Will They Ever Get Mobile Payments Right?

Brian Hicks

Posted November 3, 2014

Recently, I was in the hospital with my wife for the birth of our first child. In the middle of the day, while she was napping, I ducked out to the hospital cafeteria to pick up a snack.

When I got in line to pay, I discovered the cafeteria’s credit card processing system was down.credit card imprint machine scanner

To pay for the food, I had to run my card through one of those big metal “ka-chunk” machines that puts an impression of a credit card on a paper receipt.

Just a week later, I found myself going through the same process at our neighborhood grocery store when its system went down.

It’s 2014, and we’re still regularly using credit card processing techniques from more than 60 years ago.

Payment processing systems in the United States are incredibly fragile and often painfully behind the technological curve.

Think about it: They’ve had chip-and-pin credit cards for a decade in the UK, and Japan and South Korea have had mobile phone-based payment systems for nearly as long.

Why is it that we’re having so much trouble modernizing our payment systems? Payment-by-NFC (near-field communications) has been a promising technology for the last five years, but it’s still struggling to get off the ground.

What gives?

The Market

First things first: There are a lot of competing interests.

Companies from many different sectors are throwing their hats in the competitive ring for mobile payments. In addition to payment processing companies and credit companies, there are wireless network operators, retailers, consumer electronics companies, and general tech companies all vying for a stake of the first big NFC success.

Apple (NASDAQ: AAPL) unveiled its Apple Pay framework to much fanfare this past September. The system allows iPhone users sync up their credit/debit cards with their iPhones and Apple Watches and use their devices in contactless payment systems.

It’s essentially identical to what Google (NASDAQ: GOOG) debuted back in 2011 with Google Wallet, which was itself similar to a system called Isis that was developed by AT&T, Verizon Wireless, and T-Mobile USA back in 2010.

What do any of these companies stand to gain from such an endeavor?

Well, they get to insert themselves into the middle of the payment stream from sender to processor to recipient.

Some retailers don’t want Apple or Google acting as a middleman in their transactions. National drugstore chains Rite Aid and CVS made headlines when they disabled both Google Wallet and Apple Pay systems in their stores.

The two retailers are part of a consortium called MCX (Merchant Customer Exchange), which includes Wal-Mart, Target, Best Buy, Sears, Lowe’s, Shell, and others.

In total, the consortium runs more than 110,000 retail stores that process over a trillion dollars in payments per year.

The group has been working on its own touchless payment system called CurrentC, which could easily stand in the way of other companies’ efforts.

Representatives from Wal-Mart told the media that MCX stores wouldn’t accept Apple Pay because they wanted to serve their own customers’ needs.

“Ultimately, what matters is that consumers have a payment option that is widely accepted, secure, and developed with their best interests in mind. MCX member merchants already collectively serve a majority of Americans every day. MCX’s members believe merchants are in the best position to provide a mobile solution because of their deep insights into their customers’ shopping and buying experiences.”

But there’s a problem with this…

Security

Before CurrentC even had a chance to officially debut, it was hacked. The personal information of people who expressed interest in becoming CurrentC users was swiped from the signup system.

In the last week of October, MCX sent out an email to everyone who had signed up, saying:

“Within the last 36 hours, we learned that unauthorized third parties obtained the email addresses of some of our CurrentC pilot-program participants and individuals who had expressed interest in the app… Many of these email addresses are dummy accounts used for testing purposes only. The CurrentC app itself was not affected.”

Obviously, this hack did not access payment data, but it shows just how juicy of a target it will be when it actually does debut.

Over the last six months, some of the biggest retailers in the United States have had their credit card swiping systems hacked as well.

Last year, some 40 million shoppers were exposed in a breach of Target’s system, and an estimated 56 million credit cards were exposed in a compromise of Home Depot’s credit card swipers this year. This type of incident has increased in frequency this year.

In late 2014, Neiman Marcus, Staples, Michael’s Stores, and P.F. Chang’s restaurants all announced security breaches that put customers at risk.

The Neiman Marcus Group breach was eventually traced back to a Russian criminal syndicate that had stolen more than 160 million credit card numbers from more than 100 companies over the last seven years.

Many of the victims were members of the MCX consortium.

Because they do so many transactions every day, MCX members are already in the proverbial sniper’s scope for hacks.

No Golden Goose

Let’s take a zoomed-out view of this whole affair.

You have money, and you want to exchange it for some product or service.

Lots of people, both “good guys” and “bad guys” (in truth, they’re all pretty bad), are trying to get between you and the person you want to pay.

If one of the “good guys” can act as a middleman, they can add processing fees, gateway fees, and interchange fees to existing payment arrangements. It’s how credit card processors make money off of every swipe.

If one of the “bad guys” can get between you and your purchase, they can rip you off for as much as they can get away with.

Even though security is one of the most important facets of the entire digital transaction landscape, there’s no money to be made there. It’s a game of cat and mouse. A system is adopted, that system is compromised, then the system is patched or changed, and the quest for a compromise starts again.

If you want to make money by investing in this space, there are a few places you can look. You can invest in the wireless NFC chips, the point-of-sale solutions, the payment processors, or the retailers.

Of course, if you have no faith in the system at all, you’re out of luck… The companies that make those old imprint machines are all private!

Good Investing,

  Tim Conneally Sig

Tim Conneally

follow basic @TimConneally on Twitter

For the last seven years, Tim Conneally has covered the world of mobile and wireless technology, enterprise software, network hardware, and next generation consumer technology. Tim has previously written for long-running software news outlet Betanews and for financial media powerhouse Forbes.

Angel Publishing Investor Club Discord - Chat Now

Brian Hicks Premium

Introductory