2015 End of Summer Payments Update

15 September 2015

Well kids are back in school and Europe is tan. 6 weeks left till Money 2020.. and I just completed our Series A here at Commerce Signals.. wow what a summer!!

This blog is a little bit more of an inventory of things going on.. mixed with some views and general rumblings.

EMV. Its going to happen in October and the big merchants are ready. Two top processors told me that small merchants are in big trouble, particularly as the issuers will be pushing back all fraud to non-EMV merchants VERY aggressively. Think of it this way. EMV does NOTHING to help the small merchant.. currently no business bares cost of fraud in card acceptance. In October merchants must change to accept EMV or they will have the risk of fraud on their business. ISOs to the rescue? This will be a great opportunity for Poynt, Square and other merchant friendly POS/Payment providers.

Acquirers. First Data is moving toward IPO. This is a very tough business.. but as I’ve said before my bets are around companies that can be merchant friendly.. Acquirers are the entity that own the merchant relationship in a 4 party network.. so it is theirs to lose. Nothing has really taken off (incrementally here), Clovr, Card Spring, First Data’s Palantir. Why?? Acquirers have largely been put into a pricing box at the top 500 merchants with a well defined service (not much room for incremental services), and have had their reputation impugned through the ISO channels at the low end (5-7% cost of acceptance). For any Acquiring CEO reading this blog.. my action for you today is to take a look at the invoice you send to a merchant. 2-4 pages of fees that are indecipherable.. When merchants don’t trust you they don’t buy more from you. This is why I would not invest in this space without a clear understanding of the disruption.

Private Label. Rumor is that both Amex and Paypal are looking at M&A here. Makes sense for Amex particularly given need for transaction volume, 3 party model and their state of the art infrastructure. Merchants love Amex customers.. and Amex does the best job in the industry of proving the value that they bring (justifying their hefty cost).

MCX. They are set with payment infrastructure from FIS and First Data. The payment capability is there, and it takes time to build a highly scalable payments company. I just don’t see the need for stand alone app. My guess is that there will be an MCX payment instrument that sits in Apple/Google wallet… just silly to compete on “presentment”. Is the alliance fracturing? I think all participants would love to have a payment instrument that they could own and control. The issue is that there is no agreement on anything beyond payment. Mobile is too important a channel to delegate to a consortium. Also, these are fierce competitors.. The real challenge? Creating a great consumer experience, quite frankly their product team was one of the worst I’ve ever met in any company. No wonder they were considering paydiant.. one of the only options out of the DIY.

Poynt and Square. This seems to fit right in to the flow..  I love both of these companies. Why? As described above the payment industry has been VERY unkind to retailers. Poynt and Square give retailers a greatly simplified hardware, software, and acquiring solution. As a small merchant moving from 5-7% acquiring to 2.75% is a rather simple value proposition. I believe Poynt has several significant advantages over Square: 1) Square has a 6month+ certification process on Apple devices. Whenever it changes anything in its app… it has to go through recertification by Apple. Poynt is the ANDROID of Point of Sale solutions 2) By staying off of Apple AND adding a separate stand alone processor for non-payment applications, Poynt can deploy more applications more quickly and act as a platform for other services. 3) Poynt has a powerful data solution that puts merchants back in control of their data, 4) Ergonomics/Design. Just beautiful. Chip/DIP, Chip Contactless, QR, BLE, customer facing touch screen (not a swivel stand) all work seamlessly without having to pick up the terminal and try to stick your card into a slot. Well done Osama and team.

Paypal? Not much of a stock pop.. I’m very high on the Dan and Bill. But their core asset (eCommerce risk management) is being rendered moot by great mobile auth. When Microsoft (OnePay), Google (Wallet), Visa (Checkout), Apple (ApplePay) all moving into eCommerce they also risk loosing consumers. One of my biggest beefs is their treatment of Venmo volume in TPV (it is 0bps). Rumors are also that they will lose Uber within next 6 months.. and worked a special deal to keep them with take rate below 90bps (perhaps a driver of their margin drop). Merchants are a natural ally here, but Don K really mucked things up with their POS try. It will take 2 years to get things in shape here.

Visa/MA.. They are my biggest holdings.. no change in my views here. VDEP and MDES have positioned both with new power to tokenize and own the rules on mobile. I expect to see a new CNP rate for tokens within next 9 months.

Google. Big news 9/10 (See Blog). Google wallet now on all phones KitKat 4.4 and above (50-60M in US). I love it.. This is the PLATFORM FOR PAYMENT INNOVATION. The user experience is not on par with Apple (or even Samsung Pay).. but Android users are more technical (only 6% of iPhone owners have ever used ApplePay). There are some BIG pluses over Apple, I love that it shows the ereciept and location of purchase for instance (most issuers). Very surprised that Google is still looking for bi-lateral deals from issuers (in order of $10M with no bps). This is why we don’t see many issuers at launch.  What is funny is that there is a “free path” to issuers as well. If they don’t want their card art.. issuers can still just “turn it on” via the V/MA intranet tokenization route (register BINs). Funny that the big hold out is JPM.. given its data play.

Apple. I wouldn’t be surprised to see an ApplePay product announcement in October at Money 2020. Note that my track record is near perfect here so I don’t want to mess up 2 years of predictions. I know that Apple has ApplePay working in Safari, don’t know if they will roll this out our not. I also know that Apple went back to issuers asking for an “Amex like experience with eReciepts”. The issuers said “sure we can do that.. lets first tear up that 15 bps contract and talk about what you will pay me”. My sources say that beacons are a part of the next launch.. they could be just feeding me *&^*(&.  My guess on new release? 1) New Developer Support Program and rollout of Private Label/ Synchrony, ADS and Citi. 2) Improved “eReciept” process (like Amex) in order to compete with Google. 3) ApplePay in Safari (60% chance.. it is working but don’t know if they want to push yet before new token CNP rate tier). 4) Beacons at POS. Improve retail experience with beacons (40%.. again working in lab but don’t know of readiness).

The big Apple news that everyone is talking about is their plans to finance phones directly (end running carrier subsidy dependencies). As I’ve stated before, Apple’s phone is already capable of enabling a virtualized SIM. This is the one step needed before Apple enables consumers to “switch” to the lowest cost network every month.. or every day. This obviously has big implications for Gemalto as well. Google is 2-3 years behind, but is making more progress in enabling wi-fi as network option.

Innovation. Chain getting investment from NASDAQ, Visa, Citi.. is big news. I remain very positive on use of bitcoin as a disruption to Payments (see blog structural changes to payments). I also live industry specific solutions where payments are combined with something else to solve a problem. hyperWALLET for global payroll, justpushpay for construction, WEX for fleet/gas. I also love payments and data (hence commerceSignals), in this Klarna and Sofi are just tremendous ideas.

Going South

Samsung Pay. No change in my views here. What is sad is that they didn’t know that their entire application is incompatible with Android M (until they read my blog). Working with a competing app on their own phones with no registration.. just sad.

Card Linked offers. Guys don’t believe the press.. all of these things are dying. Even the most successful (cardlytics). Citibank is rumored to have called EDO to come pick up the pallet of their equipment (after 300M+ spent).  The good news is that their transactional data is in better shape for use.

Gemalto. Stock is at a 5 year low.. I told you guys to be short here. NO MCX, No GSMA NFC SWP… now Apple is pushing the SIM out of the phone altogether (or soon will).

Monitise. I want to end on a humorous note. This company did a great job at enabling online banking 8 years ago.. enabling “check your balance” functionality via a quick integration to the ATM switch. They pivoted in 2006/8 to support development on an array of handsets (Nokia, RIM, Apple, Samsung, …) with their only competition being mFoundry (acquired by FIS). But the phone complexity went away with 2 mobile OS (Android and iOS) and the rapid shift of mobile from the periphery to the center of the customer relationship. No bank will outsource the CENTER.. mobile development was a specialized skill.. now it is mainstream. As if this were not sad enough, they hired a US network exec with no EU experience, no mobile experience and no network of issuers (that liked her). Then she pushed out the founder.. only to quit last week.  Wow .. I hope the BBC can make a Silicon Valley (HBO) equiv.. only make it more of a Shakespearian tragedy.

ApplePay and Merchants

11 Sept 2014 – Remembering our loved and lost

Think about Apple: the world’s greatest consumer products company, maker of the world’s best most secure phone, coolest new watch, the best physical retailer ($/sq ft), holder of the most profitable handset, and the most profitable handset owners (demographic), the #2 brand in the world, the remaker of music, the inventor of new product categories, the platitudes could go on and on….  Apple did so many things right this week! Wow.. what a device! I mean devices.. !

What is the stupidest thing I could do here in this blog… really. Teach Apple a branding lesson!? Yep .. and I’m an engineer. Apple, please make sure that the Apple brand stops at the device.. Today “ApplePay” is accepted at any merchant that accepts Visa PayWave, MasterCard PayPass, Amex … There is no ApplePay acceptance mark that we know of.. so please lets keep it that way. My guess is that Apple is considering something here, this is the reason for the post. Logically, the reason Apple wants to brand payments, is that they want to change the payment process. As I pointed out previously, Apple has created a wonderful BLE experience, which the banks were not yet ready to support (with CP rates). My strong recommendation to Apple is to keep focused on the phone’s presentment of payment products across many protocols.. don’t create an acceptance brand.

As I stated in my blog this week, phones are becoming a commodity and evolving beyond how you orchestrate an individual’s life (music, photos, books, documents, mail, contacts, …) to how phone can help consumers INTERACT in their environment: Commerce, Healthcare, Fitness… With respect to the former.. Apple really doesn’t do much for retailers today. They don’t advertise, they don’t do much in maps and communication, they don’t do payments. In short, today Apple doesn’t bring a consumer into a store, improve engagement while shopping, build loyalty (to the store), or help with payment. Who helps the store with these activities? NCR, IBM, Micros, Oracle, IBM, Toshiba, Catalina, Datalogix, dunhumby, and a thousand others.

Given that Apple is one of the smartest companies in the world, my hope is that they have plans here that will become more fully known. Perhaps ApplePay was the consumer launch and that iBeacons and Accept ApplePay will be a new merchant launch. We can see from the enormous patent flow that Apple and Gimbal have put tremendous thought to physical commerce and iBeacons. But even if this is the case, Retail is a REALLY REALLY big space ($4 Trillion), for Apple to be successful in “Commerce” they must create a model where participants invest and other companies can make money too… After all, who would want to do business on the NASDAQ stock exchange if they captured 70% of the market’s value? Partnerships and extra-Apple value creation has been the KEY weakness of Apple.

Commerce Platform

When you build a commerce platform, the objective is to interconnect everyone. To interconnect everyone, you must have a case for “everyone” to connect, and a few open/defined standards. There are three basic approaches: a critical mass of buyers, a critical mass of sellers or remain neutral. Obviously, Apple operates on the consumer friendly “buy side” of commerce, and is consumer focused to its CORE. But buy side markets and networks are hard to maintain. Tilting too heavily toward any party is difficult (network effects), unless the consumer has already chosen your brand based upon the value you are currently creating. Amazon is the leader and great example here.. they are also buy side focused. Consumers GO TO Amazon to buy and Amazon CAN brand everything because the consumer entered their store with the objective of shopping.

The ApplePay rollout in eCommerce looks fantastic, with vendors like Stripe ready to help online retailers move today. ApplePay at the Point of Sale however is a big branding mistake (for Apple, banks and for retailers).  Retail is between a consumer and a merchant. Retailers attract consumers through product, promotions, price, or convenience.. each is different. Introducing a new consumer brand in retail that is BEYOND the retailers control is not something that makes sense..   not for a commerce orchestrator (Apple, Google, ..) or for the Retailer (in less than 18% of handsets). Whereas online, consumers entered the “virtual store” through their Apple device.. in the physical world.. Apple did nothing.. the consumer is not going through the Apple device. Thus my view is that ApplePay works online.. but not at the POS.. Whereas all other NFC solutions acted as a wallet “container” where a consumer purchased with the card of their choice, apple has branded the payment process..

Think about it this way: would starbucks throw out the most successful mobile payments application in the US in favor of ApplePay? No way! Why? Their consumers are using it..? sure that is one reason. But Starbucks demonstrates that merchants are best placed to deliver value, loyalty and drive consumer interaction in a way that benefits them. Apple has a rather poor reputation in working with partners, and agreeing to industry standards. Retailers considering ApplePay should talk to a few Apple peripheral manufactures on interfaces, standards, stakeholder influence and firewire. Apple can’t create an industry standard in ApplePay, it is probably not trying to either. In fact, for payments ApplePay is operating on the Visa/MA standards. Why would merchants want to allow Apple to build brand here? What is the FUTURE of allowing this brand in? Visa and MA don’t control it.. Retailers don’t control it.. and there is no commitment to industry standards where retailers can influence it.

As a commerce platform you can’t be biased. To create consumer value, you can’t push a consumer to a product, to a retailer, toward a payment method.. let the consumer decide. To create merchant value, you can’t push brand and proprietary connections in an area where you do nothing today. Remember the ApplePay product does NOTHING new that a current plastic card can’t do.. Visa and Mastercard acquired merchants with a new product 50 years ago.. cards delivered tremendous value: instant credit, open acceptance, defined standards, multi stakeholder rule making. Do you (merchants) want to give all this up for something that just holds the card?

What do merchants want? The MCX team are friends of mine. Their new CurrentC app may not make much sense to outsiders, but they are operating as an “Intel Inside” kind of model, a white label, “in the guts” kind of service that each MCX member can build around. Each retailer can customize how payments are done, how loyalty is done, how data is shared. ADS and Amex Serve also operate in this whitelabel merchant friendly model.. MCX may be a little bit dreamy.. and I don’t see a future where retailers will stop accepting Visa and Mastercard… but I certainly don’t see retailers jumping over themselves to let another brand come between them and their customer (unless it is VERY VERY neutral). Remember, payment works REALLY WELL .. there is no problem here (payment).

Merchants will want to have Beacons, but they want to support all consumers.. not just iPhone 6 consumers.. therefore Retailers will manage beacons they control (which will work across Android too). This means standards and open-ness. Merchants want mobile to work for EVERYONE in the store. From a platform perspective, support storage and transaction signing for any product/app. When I sign a transaction with biometics.. do I really need to call it ApplePay? Don’t you want everyone to build on your platform?

Apple recommendations

Apple, I strongly recommend adapting your commerce platform strategy to be much more like Intel’s. Open up iPhone 6 capabilities for others to use.. start talking up your APIs,  win in the handset.. create an ecosystem.  Think about it this way.. if ApplePay is the brand, who else will invest in making this work beyond you? Merchants will invest if it drives more sales,  higher margins, or if not doing it means loss of these. But retail is a zero sum game.. I’m not going to buy MORE gas and groceries.. so it is about switching in the flux.. once this flux dies.. so does your product.  This is not a long term commerce strategy.  Apple doesn’t need to build more loyalty with its consumers, and there is certainly very little upside (15bps) for the transaction. What Apple  needs to do: become the platform for commerce.

My recommendations for Apple

1) Break with rules and give strong hints that your merchant value proposition is coming.. soon

2) Hire some retail execs that can run with a commerce platform strategy, and move on the message

3) Create an IAL equivalent, and start working with MCX and other major retailers around the world.. LISTEN first..  find a way to make the iPhone work in Commerce.

4) Recast the ApplePay Brand as something that stays in the iPhone, and you are not going to push it on retailers…


Yes I have drunk the Google cool aide, yes I am one of their biggest fans, and they have been my absolute best client. So you can brush this off as pundit platitudes, but this is one of the few companies in the world I have ever seen where Fortune 100 companies CALL INTO and ask to meet with. Google is “in the Kimono” with every major Chief Marketing Officer on the planet, they have STRONG retailer relationships because they deliver value to retailers and manufacturers TODAY.    Thus, I maintain that Google is 5 years ahead in ABILITY to deliver value to merchants today: influencing consumers before they shop, engaging consumers while they shop, checking out, paying, support of private label cards, open platform for any app, no emphasis of Google’s brand in the store.   Google’s weakness.. retailer fear of data use.

This is actually the focus of my new company: CommerceSignals.. I want to find a way to enable 1000 new start ups, helping millions of retailers, MNOs and banks interact with consumers via mobile. Getting real time data is hard.. I want to make it easier.. for MCX, for Facebook, and for the next 1000 start ups. We are still in stealth mode, but more to come here shortly. (My investors not super excited I maintain this blog for fear of me pissing people off).


Congrats on tokenization.. what was rolled out yesterday was the best, most secure payment product in history.. I can’t wait to see this roll out in 100 other products and bank applications. Visa, MA and Issuers are winners here no matter what.

As a former Citi and Wachovia payments, mobile, internet guy I can assure you that banks were none to happy about the ApplePay brand. Remember Banks saw this future, and had a reason for resisting EMV chip and PIN. They created a tokenization initiative 4 years ago in the TCH to deal with this, with the hope of creating a new Visa. The bank mantra “if we have a token in the phone, we don’t want it to be a V token, or a MA token, .. we want it to be OUR token”. Logical … but I completely agree with Charlie and Ajay, that a token that wraps a V/MA card is still a V/MA card.. and there was no way for the TCH initiative to deal with the acquiring/acceptance.

The last time banks allowed a brand to tackle a new area of payments.. was PAYPAL.. and banks said “NEVER AGAIN”.. so much for that. My G2 says that banks took this same “Never Again” approach to the ApplePay brand until as recently as 3 months ago..  Apple won the game of chicken. I just can’t believe that banks are allowing Apple to BRAND payments.. it makes no sense for Apple either.. Unless perhaps they are buying FDC from KKR (this is a joke).



Paypal at Crossroads (? buying Blackhawk)

25 June

Big things are in store for my favorite eCommerce payments company. Really, I do like Paypal. I may ding them on their POS strategy… as it makes no sense at all… but I love Paypal online.. the “original” ecommerce payments solution that adds value to merchant and consumer. In 98/99 Thiel and Levchin were the first to dream up digital wallets, and first to solve a REAL problem of card acceptance online for small retailers. Perhaps even better than the great Paypal PRODUCTS, were the great PEOPLE that grew out of PayPal.. that have done soooo many great things: Peter Theil, Max Levchin, Elon Musk, Keith Rabois, Premal Shah, Osama Bedier, Amy Klement, Steve Chen, .. (list too long sorry to those I left off).

As its early leaders went on to do great things, the company “evolved” from an innovative start up to take on a bank flavor. Scott Thompson came from Visa and all his direct reports had bank backgrounds… the top tier of the organization led to a culture change (in a bad way) and it went from the coolest company in the valley… to … errrr… something else.  Pierre and the BOD recognized this and tried to get the mojo back with putting David Marcus in at the helm. They wanted to recapture what made Paypal great (people).. to reset the culture. David is a great guy, as he says this week he was an innovator.. but one that never ran a team larger than 200.. and certainly not a global one which was highly regulated.  It didn’t help that eBay’s CEO essentially undercut David by allowing Don Kingsborough and Gary Marino end run and make decisions directly with John. How could any CEO make it in that kind of environment!?

Now that David is gone (see Venture Beat) who can lead them (today) and what is their new strategic imperative.. their vision for growth beyond eCommerce?

Next 12 months

I believe Paypal will see competition in its core business like never before, As I stated previous Payments are moving into the OS… and Paypal doesn’t have one. Apple, Amazon, Google are new competitors in core eCommerce… all with an OS.

Paypal’s new competitors?

  • Apple will own payment presentment and authentication on all iOS devices.
  • Amazon will begin to get off Amazon traction (example today is Gogo wireles)
  • Google’s massive success in Shopping Express (Free shipping and payments). Google also just launched wallet in iOS (see google’s blog)
  • Bank Token Schemes and forthcoming rules for cards on file

As a side note, Paypal did squeeze itself into the Apple wallet (for NFC/POS transactions), but Apple will be expanding the iTunes buying experience very soon, and it won’t be looking to drive Paypal merchant adoption, as it is in the process of negotiating card present rates for CNP transactions (See my Apple blog).

Paypal at the POS is a complete joke (see blog). The business guys that have been running the show (or end running David) are focused on a Visa/Mastercard like strategy… not on one that delivers value to their core constituents (merchants and consumers).  Paypal was the company best positioned to execute on a Braintree/Stripe product 5 years ago (remember X.com) and also the best company to have built a Square/Clover like solution. They missed all these things because their business heads were focused on quick transaction volume deals and solutions.. NOT ON VALUE.

POS – Buying Blackhawk?

This is my big theory today. With eBay repatriating $9B and taking a 30% tax hit, we all know that acquisitions are planned. But what?

Obviously Carl Icann, David Marcus and the BOD have had some disagreements. Rather than guess the strategy, lets take a look at WHO is staying at Paypal. Don Kingsborogh is the former CEO of Blackhawk and head of Paypal’s POS strategy, and Discover Network strategy/relationship.

