Brokering Identity – Part 1

12 Sept – Big Update Noon Eastern

I’m not going to do this justice.. I just don’t have time…

Previous posts on topic: Authentication in Value Nets, As I stated

Assume Apple has the best biometrics system on the planet, and Consumers trust Apple with all their credentials. How can non-Apple Service Providers use Apple’s Authentication service (pay them)? As I outlined in Who do you Trust(Sept 2013)

The “KEY” [prerequisite] in value orchestration is owning the Consumer relationship. Therefore Identifying and Authenticating the Consumer is the first, primary, service that must be owned by a platform.  What was a separate “Trusted Services Manager” in the NFC world has been co-opted by platforms which will take a proprietary route.

Apple just created a massive challenge for itself in retail by branding payments ApplePay (see yesterday’s blog). They have assumed the consumer – merchant broker role in a way that conveys with 100% certainty that consumers want to be anonymous. They took an “old world” view of payments vs a new world view of Value Orchestrator and Identity Broker. Yes it would be completely wierd to launch a consumer brand call AppleIdenityBroker.. But ApplePay doesn’t quite capture the #1 retailer challenge: knowing WHO their consumers are and interacting with them!?(see Rewire Commerce).

For example, Apple must deal with private label cards and store loyalty cards. In these models the retailers know everything about the consumer. Apple could just store these cards.. and act as a traditional container.. But that does not allow them to add value based upon the “trust authority” role they can now assume…. at least not in a primary capacity (appending a bio score/token assurance). In a trust broker role, Apple needs to think about allowing consumers CHOOSE to identify themselves and their data.. beyond just a token. My favorite commerce experience of all time is Square (sure they haven’t yet delivered.. but it is beautiful). Consumer doesn’t take the phone out of their pocket, but rather recognized at the POS and merchant greats them. Square Register checkout vision is just fantastic.. much better than a 8 year old “tap model”.. .

Apple should allow merchants to know consumer presence, within the control of the consuemr.. thus brokering a form of ID that is unique to every consumer-merchant combination. This would allow merchants to access past spend history, private label cards on file, loyalty cards, offers, …  They could also deliver an authentication service if the merchant wanted it.. some merchants think seeing someone’s face is good enough. The other side of ID broker is that the broker MAY NOT know the purpose of the exchange. For example, if Google did this, they may not know that it was to resolve a private label card, and the amount of the transaction. The Identity broker role is also free to create terms with the requestors of identity. Obviously consumers would see the terms and brokers that request too much will loose in the market compared to brokers that are more consumer friendly. These natural market mechanisms will support many types of economic relationships and retail business models. It is not one size fits all, and it also accommodate functions FAR beyond payment.

Now think about this identity broker role in the context of beacons. I can deliver static content with beacons (where I don’t know the recipient/destination) and deliver CUSTOM content (where I do know the consumer). Let the consumer make this decision… and make the merchant create enough value to make the consumer WANT to give up their identity. This is the way a platform should work. In the context of the Cloud, it is about bringing together the consumers “cloud” in 1000 different ways with the environment (merchants, doctors, … ). APPLE YOU CAN’T CONTROL this.. but you can intermediate the connection.

One of the primary reasons that banks gave into the ApplePay brand and 15bps is that Apple agreed to anonymity and they also agreed not to look at the transaction. Banks want to be in the trust broker role, and working to build significant data businesses. Here is my BIG MESSAGE: the transaction is OWNED by the consumer and the merchant, it is NOT owned by the bank. Either the consumer or the merchant can choose to let the platform know. The merchant has richer knowledge of what was bought, the consumer has richer knowledge of who bought it. Platforms should look to create this kind of open, flexible interaction (an approach that will make my bank friends have kittens). Here is another BIG Message. The platform could be ANYONE involved in the transaction (Square, Apple, Google, Verifone, FirstData, Visa, Mastercard, Amex). It is exactly what Amex is doing today with Loyalty Partners. Merchants are CHOOSING to give up data to Amex. The key for these new platforms: MERCHANT FRIENDLY AND CONSUMER FRIENDLY

Who is best placed? In the online world it is already happening…as we see Login with Amazon, Google, Facebook.. What about in physical world? Not yet.. a platform that is neutral to consumer and neutral to merchant is hard to monetize.. therefore.. I give the big advantage to Google…

Apple can pivot here, but they need a serious refresh on their team and approach… find a way to help your platform intermediate between merchant and consumer.. merchants have all the data and value.. consumers have all the behavior, decisions and payment..  payment is the easiest part. If you can’t move on the other parts.. you can’t get this thing to move at all. This is the problem with “mobile payments” .. no value creation beyond what the core cards do already today. Stop thinking about your revolutionary new platform does in today’s world (payment) and start thinking about how in can reshape it and a way that benefits EVERYONE (Consumers and merchants). Building a brand on top of legacy payment instruments with 10 year old technology.. sure… do that .. but make it just a feature.. the easy part.

