Google/Mastercard.. The new Oil or Uranium?

Bloomberg published a thorough article today on Secret Google/MA Deal and how the data is used in attribution (I wrote about this in May of 2017 Payment Data and Google Attribution). Attribution is big business. Most marketers still grapple with the old adage “Half the money I spend on advertising is wasted; the trouble is, I don’t know which half.”. Accurately closing the loop between advertising and incremental sales allows marketers to know what is working and what is not.  As outlined in Bloomberg,

“Beforehand, the company received $5.70 in revenue for every dollar spent on marketing in the ad campaign with Google, according to an iProspect analysis. With the new transaction feature, the return nearly doubled to $10.60”.

The GREAT news is that cards are an instrumental part of helping retailers improve the marketing! The bad news:  inconsistent controls, “leakage” of payment data, concerns over consumer privacy and the raw “power” google and FB have in gaining further “data advantage” over everyone else.  

Summary
  • Attribution and “closing the loop” is a strategic priority for Goog/FB because when you know what’s working, you can optimize spend and double marketing ROI. We have seen the same thing at Commerce Signals as we measure the sales impact of client ads outside of the walled gardens. The economic value created is a tremendous opportunity for banks here.
  • Google has “access” to 70% of US transaction data through Mastercard, 1-2 participating processors, a bank data aggregator, and retailers sending data to Google directly (last week’s blog).  However, there are substantial issues with granting Google/FB ad hoc access to payment data. While there are no doubt agreements associated with access and use, the data owner has given up control and thus placed themselves at unnecssary risk.
  • Commerce Signals provides this same closing the loop service in a way that allows the data owner to maintain full control and protects re-identifcation of private consumer financial information.
  • Trust is the core of both banking and marketing. All parties should be able to report on WHO is using their data and HOW they are using it. This requires transparency (and auditability).
  • Building great consumer experiences take collaboration. Collaboration will be the center of all future payment networks (ex Alipay). Commercial networks are transforming – a process which will unlock $2T in value.  (Small Wins and Transformation of Commercial Networks)
  • Data has been called the “new oil”, I would posit that it is the “new uranium”. While great power can be unleashed by refining it, you must control how it is disseminated and used… or it will everyone will be at risk

Transparency and the 3 Rules of Data

There are 3 basic rules to consider for any party participating in a data exchange

  1. Right to have the data
  2. Right to use the data
  3. Right to share the data

Transparency is critical to creating trust and enabling data. To be clear we have no relationship or business with either Google or Mastercard and I have no knowledge of the precise architecture, my educated guess on the structure is below a purely “hypothetical” design based upon experience.

Mastercard sees transaction data, but has no consumer information tied to it. In other words they only have the Primary Account Number (PAN) and no nothing else about you. Within 4 party networks only issuers have consumer information. V/MA schemes are designed to protect consumer anonymity through to the POS. However, there are agents that can map a consumer to a PAN, either through seeing things like online transactions (where you put your name and PAN to order goods), credit card bureaus, …etc. These entities can help holders of PANs map to an anonymized ID.  These anonymized IDs in payments are also held by advertisers. Each party has a “unique” anonymized ID and can’t coordinate with each other without the “key pair translator”

DATA “COLLABORATION” WITH WALLED GARDENS

Google and FB. The issues in making payment data work with Google and FB are the data rules set by Google and FB: they do not let data leave their control (ex media exposure files).  Thus data must go INTO GOOGLE. The 3-4 yrs of delay in MA/Google operation would likely be surrounding where the Google Data and MA data would collectively reside. Google is in a place to financially take risk on this, and my guess is that payment partners (like MA) have agreed to a “white room” where their payment data resides which can be accessed in a controlled/structured manner by Google.

Consumer information leaving Mastercard:  Contractually none as they probably maintain “ownership” of the neutral white room (perhaps a separate legal entity). There are also likely controls placed upon the structure of analysis (example cohorts must be greater than 50 matched consumer records) within an operating agreement.

Issues: Google has ad hoc access to payment data within a set of rules. My rule #3 (right to “share” the data) may be broken here as permissions must be granted by either:  the consumer, merchant, or issuer (depending on data).  Standard questions anyone should ask on this architecture:

  • Who created the operating agreement?
  • Who granted the permissions?
  • Who is managing the controls?
  • What auditability is granted to the impacted parties?
  • Who bears the risk of breach?

Banks and Merchants (the advertisers) must be able to clearly communicate: who used their data for what purpose? For example, while there may be aggregated data controls, what if Google asked the same question for a group of 50 buyers of Joe’s sporting goods, and then changed the cohort by 1 person (Tom). They would know what I bought during the time period.

Federated Data = Controlled Use

At Commerce Signals we do not have any payment data inhouse. We recognized that for data to be controlled it must stay within the premises of the owner, it can only be released if you understand both WHO is requesting the data and HOW it will be used. All data exchanges are tracked and operate within defined terms and agreements. If agreements stop, so does the data flow.  We ask our financial partners a question that like this:

For this group of 1M consumers. What was the total spend of this group during the period before the advertisement and what was the total spend of this group during the media period

Consumer level information leaving financial partner: None. Just the aggregate spend of the group of the 1M. As a neutral party we hold no consumer level payment data, or ad exposure data. We provide all parties with transparent view of both USE and permissions. The only way to make TRUST operaterative in networks is to have a neutral party.