Paypal has promised its institutional investors progress at the POS.. and they have NONE. Jamba Juice and Home Depot numbers are terrible. The Discover partnership did nothing for them, as MCX merchants REFUSED to accept Paypal (routed as a Discover Card) or new processor agreements (that ran as high as 210 bps). Paypal has “learned” it cannot sneak in payment products within an existing network (Discover), nor can it deliver enough value to push merchants toward a new agreement. Few eBay investors realize that the Discover relationship is yielding NO FRUIT.  Even IF they could convince a merchant to TRY paypal at POS.. they first have to line up the Processors to support, and big ones like First Data were not playing (WSJ Article). This Paypal was paying $50k-$250k+ for merchant to SWITCH to Vantiv just to do a pilot.

Paypal at POS needs a ubiquitous merchant acceptance solution and a physical connection to all major merchants. They also have learned how both Google and Apple have developed strategies to end run the traditional payment terminal and integrate directly with the POS (see the brilliant Google/TXvia Patent US 8676709 B2. )

Blackhawk may fit the bill, as it has a merchant network and POS integration solution today. Every time you pull one of those pre-paid cards off the shelf the SKU bar code is tied to the card Primary Account Number.  The Retailer’s POS system sends the SKU to Blackhawk upon payment and Blackhawk activates the card.

Blackhawk is working to leverage this transaction flow to create its own scheme to fund the transaction.See Blackhawk’s patent US8676709 B2. An item in the shopping card becomes a payment instrument. This could be “THE” enabler to someone like Apple too.. a new payment “gateway” that end runs the traditional payment stream. For Apple, all they would have to do is get a secure “TOKEN SKU” to the POS and the POS would leverage Blackhawk to route. Of course items in a basket usually have a cost, but settlement could be accomplished through a 100% discount, or by capturing the merchant ID and terminal ID to push the payment back through their current processor.

I think this is THE most brilliant scheme EVER!! I love it.. If implemented via ACH.. and MCX. I just don’t love Paypal delivering it because of “cost” and ability to coordinate/execute in delivering value from  all merchant data.

I’m only 50% confident here.. just put a small $10k bet along these lines for fun.  But at a $1.4B market cap.. this would not be a bad bet for PayPal.. problem is that merchants will never go for it.. this does NOT solve the VALUE problem (for consumers or retailers).. it only solves the network acceptance problem. This approach continues the “we will sneak it in” approach. It may “solve” a short term problem of Processors.. but it creates a new one for the merchant in having to deal with multiple processors (one for swipe one for … something else).

IF the merchants would go for this, it may be the best payment design on the planet.. as it would give a way to provide discounts and rebates within the POS system. Integrating with the POS would completely disrupt the processor/payment terminal process, and we would begin to realize the “power of tokens”.

Paypal and HCE? Really?

Just read David Marcus’ blog on Beacons, HCE and Alerts. I agree with him on just about everything… except Paypal’s opportunity in the physical world.

emvco token

Why do Banks love tokens?  HCE – Now the preferred contactless approach addressed this in Feb. HCE aligns to everything that Banks and Networks do today:

  • Manage Risk and Fraud
  • Manage Consumer Authentication
  • Intelligence with bank and network
  • Trust is in the network. Networks ARE the TSMs (or rather TSPs)
  • Banks leverage 4 years of investment in TCH token scheme (ex Token Service Provider)
  • Banks expand mobile app capability with payment
  • Banks are in complete control of who can use their cards where
  • No more TSM, Payment is in the OS, No more dedicated NFC chipsets, and the MNO lock is gone.

Now imagine Paypal’s role here

In this world.. Banks make nothing (for ACH funded transactions) and merchants get stuck with 210-180bps for everything.. this is the “Blended rate” deal. Is there any wonder why merchants aren’t running to enable contactless?

As I wrote in my blog.. at least Google has a value proposition charging the merchant a maximum of 160bps and paying Banks the full rate of interchange (see Google/TXVIA, and Tokens, Rules, Wrapping and Acquiring).

Google/TXVIA is actually the only production physical POS “token” solution in the market. Osama Bedier made this happen through the TXVIA acquisition…. a brilliant move. It works today.. and I’m still struck by the insanity surrounding Banks and Network plans to kill it. It makes no sense at all!! The only production token platform, providing value to everyone.. yet the Banks HATE IT.. why? They don’t want google to see transaction data. You can only imagine the odds against Paypal as they work to serve their own interest.

paypal token rev

To be a successful payment provider you must have a solid business case to AT LEAST 2 of the parties: Consumer, Bank, Merchant. Visa and MasterCard built theirs around consumer and Bank, Starbucks on Consumer and Merchant. Oystercard on Consumer and Merchant.  PayPal….? Consumer and ??? Well it is NOT delivering revenue to the Bank.. and given its cost it is NOT delivering value to the merchant. The reason PayPal succeeded in its early days was it solved a real problem: card acceptance online. It has no chance of competing in the much more hotly contested POS world … particularly without any value proposition.

Yes Paypal will be a payment option in the new Apple Payments scheme (it fought very hard for this win). As I stated previously Payments have moved into the Operating System and Payal DOESN’T HAVE ONE. But this is not a win at all.. they still must convince both consumer and merchant to use Paypal… it is just an option.


