Dec 21, 2005

Contactless opportunities and challenges

Six months have gone by since the initial wave of mainstream media articles and blog postings on contactless in the US. At the time, the articles were mostly corporate press releases, modified a little bit here and there. What is being said today? What are the challenges facing contactless? What can be done to address those challenges?

Contactless payment is all about providing customers a new, enhanced payment experience. Customers pay by waving the card instead of swiping it, and the transaction is faster for low value purchases because there is no need to sign a receipt. Even if contactless bank cards are in their early stages and still face adoption challenges, the technology has already made a positive impact by helping the payments industry focus on two important subjects: re-inventing the moment of payment, and making payment as fast as possible.

The New York Times did an article on contactless a few days ago. The article starts out rather positive about contactless then quickly becomes surprisingly negative. “The notion of flash payments sounds hip and fabulous,” writes the author, “especially this time of year, when beleaguered holiday shoppers can feel like they waste entire weekends in the long approach to a cash register. But the whole idea of paying in the blink of an eye raises financial red flags for me.”

According to the author, while contactless technology may benefit banks and retailers, customers end up spending more and could lose touch with where all their money goes. “In my experience,” writes the author, “most humans would rather eat their two-page, itemized checking statement than read it. Start adding newspaper, muffin and gum purchases, and the time you've saved by using insta-payments will be lost figuring out where all that money went - if you do any figuring at all. There is a simpler and more elegant solution. It's called cash.”

This is one person’s point of view, of course. Customers that are concerned about the issues raised in the article can simply choose not to use their cards for small purchases. Still, it is disturbing that the New York Times presents cash as a “simpler and more elegant solution” to contactless.

A Google search revealed 15 recent mainstream news articles on contactless payment. Ignoring the 3 corporate press releases, nearly all of the articles attribute the speed gains to two things: waving the card instead of swiping it, and not needing to sign a receipt. The two are presented as equally important. More than half of the articles also raise concerns that the technology could create risks of fraud and identity theft.

Here are several examples:

“Credit card users are finally free of the burden of swiping their cards and signing their name.”

“The appeal is that there's no need to run them through a machine. And no signing for purchases less than $25.”

“New technology lets customers skip the swipe and the signature, but is it safe?”

“But should a contactless payment card, key fob or any other device that's linked to your credit or checking account get lost or stolen, it could be potentially easier for a thief to use it. That's because in order to speed up the checkout process, contactless payment cards require no signature for purchases under $25. And even if a signature is required, the card supposedly is never handed to the clerk for verification.”

“Some critics also worry that the technology could be vulnerable to electronic pickpockets moving through crowded locations, such as a subway car, with portable scanners surreptitiously lifting credit card numbers.”
(Pittsburgh Post-Gazette)

Contactless comments from the blogosphere

Engadget, a web magazine that specializes in gadgets and consumer electronics, recently did a post on contactless cards. Within six days, the post had received 99 reader comments, almost enough to make it one of the top 15 most commented posts. Most readers left negative comments, mainly concerning security risks. Interestingly, a second theme also appears frequently: readers question whether waving a card is really a big improvement over swiping.

Here are a few examples:

“The incredibly minor benefit is not worth the rather substantial annoyance (if your credit info is hacked).”

“It might not be as big of a security risk as some people are making it out to be, but honestly, how much of a risk is it worth to wave a card 4 inches from a device rather than slide it through a scanner?”

“Is the 1 second difference in ‘pull your card out of the wallet and hold it near the scanner’ and ‘pull your card out of the wallet and swipe it’ that much of a convenience especially when compared with the huge security risk?”

“I say if you have time to wave the card it’s about the same amount of time to swipe it the old fashioned way and also much safer.”

“How lazy and weak have we become? Swiping is now too hard. The friction of pulling the card through the grooves is just to much for some people to overcome? Sheesh.”

Some readers were more constructive and offered ideas to make the cards more secure:

“Get a tinfoil wallet. No, seriously, make a foil pocket for the card in your wallet. It should ‘foil’ any malicious attempts to read the card info.”

“HEY i got an idea! why not make it so that the card has a tiny button on it so that in order for you to make a purchase you push some kind of button on the card to activate the RFID chip in the card so you know for sure that you aren’t paying when you shouldn’t have to. although i don’t get the point of the cards in the first place. you still have to take the card out of your wallet, so you might as well swipe it instead and it would be more secure.”

What does all of this mean?

Why is it that mainstream media and blog comments are so heavily concerned about the perceived security risks of contactless payment? It’s tempting to say that the issue will simply disappear with time, and I would normally agree if only a few articles mentioned it. But there is so much focus on security that banks can’t simply shrug it off. To make matters worse, in 2005 Americans saw extensive media coverage of a disturbing number of credit card data security breaches, some of them very large, which could be making the public less confident that banks are able to protect consumers. Sure you can call your bank when you see something strange on your monthly credit card statement, that’s great, but you have to pay much more attention than in the past.

To me the heart of the matter is that the perceived benefit of waving your card instead of swiping it is just not big enough to move the focus away from security risks. Contactless cards need to offer more benefit than simply waving them in front of a reader. If the benefit is big enough, the risk appears smaller, more tolerable.

I know that enhancing the payment experience is a difficult task involving many different, unrelated parties. Especially in the US, where banks gave up ownership of the moment of payment when they sold their acquiring businesses to First Data. Today, very few US banks have a holistic grasp of the payments infrastructure, and virtually none of them own the moment of payment. So the contactless initiatives in the US are actually a brave attempt at enhancing the moment of payment in an environment which makes it extremely difficult to do so.

Still, we need to be more demanding. The huge investments in contactless demonstrate that many people understand that the payment experience needs to be enhanced, improved, and made more fun and exciting. The payment experience has been the same for the last 3 decades, it’s about time we start re-inventing it! But simply waving the card instead of swiping it? I know we can do more than that.

This was a long post. I’m going skiing. Merry Christmas and Happy New Year everyone!

Other related links:
Accelerating card acceptance at cash-heavy retailers
A Report on the Chase blink card test market in Denver
Update - blinking along in Denver
How Blink Technology Works

No comments: