ambitions? Not just yet. Indeed, there is growing evidence that the wrist-watch is making a comeback as a re-invented status symbol (here), and as mobile manufacturers look for the NBT, where is the first place that they run to? Back to the things that they sought to replace (here).

So what does this mean for contactless payments? We’re finally seeing some big issuance and acquiring programs in a number of markets globally – and the ongoing battle for customer ownership in mobile payments – but perhaps, as mobiles become more personal, and less likely to be left behind as they are now wearable, the original idea of contactless payments will now be the next evolution – and the guy at Garanti Bank can also call someone to bring him more pants…

Testing times over the pond

Fluttering US flag  I’m in the US this week discussing EMV migration with a number of major institutions – for those of you that don’t know (where have you been?!) the liability shift has been announced by both MasterCard and Visa for this region with a number of other deadlines thrown in for good measure.

The first of these is in April 2013, when MasterCard, Visa, American Express, and Discover will require that acquirers, service providers, and sub-processors have the capability to process any EMV point of sale (POS) transaction, both contact and contactless. No mean feat to accomplish – 0 to EMV in less than 12 months when it took Europe well over 12 years to reach this milestone. Further to this are a few more important dates – primarily October 2015, when the liability shift kicks in. This essentially means that any non-EMV compliant party in the transaction will bear the cost of counterfeit or lost & stolen fraud.

It’s likely that most US issuers will opt for the same CVMs that they use today when deploying EMV – i.e. at POS they’ll use Chip & Signature for Credit and then either Signature or PIN for debit. What’s not clear though is how many of the US debit brands will move towards EMV in a reasonable time frame meaning that the complete migration will probably take as long as Europe, if not longer.

One of the biggest benefits to the US going (just about) last is the lessons learned from other migrations. The down side will be that they have a very unique payments infrastructure with additional parties not prevalent in payment models elsewhere – networks, processors, VARs, ISOs, credit unions and more – plus a scale that dwarfs players in most other markets.

The biggest change that comes with EMV however is the need to ensure that every component of the payments infrastructure is fully certified and remains so – as well as ensuring that any changes or updates don’t have an impact on the end to end integrity. Selecting certified products has been made pretty easy by EMVCo and the brands – there are hundreds of EMV-certified terminals and kernels on the official lists. However, application development and subsequent certification of the packaged end product (terminal, application, implementation) will be a challenge for the diverse middle-men in the US market where competition is hot and margins tight. It also presents new challenges for estate management – any changes lead to at least 4 new certifications with the main brands – and deployment of application updates across such a broad landscape can also be problematic.

So my advice to those entering the migration – test long, certify short – make sure that you’re going to pass any certifications easily to avoid getting bogged down in the inevitable certification queues and have to bear costly delays or iterative expenses. Although they’re ramping up services at the card brands, a processor with hundreds or even thousands of new card profiles to certify could find that just getting this job done before the liability shift is a major challenge. The only way to hope to achieve this is to test, test, test – and then when you’ve done that, test some more so that certification is a formality and not a bottleneck. Testing is all to often an after thought in the payments world (and other IT sectors come to think of it) but as you sit down to plan your EMV migration, start with the test plan.

Now Finally Cool: has Google put the want factor into mobile payments at last?

Support for tablet computers was first included in Windows XP in 2001 and yet until Apple launched the iPad in 2010 the market was focussed on commercial applications such as gas meter reading and street surveys for market research. Perhaps the same will be true of mobile contactless payments using Near Field Communications (NFC) and mobile wallets – in that the addition of Google‘s marketing behemoth and army of loyal fans may finally tip the balance on contactless payment and bring it to the mass market. Google has essentially added its own elements to a simple deployment of Prepaid card on mobile (done already in many countries) backed initially by MasterCard and Citibank. What this brings over other current deployments is the promise of a ‘neutral’ wallet that will support cards from multiple schemes and multiple banks – and of course will later run on any Android phone able to support NFC.

So what’s new in this package? The mobile wallet isn’t new – this was first touted back in 2000 when the first smartphones such as Ericsson’s R380 was used by MasterCard to demonstrate how SET could be deployed to create a mobile payments infrastructure. Sadly this was overly complicated to use and required expensive hardware – two factors that have killed many an innovation in payments. As mentioned earlier, prepaid on mobile with NFC isn’t new either – amongst others, Orange launched a full rollout of the technology with Barclaycard back in May this year. The truth is that despite all of this innovation, technology and promise, the touchpaper of demand for mobile NFC payments hasn’t yet been lit.