FYI… see the new card present standard on tokenization EMVCo Tokenization, Mar 2014.

What is NFC? What part is Dead? A: The GSMA part

23 Feb 2014

I decided to turn this into a Wiki update.. as the prior entry is somewhat lacking. For example: Who created the TSM? Single Wire Protocol in the UICC? Who certifies a device for payment?

The New Wiki is now (with the last 2 para’s just added)

Near field communication (NFC) is a set of standards for smartphones and similar devices to establish radio communication with each other by touching them together or bringing them into proximity, usually no more than a few inches.

Present and anticipated applications include contactless transactions, data exchange, and simplified setup of more complex communications such as Wi-Fi.[1] Communication is also possible between an NFC device and an unpowered NFC chip, called a “tag”.[2]

NFC standards cover communications protocols and data exchange formats, and are based on existing radio-frequency identification (RFID) standards including ISO/IEC 14443and FeliCa.[3] The standards include ISO/IEC 18092[4] and those defined by the NFC Forum, which was founded in 2004 by NokiaPhilips Semiconductors (became NXP Semiconductors since 2006) and Sony, and now has more than 160 members.The Forum also promotes NFC and certifies device compliance[5] and if it fits the criteria for being considered a personal area network.[citation needed]

In addition to the NFC Forum, the GSMA has also worked to define a platform for the deployment of “GSMA NFC Standards”. within mobile handsets. GSMA’s efforts include“Trusted Services Manager”., Single Wire Protocol, testing and certification, “secure element”..

The GSMA’s standards surrounding the deployment of NFC protocols (governed by the NFC Forum above) on mobile handsets are not exclusive nor universally accepted. For example, Google’s deployment of Host Card Emulation on “Android KitKat 4.4”. in January 2014 provides for software control of a universal radio. In this “HCE Deployment”., the NFC protocol is leveraged without the GSMAs standards.


From a mobile payment perspective, NFC is

  1. Protocol. NFC Forum owns the Protocols making up the ISO specifications.  These protocols are the “universal” aspect of NFC that is NOT changing.
  2. Platform for How NFC works in a Phone
    • GSMA NFC Specifications, reference architectures, platform constructs (TSM, ..) outlining a SCHEME for how NFC manifests itself within a Handset Architecture
    • HCE
    • Apple Secure Enclave
    • ??
  3. Payment Network Standards and Certification. Exxon Mobile and Mastercard were the first contactless payment mechanisms, and Mastercard PayPass was the first Network Standard with reference implementation and certification for presentment and acceptance.

With HCE, the entire GSMA “NFC platform” is dead, but NOT the protocol (No UICC/SWP role, No TSM, Access to “controller” and Secure Element, no Handset Certification).

Comments on Wiki and blog welcom



Token Acceleration

20 Feb 2014

Let me state up front this blog is far too short, and I’m leaving far too much out. Token strategies are moving at light speed… never in the history of man has a new card present scheme developed so quickly (4-6 MONTHS, see announcement yesterday). As I tweeted yesterday, the payment industry is seldomly driven by logic, and much more by politics. Given many of my friends (you) make investments in this industry, and EVERY BUSINESS conducts commerce and payments, movements here have very broad implications. The objective of this blog is to give insight into these moves so we can all make best use of our time (and money). I was flattered at Money 2020 when a number of you came up and told me that this blog was the best “inside baseball” view on payments. Perhaps the only thing that makes our Starpoint Team unique is that we have a view on payments from multiple perspectives: Bank, Network, Merchant, Online, Wallet, MSB, Processor, … etc.

It’s hard to believe I’ve already written 12 blogs on tokens… more than one per month in last year. As I outlined in December there are (at least) 10 different token initiatives (see blog).  Why all the energy around tokens? Perhaps my first blog on Tokens answered this best… a battle for the Consumer Directory. It is the battle to place a number in the phone/cloud that ties a customer to content and services (and Cards). The DIRECTORY is the Key service of ANY network strategy (see Network Strategy and Openness). For example, with TCH Tokens Banks were hoping to circumvent V/MA… (see blog). The problem with this Bank led scheme (see blog): NO VALUE to consumer, wallet provider or merchant. It was all about bank control.  The optimal TCH test dummy was almost certainly Google, and the “benefit pitched” was that Regulators were going to MANDATE tokens, so come on board now and you can be the first.Token schemes

Obviously this did NOT happen (perhaps because of my token blog – LOL), but the prospect of a regulatory push was the reason for my energy in responding to the Feds call for comments on payments. In addition to the failure of a regulatory push, the networks all got together to say no Tokens on my Rails (see blog). Obviously without network rail allowance, a new token scheme would have to tackle acquiring, at least for every bank but JPM/CPT (see blog).   Paul Gallant spent 3 yrs pushing this scheme uphill and had no choice but to look for greener pastures as the CEO of Verifone (Congrats Paul).

In the background of this token effort is EMV. I’m fortunate to work at the CEO level in many of the top banks and can tell you with certainty that US Banks were not in support of Visa’s EMV announcement last year. One CEO told me “Tom I found out about EMV the way you did, in a PRESS RELEASE, and I’m their [Top 5] largest issuer in the world”. Banks were, and still are, FUMING. US Banks had planned to “skip” EMV (see blog EMV impacts Mobile Payments). The networks are public companies now, and large issuers are not in control of rules (at least in ways they were before). Another point… in the US EMV IS NOT A REQUIREMENT A MANDATE OR A REGULATORY INITIATIVE. It is a change in terms between: Networks and Issuers, and Networks and Acquirers, and Acquirers and Merchants (with carrots and sticks).

