Brett King

Posts Tagged ‘Contactless’

Banks and Credit Card Issuers beware – Apple just stole your business

In Customer Experience, Mobile Banking, Retail Banking, Technology Innovation on October 17, 2010 at 23:01

200 individuals were the first to receive credit cards issued by Diners Club in 1950, the brainchild of Frank McNamara. It was the start of a completely new era in personal credit and payments. American Express entered the credit business with its own card in 1958, within five years had issued more than a million cards.

Today there are more than 1.6 Billion credit cards in circulation, and the US credit cards industry generates $2.8 Billion dollars a year in revenue. One in 12 households in London (or 8 per cent) have used credit cards to pay their mortgage or rent in the last 12 months and outstanding credit card balances stood at £63.5 billion in November 2009. By 2013, China’s consumer credit market—encompassing credit cards, mortgages, and other personal loans—will account for 14 percent of profits in the banking sector.

Growth in Contactless Technologies

In recent times we’ve seen the move to NFC or Near-Field Contactless credit cards. It is estimated that NFC enabled credit cards will reach the tipping point in 2011, with a total of 30 million British contactless bank cards alone being issued by then. The ease of use of an NFC-enabled card is obvious, no swiping, no inserting. Steve Perry from Visa Europe said that the rising popularity of contactless technology brings the promise of a cashless society where there is no longer any need for people to carry notes and coins around with them.

“Contactless is as revolutionary as the shift to internet payments was five years ago. It will mean having no notes and coins – it will certainly mean having no coins. It will move us almost to a cashless society.” – Steve Perry, Visa Europe

But as the modality shifts toward NFC, the reality is that the physical card itself does not represent a competitive advantage or differentiation for banks or issuers, not that it does today. Once the move to NFC-enabled POS terminals is ubiquitous, it’s probably easier just to carry your phone to make payments than a gaggle of credit and debit cards. That’s not going to happen overnight though right? Cards as a product are still too strong to be replaced by mobile quickly, so we have plenty of time right?

It will happen quick…

WRONG. We know that Apple is working on an NFC-enabled phone, and given their recent hires in the space, it is assumed that the iPhone 5 will be the platform for this change. So how will Apple’s NFC-enabled iPhone 5 work? We know a few things about the likely capability of the phone based on the patents issued by Apple. Firstly, the payment application will be a core app integrated into the phone, there will be a biometric strip (presumably enabling fingerprint authentication) and the phone will ostensibly work just like an EMV-chip credit card.

Some of the detail of Apple's NFC patent for the iPhone

The question you are probably asking is, how will the payment mechanism work? Here’s where it is largely speculation because Apple is being extremely tight lipped. We know that the primary payment app will work as an interface to your bank or credit card company as you need it to. However, it doesn’t take a rocket scientist to work out that Apple could use its current iTunes store platform to provide stored value for an effective debit card mechanism. If Apple was to use this mechanism as the underlying currency or stored value behind their core ‘debit card’ equivalent payment capability, they would effectively become a bank overnight, and one with perhaps an even stronger differentiation than any other debit card on the market today. Other handset manufacturers and mobile platform providers would be sure to follow as Apple’s payment capability quickly becomes ubiquitous. That is, if the payment networks talk to Apple’s iTunes store…

Competing with Apple, Google and Microsoft Mobile

So how will banks compete in such an environment? Well banks can’t issue their own mobile phones like Apple or Google’s partners can, and plastic cards and checks look downright archaic in comparison to such a payment paradigm. The only choice of Card issuers and banks would be to embrace the new technology and scramble to partner with the handset manufacturers and mobile OS owners. Visa has already deployed their Visa Paywave solution on the iPhone, but currently you need a cradle or sleeve that the iPhone sits in to do the sexy NFC bit, that simply won’t be necessary on the new device.

So the question for banks in this new environment would be how do we now issue cards to customers? Do they have to come into the branch for us to configure their phone? Given how easy it is to upload iTunes credit, this would be a huge competitive disadvantage, so the compliance procedures applied to the current physical process of card issuance become a millstone around the bank’s neck and result in rapid disintermediation. Within the space of 3-5 years, banks no longer have a credit card business. Sure, they might eek out a small business settling payments between Apple’s iTunes store and the bank, but compared with the size of the card business today this would be miniscule.

Challenges Ahead for Banks

What about if a customer could download a new “credit card” from the iTunes’ App store, or from Google’s Marketplace? Well how would you qualify for the card as a customer, are there different card apps for each bank, what is the onboarding and risk assessment process?

Don’t be tempted to think that the protection of existing payments networks or a bank license will protect your existing business from such innovation. If Apple does launch their NFC phone and announces collaboration through Visa and Mastercard’s payment network, do you honestly think with millions of iPhone 5’s going out the door that the regulator is going to call a halt to payments from a phone?

Seriously, if you are a bank, it’s likely that in just 8-9 months you’ll be faced with competition from non-banks who can do the whole NFC-enabled phone payments thing much faster, easier and more compelling than you ever could by issuing a plastic debit or credit card. And guess what?

