Take On Payments, a blog sponsored by the Retail Payments Risk Forum of the Federal Reserve Bank of Atlanta, is intended to foster dialogue on emerging risks in retail payment systems and enhance collaborative efforts to improve risk detection and mitigation. We encourage your active participation in Take on Payments and look forward to collaborating with you.
Federal Reserve Web Sites
Other Bank Regulatory Sites
July 9, 2012
Can clouds and contactless chips coexist?
Mobile wallets have started to make their way into the market this year. Inevitably, industry stakeholders are joining opposing camps on the technology that these wallets use to keep payment information and other personal data safe and secure: contactless chips or cloud-based technology. The chips are embedded in a mobile handset that communicates with a terminal via near field communication (NFC), while the cloud-based technology involves an application downloaded to the mobile handset.
If the critical mass necessary for the successful adoption of a payment system relies on acceptance interoperability and technical standardization, can these two solutions coexist in a future mobile payments system? Or will technology debates threaten near-term interoperability and consumer adoption?
The first generation of mobile wallet trials such as Isis and Google are using contactless NFC technology. This is not surprising as early discussions found consensus on the need to move as an industry to NFC for mobile payments. In fact, as my coauthors and I noted in our 2011 paper, "Mobile Payments in the United States: Mapping out the Road Ahead," one of the key tenets agreed upon at the time by industry stakeholders for a safe and secure mobile payments system was the use of contactless NFC technology.
However, since that time, new mobile providers have been rolling out wallets that do not use NFC. Instead, they rely on store payment credentials in remotely based servers, more commonly referred to as the "cloud." The PayPal wallet, for example, leverages consumers' existing PayPal accounts where payment credentials are stored.
Benefits and challenges
Numerous complex variables are at play in the debate on NFC versus the cloud. A recently published TSYS whitepaper authored by Scot Yarbrough and Simon Taylor, "The Future of Payments: Is it in the Cloud or NFC?," provides a comprehensive explanation of the benefits and the challenges that opposing business models face.
The authors summarize the case for NFC by noting that it is backed by the major card networks and offers the capability to store and send information other than payment, such as contacts and videos. The case for payments in the cloud has a supply-side incentive in that the infrastructure costs are much lower for the merchants at the point of sale.
Both systems face challenges, of course, as evidenced by the current low adoption levels for any particular wallet. The TSYS authors note that cloud technology payments may offer so many different choices, "how many ways to pay will the consumer want to learn and adopt, especially when he or she can simply reach into their pocket, pull out their credit or debit card and pay?"
They also note that NFC is also not without flaws. Building consumer experience will require compelling value propositions to encourage new payment behaviors. Further, the complexity of the ecosystem to manage the payment credentials in the chip inside the mobile device among various players in the business model creates economic challenges as well.
In the near term, cloud-based solutions will likely disrupt the payments landscape as merchants look to manage their share of the infrastructure investment for new payments. As wallet providers identify efficiencies and optimal security propositions for data residence and transit, it is possible that hybrid business models will emerge. Finally, the TSYS authors aptly note that future game changers will likely alter the current argument completely. Will merchant investment costs matter in a future where the mobile handset is also the merchant's acceptance terminal?
By Cynthia Merritt, assistant director of the Retail Payments Risk Forum
TrackBack URL for this entry:
Listed below are links to blogs that reference Can clouds and contactless chips coexist?:
- EMV Comments That Make Me Cringe
- Taking a Quantum Leap into Payment Security
- Looming Questions with the Rollout of NACHA's Mandated Same-Day ACH Rules Change
- AdmiNISTering Passwords: New Conventional Wisdom
- Mobile Banking and Payments—What's Changed?
- Risk Mitigation Isn't Just for Banks
- The Simple Consider Three but Four is the Key
- As with Nuclear Disarmament, So with ACH: Trust, but Verify
- The Personal Cost of Fraud
- When Fraud Hits Home: Questioning Today’s Authentication Methods
- October 2016
- September 2016
- August 2016
- July 2016
- June 2016
- May 2016
- April 2016
- March 2016
- February 2016
- January 2016
- account takeovers
- ATM fraud
- bank supervision
- banks and banking
- card networks
- check fraud
- consumer fraud
- consumer protection
- cross-border wires
- data security
- debit cards
- emerging payments
- financial services
- identity theft
- law enforcement
- mobile banking
- mobile money transfer
- mobile network operator (MNO)
- mobile payments
- money laundering
- money services business (MSB)
- online banking fraud
- payments risk
- payments study
- payments systems
- phone fraud
- remotely created checks
- risk management
- Section 1073
- social networks
- third-party service provider
- trusted service manager
- Unfair and Deceptive Acts and Practices (UDAP)
- wire transfer fraud
- workplace fraud