In addition to all of this, there were also tracks on NFC/ISIS (which all banks have walked away from in the US), Google Wallet (See Don’t wrap me),  MCX, Durbin, and the implosion of US Retail Banking.

You can see why payment strategy is so dynamic and this area is sooooo hard to keep track of. Seemingly Obvious ideas like the COIN card, are brilliant in their simplicity and ability to deliver value in a network/regulatory muck. This MUCK is precisely why retailers are working

Payment Value

to form their own payment network (MCX), retailers and MNOs are taking roles in Retail banking, and why Amex has so much more flexibility (and potential growth).

Key Message for Today.

With respect to Tokens, HCE moves are not the end. While Networks have jumped on this wagon because of HCE’s amazing potential to increase their network CONTROL, Banks now have the opportunity to work DIRECTLY with holders of CARDS on File to tokenize INDEPENDENT of the Networks.

Example, if JPM told PayPal or Apple we will give you:

  • an x% interchange reduction
  • Treat as Card Present, and own fraud (can not certify unless acquirer)
  • Access to DATA as permissioned by consumer
  • Share fraudulent account/closed account activity with you to sync

If you:

  • Tokenize (dynamically) every one of our JPM cards on file
  • Pass authentication information
  • Collaborate on Fraud

This is MUCH stronger business case for participation than V/MA can create (Visa can not discount interchange, or give access to data).

This means that smaller banks will go into the V/MA HCE schemes and larger banks, private label cards, … will DIY Tokens, or work with SimplyTapp in direct relationship with key COF holders.

Sorry for the short blog. Hope it was useful

HCE – Now the PREFERRED contactless approach

Feb 19

HCE Gains Official Support from V/MA today

So much for 2 NFC/TSM CEOs telling me that HCE was “not viable”.  I told you Feb was going to be a great month.. and this is not even the tip of the iceberg. As I look at the number of reference links below.. I realize that I’ve been talking about this stuff for far too long. For detail on what HCE is see my November Post HCE Breaks the MNO Lock.

Today’s announcement primarily impacts BANKs. Message to Banks, if you want to test HCE TODAY there are 3 options: Mastercard, SimplyTapp, or Android 4.4 DIY.  Before everyone gets too excited.. the same mobile payment hurdle remains: merchant adoption. Technically HCE looks exactly the same to a payment terminal as NFC and unfortunately it also has same (terrible) business model (everything is a Credit Card .. by Bank design). Credit cards cost 200-500bps (% of sales) vs a flat fee of $0.07-$0.21 for most debit cards.

What does this announcement mean?

  • HCE Token Presentment = Card Present Paypass/Paywave
  • No more TSM, Payment is in the OS, No more dedicated NFC chipsets, and the MNO lock is gone. (Sell Gemalto … loosing MCX and NFC in the same week?)
  • Visa/MA prefer HCE to NFC hands down. It allows them to own the tokenization of cards in mobile. HCE actually ALIGNS to bank and network (V/MA) objectives: keep intelligence in network and control with issuers. The Networks ARE the TSMs. Mastercard is 3-5 years ahead of Visa here (with actual pilots). Visa’s is attempting to make up lost time by creating a more flexible program to support HCE within Visa Ready (Issuer Support). Note “Visa is Developing”.. vs.. call up MA and start the pilot. Visa’s token focus had been on the eCommerce side (V.me), and will have to run hard to play catch up.

Visa Ready

  • Android Rules! Cards, Tokens and Door Keys in Apps. Your Citibank mobile app can pay at a contactless terminal, your Starwood App can open hotel room doors. Apps have access to ISO 14443/18092 compliant exchange.. with the support of Android. This is where it will get VERY interesting. Google created HCE based upon the contribution of SimplyTapp’s Software (via GPL). I believe it is a tremendous competitive edge for Android, and I would bet they work to “manage” the deployment of KitKat and approve applications that can leverage it, as they MUST be part of Google’s Authentication/Biometric plans. Why is this better than Apple’s Beacon/BLE approach? Google is a Platform that will allow hundreds of apps to access the radio where they will own security and authentication (open innovation). Apple is a hyper controlled structure where beacons will talk to your phone in defined ways through approved apps (managed innovation). OK this is a bit of simplification, but until Apple actually releases a product don’t complain about it.
  • Tokens, Tokens, Tokens.  I could write a book on the interplay here. Much of the V/MA stance evolved from the previous TCH Token Project (see Money 2020 Blog and Business Implications of Tokens). The banks were working to end run Visa and MA on mobile tokenization. Theme is “if there is a number in the phone, why would we [Bank] want it to be a Visa or MA number.. lets make it OUR OWN number (ie a Token). After 3+ years the effort floundered and now TCH is left to be the standards body. Visa and MA reacted, most likely because of all my excellent token blogging (not), and together with Amex announced a new shared token approach.