If you’re the CEO of a bank, you probably don’t even have someone appointed to work on mobile credit card onboarding yet, so what’s the likelihood you’ll be ready to compete?

Let’s try plan B – let’s go to the regulators and see if we can stop mobile phone payments as a mechanism shall we?

Advertisements

Online Fraud and Privacy is not that big a deal…eventually

In Retail Banking on August 4, 2010 at 20:34

I hear a lot of individuals in the financial services space expressing concerns about the risk of conducting business online, the lack of privacy in social media, the issues of identity theft and so forth. I’m not sure what these proponents of the ‘high-risk involvement’ model hope to accomplish, but if they realistically think that flagging concerns about privacy and online fraud will make ANY sort of dent in the progress of digital engagement through online, mobile, or social media – their mental health may need to be assessed. The best they can hope for is increased awareness of the issues.

Dealing with the digital landscape as far as payments and identity is inevitable. The issue becomes how to manage your online presence moving forward, and not if you should be conducting commerce digitally or participating in social networks.

It’s easier to commit fraud offline

While we hear lots about online fraud, the fact is that when it comes to things like credit card fraud, it is still far, far easier to commit fraud when a physical card or physical process is involved. Recently I was in London launching BANK 2.0, and at every restaurant where I presented my card, the waiter would come to the table with a wireless POS terminal to present my card. This is undoubtedly because of the simple risk associated with letting my credit card out of my sight. It takes just seconds to run a card through a mag reader and replicate that card physically. Even with CHIP and PIN, which is common throughout the EU, it would not be that hard to shoulder surf your PIN number if I really wanted to.

I used a foreign credit card in the UK, however, so I am not afforded the protection of PIN when I’m visiting the UK. In most instances I was actually asked to show my card to verify the signature, but in reality if someone had duplicated my card, then the signature they’d be using would be one they had created in any case. In the US , there is not even the protection of CHIP and PIN, and the physical processes allow for easy access to copy a credit or debit card.

The fact is, the weakest link when it comes to fraud is always the physical medium. Granted, phishing attacks designed to glean your account number and password for Internet banking is today a major issue, but again the weakest link is not the technology but the customer who willing submits his information to a fraudulent site.

Many markets have already solved this problem through two-factor authentication (TFA). The markets who have moved slower on this innovation, are obviously now reaping the reward for their lack of innovation. It is, in fact, not that fraud is easier online, it is that card issuers, retailers, banks and regulators simply are not keeping up with the behavioral shift to digital and have not leveraged the quite simple technologies that actually make digital more secure.

The US is only now moving to new POS infrastructures around contactless cards, and the fact that the EU still has yet to broadly adopted TFA are just examples of lack of innovation in fraud management. Customers move with innovations in the digital space, banker’s don’t and fraudsters exploit the gaps while they can.

Increasing digital interactions are inevitable – deal with it.

I find it amusing that those that are strongest in vocalizing the risks in online privacy are often those that in reality have the most to gain. For example, while check (or cheque) fraud is less frequent today, the fact is that the check in itself is an outmoded payment mechanism. It is not an efficient way to pay in almost any measure that makes sense today. Checks are cumbersome to carry, error prone, easily corrupted, costly and are increasingly difficult to handle, especially if you are trying to cash a check issued cross-border for example.

I’ve heard bankers argue till they’re blue in the face that checks are here to stay, and yet in the same breath they admit that they don’t know how they are going to continue to afford to process checks and admit data increasingly shows that in developed markets checks are in terminal decline.

So why aren’t banks rushing to embrace person-to-person payment capabilities, improving interbank connectivity, and trying to integrate better, simpler security mechanisms into electronic interactions? The only thing I can figure is that there is so much organizational inertia around traditional mechanisms like checks and TT’s that is often just seen as too hard to change.

The fact is today that no government, no bank, no threat on the planet, could viably stop the adoption of social media, mobile phones, payment technologies like P2P and other such innovations. It is simply a question of how soon – not if.

How digital will be far safer

Commercial interactions in the digital realm are instantaneous, completely auditable, measurable and can occur anytime, anywhere without the requirement of any specific physical instrument, except a browser or mobile phone. The fact that I can pay you in real-time, without any special process or instrument is ultimately the big draw-card.

So how do we make it safe. Embedding payments into the phone is the first step. The combination of the phone SIM, the ownership of the physical platform (handset) and the payment process will be safer than today’s credit card process. However, the simple incorporation of biometrics, the most promising being fingerprint, voice or facial recognition, will make such transactions magnitudes safer than current physical payment processes, including cash.

The likelihood is that Apple, Google or the handset manufacturers will likely be the ones to lead with these technologies, rather than banks working to incorporate such into the platforms. But the patents are already out there, we’re just waiting for the commercialization.

Biometrics are the ultimate solution to digital privacy

What about privacy?

The reality is, I don’t know of one individual who has stopped using Facebook, Twitter, email or their mobile phone as a result of privacy concerns. That doesn’t mean as individuals we should be complacent. The fact is, that we’ll probably end up with two distinct personas when it comes to the digital space.