There is a reason I’m spending so much time here.. the world needs a neutral party … (more to come on CommerceSignals)




10 thoughts on “Brokering Identity – Part 1”

  1. I think you’re missing Apple’s 2nd act here.

    EMV tokenization allows for the transaction to take place over BT. Apple has a patent on tipping up a BT connection from an NFC contact: They’ve been thinking about this problem for a long time.

    Apple isn’t shy about this either. When they show Passbook in use, it always contains loyalty cards. It’s clear that Apple intends to add not just iBeacon but a full BT connection to the POS transaction. They can’t do it now because none of the NFC terminals have that hardware but Apple will create and brand a protocol for doing this and for merchants to access the non-anonymized Passbook content that was populated from their app that users have installed. Users opt-in by installing the app and adding it to Passbook. It can use iBeacon to pre-determine if there’s any point to even constructing that connection (I’m in a Target, is there any content in Passbook? No, skip the BT and just do the payment.) BT also allows for two-way interaction that is clumsy or impossible with NFC – handling a tip, giving a coupon, redeeming or issuing a gift card, etc. And by using the app as the common interface for these things, not only does the user get control, but the customer tracking works both in-app and in-store because the store interaction elements come from the app. I’d expect to see digital receipts handed back to the phone through this interface as well.

    Apple is far from blind to this. Passbook wouldn’t have been marketed as it has been for the last 2 years without this acknowledgment. Apple wouldn’t be pushing iBeacon/BT without that acknowledgment. Apple wouldn’t have demanded BT be in the EMV spec without this acknowledgement (it doesn’t help EMV advance the spread of NFC terminals in any way). And all of this can be implemented on the Apple Watch as well. No, they got this. Expect to see an API at WWDC next year. First Data will have all the code ready for the POS terminals. Apple will have worked with VeriSign to get a line of NFC+BT contactless terminals on the market. And there won’t need to be ‘Login with Apple’ as you’re logging into Target with Target, into Starbucks with Starbucks, etc. Apple even gives an assist now with allowing TouchID to manage those logins to the app, so there isn’t even an additional step to logging in. The merchants control the entire experience through their own apps, which they love – Apple is just glueing the interaction together and offering reasonable protections to the user.

    They’ve totally got this.

    1. Tom, great post and Martin, great comment.

      I suspect, as you do, that Apple’s pushing to move beyond ‘anonymous’ EMV tokens. However, timing will be key here – Apple must beat the next upgrade cycle POS, or they’ll struggle to shift the POS market in a timely fashion towards BLE.

      Are there other alternatives than a full POS upgrade to get BLE baked in?

    2. How is this innovative in a grand scheme of things? So we will have yet another wiz kid way of sending my credentials to the merchant so he could have some 5 different parties work (and be paid for) on pulling some money from my electronic account or line of credit? Why wouldn’t I have the merchant identify himself to me in the same payment address space that I exist so that I (and only I) could instruct a payment service to transfer (pay?) some money to the merchant and let him know of such. All we need is the payment service to be comfortable with my authentication. We would also need a law/regulation that would force the custodians of electronic accounts to obey consumers’ and merchants’ instructions to give electronic, real time access to their account by a 3rd party PSPs. Today all of this is blocked by the establishment of the 4 party system… who successfully convinced the press and the “payment experts” that mobile payment innovation begins and ends with bringing mobile modality to the business model that makes them trillions. How many ways can we stuff a representation of a plastic card into the mobile phone? And how many ways are there to send such card information to the merchant terminal? Keep working on it people… and beyond that, there is nothing to see here, keep moving on.

  2. Tom

    Nice musings; Martin nice counterpoints

    Apple simply did what it needed to do to monetize phase 1 of Payments; they needed to give banks assurance they’re not looking at transaction. Few seem to think this will remain the case for long.

    I think it’s wise to steer clear of true identity brokering until Apple builds the next lock wall (payments installed & active user base). I ALSO think identity brokering is a phenomenally complicated & risky business (Facebook has done a wicked bad job)… so it’s best to take measures to stay out of the transaction until some point in the future, wherein by acquisition of any number of digital firms Apple can close the loop… it’s just FAR easier for them to cut a rev share on payments with issuers for now, tackle sharing / trust levels later


  3. I thought you briefly mentioned earlier that Apple is hiring retail experts. Do you think it’s to address (at least somewhat) merchants & creating merchant value (IE: loyalty cards, card presence, etc…)?

    Do you envision Apple to move in this direction in the near future (1-2 years) or not?

Leave a Reply

Your email address will not be published. Required fields are marked *