Important. In the mobile context think of tokens are constantly changing card numbers. In the early stage HCE tokens will be 16 digits to support current payment infrastructure, but will evolve in next 2 years to be complex token identifiers much longer than 16 digits. Visa and MA have both developed controls for how this will work, for example having a “token” that refreshes at a given rate based upon where the phone moves and how the phone transacts. A Token could refresh at different rates (10 seconds to 10 weeks) based upon how the user transacts or what part of the world they are in. In this model Token generation is a NETWORK responsibility, which is why V/MA love this model.  In the new token schemes, there is opportunity for the “mobile handset” to provide biometric and security information. As I stated before, NFC zealots will HOWL that there is no TSM, or security that a number will be stored in software. But SECURITY has DEGREES.. there is no such thing as 100% non-repudiation.  I will leave it a subject to a future blog how ID providers are paid for this service.


There maybe a few new readers on this blog, so let me recap a brief history of how this came to pass.

NFC is a great technology, with a terrible business model. Developed by carriers in a walled garden strategy, they planned to charge $0.05 every time someone wanted to access a credential (like a credit card) in the “secure vault” within the mobile phone. The secure vault was the Secure Element (SE), with companies like NXP making dedicated chipsets for the function. See Carriers as Dumb Pipes.

Also seeNFC Handset

ISIS Platform: Ecosystem or Desert

Apple and Physical Commerce

Network War – Battle of the Cloud Part 4

Controlling Wallets – Battle of the Cloud Part 3

Apple and NFC







Gemalto CEO: We will make “hundreds of millions” from MCX

4 Dec 2013

I had a large institutional investor forward me this article.. it is 60 days old.. but still I spit out my coffee laughing, so be careful.



Gemalto CEO’s assertion that he will make “hundreds of millions” from MCX is a big pile of… um… “optimism”.  Given he is a public company, I can’t imagine how he could possibly give forward looking statements that are so completely and utterly unfounded. Perhaps communication by public companies in Amsterdam is a little more relaxed (a trip to the “coffee shop” with Bob Dylan. I better watch out, or I may be treated like Bob was yesterday see CNN – Bob D Inciting hatred).

Let’s do a little math.

MCX will likely process payments in a decoubled debit model with a net payment cost of  $0.05 (plus 10-20bps for fraud). If Gemalto were able to get 10% of $0.05 ($0.005/tran) it would take 20 BILLION transactions to generate $100M in revenue, at $40 per average transaction that would be 800 BILLION in sales. For perspective, total US retail sales are $2.4T (not including restaurants, auto, services, gas).  Wow…. Quite Gemalto has quite an “aspirational” view on MCX adoption. I wonder if Gemalto’s CEO knows that the US operates in a competitive free market??

The only possible way to (re) interpret quote is that MCX will make 100M TRANSACTIONS. This means that Gemalto’s revenue from MCX would be $500,000 (at the VERY top end) in Year 5. I hope the institutional investors priced this “cloud” revenue…

I’ve yet to meet any vendor that has not left in tears after working with WalMart. These guys are supply chain Pros.. and no one makes hundreds of millions.. and if you were.. you sure wouldn’t go tell the press about it before your product went live.  Gemalto’s innovation is a pretty QR code.. they are complete idiots if they think that they are the only option for presenting a payment “token” to a POS (see Gemalto QR codes for detail).

12 Party

I own no Gemalto stock, but if I did.. it would be a short position. Their bread an butter businesses are handset SIMs and Credit Card Chips. My view of the world is that dedicated hardware is moving toward software. For instance the SIM card.. most have seen Apples plan to virtualize the SIM (see blog).  Gemalto’s hopes for NFC are also dashed by things like Host Card Emulation (HCE) and the 12 Party supply chain. See this picture on the right? The 12 parties… ? Well they ALL need to make money.. and I can tell you with great certainty that the NFC suppliers in this market don’t have 2 dimes to rub together on NFC.. everyone is taking a bath. Gemalto represents 2 boxes of the 12 (UICC and TSM).. Twice the risk.. non of the cash. Investors look at it this way.. do you really want to bet on Gemalto over both GOOGLE and APPLE? FUBAR!

What is left for Gemalto? EMV Cards.. They will see a bump in demand over next few years due to US reissuance.. but Gemalto is a commodity supplier here. I see nothing in their future that will help them evolve toward a software model.. MCX revenue projections are complete bull&*^*&^

[yop_poll id=”3″ tr_id=”101010″]


Issuers … give HCE a shot now

Imagine expanding your existing bank mobile app to do card emulation.. with NO TOLL to the TSM or carrier.. you are in complete control. A project which should be sub $1M AND NO CONTRACTS!!

Imagine expanding your existing bank mobile app to do card emulation.. with NO TOLL to the TSM or carrier.. you are in complete control. A project which should be sub $1M AND NO CONTRACTS!!

The only current dependency is Android 4.4 with an NFC or HCE capable handsets.. with over 40 new OEMs  handsets shipping in next few months.

I’ll fill this blog out in more detail, but here are the key actions

  1. mobile app development
  2. workout how your static signing keys can be deployed. SimplyTapp has solution in place (https://www.simplytapp.com/)
  3. Test with legacy embedded handsets and new OEMs to establish your test pool
  4. Create a new consumer registration service where virtual keys are provisioned to application (again SimplyTapp has this)

Google’s phones are ringing off the hook. Retailers, loyalty providers, Banks are all working to leverage this new approach. The Android team can help you with the APIs.. but recommend you get in touch w/ SimplyTapp today

(I have no current relationship with SimplyTapp… but think it is something that makes sense as hardware evolves to software)

– Tom