  1. Our public persona, where we accept a compromised privacy level in respect to our personal details (email, profile, date of birth, etc), and
  2. A secure persona, which we will protect fiercely because of the financial implications or risk.

The biggest risk to our secure persona today is identity theft. Recent twitter hacks, facebook scams, hotmail account takeovers and other examples occur because it is still relatively easy to get someone’s credentials through an App, phishing site, or other such methods. Again, the answer here is that our secure persona needs to be linked to biometrics and not weak mechanisms around an ID and password. I don’t see anyone working on this as yet, but it is the obvious answer and the core technology is pretty much there. We just need one of the big Social Media networks like FB or say Apple with their iPhone/iPad to embed it and it will become ubiquitous fast.

But one thing that won’t happen is a mass exodus away from digital innovations through privacy concerns.

Pervasive Banking or Irrelevance? You choose… (Huff Post)

In Mobile Banking, Retail Banking, Strategy, Technology Innovation on March 15, 2010 at 22:16

Why do we use cash? Why do we use banks? The basic premise is that banks are necessary to create a flow of cash and enable commerce, with built in protections. Secondly, they can hang on to our money securely, and although we don’t get much interest these days, we do generally have the protection of the FDIC or some other mechanism to ensure we never lose our deposit. However, these days when we deposit money it just generally sits on some computer as ones and zeros, we don’t physically (or vary rarely) go down the the bank and actually deposit cash over the counter. In fact, I can’t remember the last time I ever deposited or withdrew cash from a bank branch. I know I go to the ATM to get cash out, but all my deposits these days are generally electronic.

Banking is just not in your face anymore, it’s simply a utility we make use of day to day. The banks are the wires, the FED is the generator, and while the banks have traditionally owned the ‘meter’ (e.g. the branch, ATM) we’re seeing a rapid disintermediation of banks from the retail coal face. We are about to see the end of

Today I downloaded the new Bump enabled PayPal application for my iPhone. The app was launched at the SXSW event (South by Southwest) and on the iTunes platform yesterday, and it is a retail banking killer! We knew this was in the pipeline, but the launch of the app is something that we’ll look back on as one of those defining moments of this decade.

When PayPal launched none of the banks really took it seriously. In fact, most banks to this day don’t really interface with PayPal at all. Yet, for sites like eBay and Amazon approximately half of the payments made are done through PayPal today. Banks totally missed out on the opportunity to capture the online payments space, as did Visa, Mastercard and Amex largely – they took their time worrying about security, fraud prevention, and such things and in the meantime PayPal took truckloads of market share off them.

The same thing is happening in the mobile payments space right now. PayPal, POPMoney, Square, Verifone and others are making a play for the mobile payments space in earnest. Apple has a patent for integration of NFC (Near-Field Contactless or Near-Field Communications) payments into their next generation or 4G iPhone. Bankers are sitting back wondering what all the fuss is about…

Bump your phone to pay with PayPal

When PayPal came along bankers I knew said “no one would trust these guys enough to use them for online payments…” – they were so wrong. Now with mobile payments being discussed I’m hearing “no one will abandon cash for mobile payments, that’s not realistic…”. I’m not saying it will happen in the space of a few months, but over the next 5-7 years in developed economies I expect this to have a huge impact on the viability of ATM networks.

The problem with pervasive mobile payments is that the value proposition for my bank just got cut in half. In a very short period of time, I may never even have to use my bank’s ATM at all. I certainly won’t be using checks. In fact, the last check I wrote was more than a year ago – so I won’t miss them.

My phone becomes my debit and credit card. I can pay the plumber who comes to my house by just bumping phones with him. I can pay at McDonalds, Bloombingdales, Sears, Wall Mart or Marks and Spencer by swiping my phone across the top of a point-of-sale unit. When exactly would I need cash? Taxi cabs maybe? Nope, I can already pay for those with my contactless debit card – so my phone will work with that too. Buses and trains? Nope, in cities like Hong Kong, London and elsewhere I just use a contactless card (in HK it’s the Octopus, and London the Oyster). I’m guessing my NFC will work with those conventions too.

So where is the value of my bank in this equation? Remember the electricity network analogy? It’s not in the meter because banks aren’t pervasive enough. Banks have let card issuers (Visa, Mastercard, Amex, etc) become pervasive at the point-of-sale, and they’ve relied on branches and ATMs to be pervasive. But branches and ATMs are based on our need to physically deal in cash or checks. Those days are quickly disappearing.

The only solution for banks is to become more pervasive with their solutions and services. I won’t be going down to the branch to apply for a personal loan or a mortgage, you need to be ready as a bank to provide me that product when and where I need it. Point-of-impact is what I call this concept. When I’m online booking my next holiday, offer me a great personal travel loan built into the online experience. When I am walking into my favorite retailer offer me a cheap line of credit instead of me using my credit card, or offer me a discount for using your bank’s debit card – you could use location based messaging or point-of-sale technology to deliver the message. Put bankers out on the road at property shows with the ability to sign me up for a mortgage there on the spot, instant approval.

Go where I need you – don’t wait for me to come to you. Chances are, I’ll bump you off…