It seems that what is ‘new’ is the fact that a company considered by the public to be truly innovative has thrown its hat into the mobile payments ring – perhaps only Apple would have a greater guarantee of success. Regardless, before we get too excited and start dreaming of a life without cards, we should temper our thoughts that Google has first tackled the easier infrastructure of the US Magstripe (as did Square and others before them) where it is considerably technically simpler to accept transactions at POS – perhaps once they succeed in an EMV market such as Malaysia or France we might be seeing the shift that the industry has been waiting for. So still today only time will tell if this is finally the beginning of mass market payments with mobile – or whether NFC will remain the acronym of No Flippin Chance.

Where are the mobile macro payments?

Where are the mobile macro payments? I am talking about the payments with a higher amount than the ones that are defined as micropayments.

Where are they? Where are the examples? Have you ever seen a demo online? Or a cards program offering higher value (say: ‘normal value’) mobile payments? Well, I haven’t found it yet, which is strange because I believe the combination of micro- and higher value transactions through one channel is awesome! It means you only need 1 device to replace all kinds of cards in your wallet.

It looks like they only wish to promote micropayments. You know: the small transactions for which cash is currently the most popular payment method. If the infrastructure is available, a ‘tap-and-go’-tool like contactless cards or mobile devices could promise a faster and more convenient payment tool than cash.

Personally I wouldn’t be easily convinced by a mobile solution if it is only used for micropayments, unless there is an automated system to recharge my account (thank your standing orders and direct debits ;)). What would interest me is a mobile solution by which I can make all kind to purchases, also the €100 ones and higher. But then I also need the guarantee that it is a safe solution and that a personal PIN is needed to authorize the transactions!

I made similar comments already a couple of times on some discussions in Innovation In Payments, and realized I haven’t seen an example of PIN-supported mobile payment solutions yet.

So I started surfing on the net, surfing on YouTube with key words like ‘mobile PIN’, ‘contactless PIN’, ‘mobile payments PIN’ etc. I only looked for about an hour, but it sure proved there is not much around on this niche topic. There are a lot of examples about the ‘tap-and-go’ principle, but the ‘tap-PIN-and-go’… no sign of it!

The only real link I found to movies or an example where a PIN is needed was a PIN code to access a certain application like the Google phone. In other words it was a PIN to access an application, like a key to unlock your wallet. I’m not saying this isn’t an important security measure, but it is not the authorization PIN for a transaction I was looking for. And in all honesty, if Google would only offer micropayments through their mobile wallet solution, than what is the use of linking it to loyalty and coupons, as most of the deals require transaction values higher then let’s say 15 dollar? So I was missing something in the business model…

After an hour I gave up searching and I took the easy way: I called up a colleague of which I was sure he would know the answer. The answer is more or less (for the MasterCard solution): ‘every PayPass-cards portfolio has a combined solution for micro- and macro payments, but it is never promoted’. He proved this with reference to the ‘PayPass M/Chip Acquirer Implementation Requirements’ on page 55. I quote the reference to the PIN (= CVM):

 “PayPass terminals must use ‘No CVM (Cardholder Verification Method) ’ for transactions equal to, or under, the Terminal CVM Required Limit when performing a PayPass—M/Chip transaction. Transactions above this limit must perform CVM processing as specified in EMV 4.1 Book 3.”

 The people who know me better probably can guess my next question already: ‘but why?’ and ‘how? On the demo you only see the reader most often and no option to add a PIN code?’

 Well, in reality it seems that 2 devices are most often combined in this contactless dimension (and not just one like you see in the movies). At least for the open loop system like the ones supported by for example Visa and MasterCard… concretely that means that existing POS terminals often get a software upgrade and an extra device, a sort of reader of contactless cards or phones, that is connected to the POS terminal. The software upgrade can relatively easy be done and is not too expensive. I’m told that the additional reader often require a tougher investment going from €100 for the cheap reader to €300-€500 for the better quality.

 The low value transaction follow a ‘tap-and-go’ principle in which the transaction can be processed EMV-compliant without a PIN code. The higher value transactions will require a PIN code for being EMV compliant. So you tap the mobile against the contactless reader and you type the PIN code on the POS terminal.

 I believe this investment for low value payments only is indeed a tough call for many smaller merchants, however if also the higher value payment can be accepted that way it is already possible to spread the investment over many more transactions (and transactions that support bigger sales).

So why don’t they promote this? A wallet has cards for low value payments, debit cards, prepaid card, credit cards… so why would I only look for micropayments in my mobile wallet? I wouldn’t! Someone like me would be much easier convinced if I knew I could combine several card options in my mobile phone.

And why don’t THEY promote these higher value payments? Well, I am told that the reason is the perception of convenience. Tap-and-go is only more beneficial due to the speed of making the payment, most companies seem to think. And when a PIN must be added the mobile solution would no longer be more convenient then the card solution, at least not faster for processing the payment. Thus, they don’t talk about it.

 I guess it is more a matter of how one defines ‘convenience’. My definition of convenience is at least a different one, in which the combined solution would add more value to me as more solutions could be combined on one mobile device.