- PROJECT HELP
If February represented a turning point for the mobile-wallet market in the U.S. and beyond, then March brought with it an intense debate about what recent developments mean for the payments industry going forward.
No story garnered more attention on Mobile Payments Today last month than my quick hit on Samsung Pay, which Samsung announced at the Mobile World Congress. Samsung tipped its hand about its mobile-payment plans two weeks earlier when it acquired LoopPay, which turned out to be one of the worst kept secrets in the industry. Nonetheless, Samsung, Google, and PayPal were hot topics at the annual MWC in Spain.
Two security-related items appeared in MPT’s top articles and blogs last month.
Peri Kadaster, the director of strategy and marketing at Monitise, wrote a blog post about how HCE is ready to takeoff at the point of sale and many industry observers believe the same thing.
Kaushik Roy, the senior vice president of product at Sequent, discusses how dynamic issuance and on-device security and management can work in tandem with tokenization on smartphones. Tokenization has taken on a life of its own the past six months as it relates to mobile payments.
I attended the All Payments Expo in February and recapped my visit in an article about bridging the gap between plastic cards and mobile payments. And guess what? Cards aren’t going to disappear anytime soon!
Come back and join us next month for the April edition of the 5 for 5.
5. "Is HCE ready to transform the point of sale?" - Peri Kadaster, the director of strategy and marketing at Monitise, wrote a blog post about how this technology is expected to take off in 2015 and beyond.
The payments world is filled with enough acronyms to form a kind of alphabet soup – ACH, NFC, HCE. Each one of these payments levers can be the subject of books on their own, so today we’ll focus on one, arguably one of the most exciting innovations in payments – HCE.
Credit cards can act as an intermediary between banks and consumers, allowing them to make real-time purchases in bricks-and-mortar stores, websites, and even withdraw cash from ATMs. The point-of-sale (POS) machines that initiate the actual credit card transaction have seen relatively little innovation – until recently.
Up until the last decade, the most common type of credit card POS device was an imprint machine that would copy card information onto carbon paper. Since then, handheld POS machines have become the industry standard in developing and developed markets alike, dominating the market. But recently the number of options for merchants has increased as chip technology enables users to tap to pay, and mobile dongles like those from Square can turn any smartphone into a mobile POS.
What all of the above have in common is that they are card-present transactions – where the card is physically present at the time of transaction and that, in some way, interacts with the POS machine. Another type of transaction – which has spiked as ecommerce has grown – is the card-not-present transaction, where the card does not have to be physically present or visually examined by the merchant. Orders placed by phone or websites are the most common examples.
4. "Bridging the gap between plastic and mobile payments" - The payments industry is trying to figure out the best ways to combine physical cards and the smartphone to create something tangible for consumers.
Mobile payments have hoarded technology headlines for the past three weeks.
Samsung, Google, and PayPal during that time have all made acquisitions to bolster their respective mobile plans.
But what might get lost in the recent hoopla is the fact that plastic still plays a significant role in payments. Consumers in the U.S. are experiencing the transition to EMV as chip cards arrive in the mail. Gift card malls still litter supermarkets and pharmacies. The U.S. Treasury and the Social Security Administration urge consumers to receive their benefits in an account linked to a MasterCard prepaid debit card.
At this point, the payments industry is trying to figure out the best ways to combine plastic and the smartphone to create a harmonious relationship.
3. "The consolidation game in the mobile payments market" - Rob Stringer, the vice president of marketing and product development for Cortex MCP, shares his thoughts on what we've seen the past couple of weeks in the industry.
Basically what Stringer did in this article was breakdown the recent string of deals we saw happen in the mobile-payments market.
Stringer summarizes Google’s purchase of Softcard’s assets, Samsung’s acquisition of LoopPay and PayPal buying Paydiant.
Read the rest of the article.
2. "Tokenization is not enough: The role of on-device software for secure mobile payments" - Kaushik Roy, the senior vice president of product at Sequent, discusses how dynamic issuance and on-device security and management can work in tandem with tokenization on smartphones.
HCE cloud-based mobile payments have opened a new chapter in the industry's thinking around security of card data on-device and the risk management associated with it.
The lack of secure element hardware storage on-device creates the need for strong software based solutions to mitigate the risk of storing sensitive card data on phone memory. Tokenization has emerged as one of the most important solutions for enabling secure cloud-based payments. By replacing something of high value, the secure Personal Account Number (PAN), with something of lower value, the limited-time use card data or "token," tokenization protects the original PAN number from misuse.
But is tokenization alone enough?
Traditionally, tokenization means one-time use data. If one-time use card data is provisioned to the phone then the security risk of the data in open is restricted to that transaction only. However, as per EMVCo specification on tokenization, the definition of token is alternate PAN, which is not the same as one-time use data. Consequently, tokenization specifications being implemented in commercial services today provision tokens to phones with extended active life spans – opening the window for potential fraud. Hence the role of tokenization in cloud-based payment security for proximity payment has lesser importance than it is often given. The main security it provides is that a hacker cannot use the stolen card data online or other channels.
1. "It's official: Samsung Pay is real" - Samsung will use a two-pronged approach to mobile payments: NFC and technology from recently acquired LoopPay.
Almost two weeks after the industry first saw its official glimpse into what Samsung planned to do in the mobile-payments market, the South-Korean based electronics manufacturer revealed Samsung Pay Sunday at the Mobile World Congress in Barcelona.
While Samsung Pay will not launch until the summer, it will come to the market with a distinct merchant acceptance advantage over Apple Pay and Google Wallet.
Samsung will use a two-pronged approach to mobile payments thanks to its recent acquisition of LoopPay, which developed a proprietary contactless payments technology that is supposed to work with 90 percent of the point-of-sale terminals deployed in the U.S.
Samsung embedded LoopPay's technology into the new Galaxy S6 and Galaxy S6 Edge smartphones. The new devices will still rely on NFC chips to enable users to conduct tap-and-pay transactions at contactless-enabled point-of-sale terminals. But if contactless is unavailable, LoopPay’s Magnetic Secure Transmission technology can "communicate" with magnetic-stripe reader currently present on all terminals. Samsung Pay will sense which option is available and adjust accordingly.