The Candid Voice in Retail Technology: Objective Insights, Pragmatic Advice

Mobile Payments: Reports of NFC’s Death Were Premature

						Username: 
Name:  
Membership: Unknown
Status: Unknown
Private: FALSE
					

There was a full page ad on page A3 of the Monday 9/15 San Francisco Chronicle that cried out in big bold letters, “WE THE PEOPLE Want our Money Safer Than Our Selfies. PAYPAL Protecting The People Economy.”

And the tagline read, “Download The PAYPAL App Now And Securely Buy Almost Anything With Just One Touch “.

The timing for this ad cannot have been circumstantial. The people at PayPal see an opportunity to exploit consumer concerns about the ability of retailers and payment networks to keep their data secure. And why not? Given what Paula discusses in her Retail Paradox Weekly (RPW) column this week ( “The Endless Data Security Saga Continues “), it seems past-due to talk about viable alternatives to traditional credit cards, because as Paula explains, for every improvement to card-based technology, there’s someone somewhere who can and will outsmart it, and it doesn’t even begin to solve the exposure created by card-not-present payments (eg. via E-commerce).

There was a lot of news related to payments in the last couple of weeks that deserve mention, but the one that most interested me was the announcement that Apple will implement NFC ( “near field communication “) chips on its new generation of iPhones. The reason this was interesting to me was because a lot of analysts and pundits in the retail technology space (including me, sad to say!) had written NFC off as dead’er than the 96-column punch card- precisely because Apple had before now failed to offer it.

Back in February 2011 (which seems like forever -Steve Jobs was still alive then!), the retail tech world was abuzz with a rumor that Apple would support the NFC chip on its then-new iPhone 5. This was big news because Android phones were already starting to include it, and so the logic went that smartphone based consumer payments were right around the corner. But it turned out that the rumor wasn’t true, and at the time this recalled me to an earlier RPW column (Sept. 2010) when I replayed a conversation I had with Richard Mader, then the NRF’s Executive Director of NRF’s ARTS committee, an industry group that had dedicated itself to the rationalization and adoption of certain standards related to store-centric retail technologies, including payments. At the time, Mader said of Apple: “They’re the 800 lb. gorilla, but they don’t join standards groups, they don’t participate, and they don’t cooperate… To my knowledge Apple is not involved in any industry initiative for mobile or mobile payment. “

Well, as I alluded a moment ago, that was a long time ago, and now Apple has announced that the iPhone 6 will have an NFC chip onboard. But what does this have to do with securing electronic payments better than we’ve been able to do with card-based systems?

Mader’s Next Mobile Phone

I wanted to get an answer to that question, and so I went back to the source of my earlier insight, my friend and colleague Mr. Mader, who responded by saying, “I have always been a proponent of NFC, and was delighted to see the Apple announcement. NFC works as has been proven in Japan and other global locations. (But) the reason the other payment stakeholders rejected it was because they feared that the mobile networks that developed the secure element and NFC strategy would want a piece of the huge interchange fees. HCE gave NFC a second chance after being declared dead by many payment ‘experts’ by moving the secure element to the cloud. “

Okay, some explanation of terms and concepts is necessary here. By “secure element “, Richard is pointing to the fact that NFC chips have “protected access memory ” – which can only be accessed by an application that has the right key, which in turn is supplied by the chip manufacturer. “HCE ” means “host-card emulation “, which creates a way for NFC-enabled smart mobile devices to get around the burden of provisioning an app with a key to read the device’s secure element in order to get consumers’ sensitive payment info. In February of this year, Mastercard announced support of NFC-enabled mobile phones using HCE. The announcement proclaimed, “An open architecture, HCE enables payments and other NFC services – including loyalty programs, building access and transit passes – to be delivered without the use of a secure element (SE). “

Mader went on to say, “Apple’s announcement not only embraces a form of NFC, it includes the secure element within the phone. The account number never leaves the phone, tokenization a BIG security key is built into ApplePay… This will be very interesting. Apple has several advantages, because millions of iTunes users already have a credit card on file, and Apple mobile devices are dominant in retail. The negative is that I understand members of MCX (the Merchant Customer Exchange, sponsored by Walmart) as part of their membership have to agree not to use mobile payment solution other than MCX (MCX uses QR codes to initiate transactions). “

So Apple’s NFC decision effectively pits the technology giant against MCX and its members like Walmart and Target. In the meantime, the bank networks are pinning their hopes on HCE. Mr. Mader’s bet? “Next month I will buy my first Apple iPhone. “

The Definition of Insanity Revisited

We’ve all heard Albert Einstein’s famous bit of wry wit and wisdom: “the definition of ‘insanity’ is doing the same thing over and over, and expecting different results. ” In her column this week, Paula correctly states that, “No static standard can keep us safe in a rapidly changing world. ” Card-based systems that put consumers’ sensitive information on the card are inherently static (because they depend on physical distribution of the cards), and even when the cards are protected with some onboard security, the design is still basically just an improvement on an the same old way of triggering an electronic payment. Digital payment platforms, whether ApplePay or PayPal (or HCE for that matter), offer new ways of getting the job done. The Apple announcement – even though currently it is only intended for ApplePay – moves consumers one big step closer to a new, and hopefully more secure, result.

Newsletter Articles September 16, 2014
Related Research