In our Joe’s sporting goods example (above), Commerce Signals monitors ID velocity, and takes actions based upon the direction of the data owner. We work as  the neutral traffic cop that enforces rules of all parties. We enable quality data to play with transparency. For example, we recognize that ID partners must be able to have clarity into how their information was used (example PAN to ID mapping). While ID agents may permission a mapping for the purpose of aggregate measurement, they may choose to defer on others. Enabling ID partners to permission use improves the market for deterministic ID providers (vs probabilistic). Tracking use also allows Commerce Signals to manage opt outs across multiple partners and ID providers consistently.

Data has been called the “new oil”. I would say it is rather the “new uranium”. While great power can be unleashed by refining it, you must control how it is disseminated and used… or everyone will be at risk. This is our business at Commerce Signals.

Industry recommendations:

  • Quality data can only play where there is transparency and control.
  • Retailers should view measurement and optimization as a core IN HOUSE responsibility. Card Networks and merchant processors are great partners to accomplish this with no work on your side. You can enable the same optimization described in the Bloomberg article across all of your marketing.
  • Google and FB must recognize that payment data is of greater sensitivity than ad exposure data. While 3rd party data partners have been curtailed, 1st party data is greatly accelerating. I believe consumers will be shocked to find out that their real time purchase information is made available to Google and FB. While there is an immediate media effectiveness impact in turning this on, there are better ways to accomplish it.   
  • Retailers should recognize the double edge sword of data sharing with Google. While it does improve marketing results, and they can write very big checks, it also leaks consumer preferences. 
  • We are at a Data Tipping Point (blog) where all parties must be accountable for HOW data plays with WHOM for WHAT use.  Create a mission control for all of your data interactions. Who is using your data today?  It is your data, and it must operate under your rules (more here)
  • Banks… must work to ensure transparency of data use, and that the actors participating abide by the rules (see my Bank Recommendations)

Payment Data.. Banks are NOT the problem

Loss of Anonymity in Payments and the threats to Banking, Retail and Consumers

Compelling WSJ article yesterday on Facebook and Bank data. This article doesn’t begin to touch the extent of the problem. When it comes to data, there 2 very very distinct camps. Those that care about consumer data and their role in managing it, and those that don’t. 

Banks and payment networks care and are “squeaky clean” compared to the rampant data sharing going on within marketing (retailers directly to the big ad publishers). While Cambridge Analytica brought about changes to 3rd party data sharing the entire ad industry has DRAMATICALLY increased direct first party data sharing. In other words many large retailers are sending their real time SKU level purchase data (for all customers) directly into the big Ad Platforms.

  1. Google Offline Conversions API
  2. Facebook Offline Conversion API
  3. Agency Example
  4. Gartner CDP Magic Quadrant

What enables retailers to identify consumers and send this data to Ad Platforms? Historically, only retailers with loyalty card schemes could do this, but recently Payment cards have transformed to become the virtual loyalty card used to accurately identify consumers (without Bank/Network permission). This is shocking, as Payment cards have a solid track record for protecting consumer identity (ie anonymity in payment), with payment anonymity a core “feature”. Within the 4 party network schemes only issuers could identify the consumer, enabling issuing Banks maintain the critical role of Identity broker (see blog). As former banker this makes my head spin, as the Payment Card Industry (PCI) has invested BILLIONS to protect transaction data.. Only to have it pour out from a hole.

Example

Today, when a consumer uses their V/MA card to purchase the retailer creates an “anonymized ID” and stores the transaction set internally (at ~50% of the top 10 retailers) with the entire inventory of items purchased. There are few rule or privacy issues here (IMHO), as general trends and loyalty are measured.  However, retailers are voluntarily sending this transaction data (mapped to consumer ID not PAN) directly to the big Ad Platforms. The ad platforms then map this activity to the “anonymized ID” customer behavior it maintains (ex preference for soccer and CNN.com). Issues with this model:

  • Replacing the PAN with another Anonymized ID SHOULD NOT cause it to run under a different “rule set”. If ANY card information was used in the mapping, it should run under network rules
  • Neither the issuers, the networks nor the consumers have permissioned this data sharing.
  • Banks will never have a data business if data plays in this way
  • Retailers are giving away enormous consumer insight and strengthening the pricing power of Google/FB
  • The value of the “raw data” will diminish. Once reliable predictive models and preferences are established (ex Tennis player that likes Lacoste) I no longer need the raw data
  • Data is the “new uranium” we must work to control dissemination or it will destroy those touching it.

Obviously data is following the path of least resistance to centralization points that can act on it efficiently (covered in my blog Equifax, FB and Dangers of Data Centralization). However the ABILITY to act on data is different than the rules which data should act within. Transaction data was developed with VERY thoughtful rules and controls. For example, when a party submits a transaction or request the counterparty is known as is the legal agreement under which the “transaction” operates. Trust developed as a result. Trusted data must be managed.

Russ Schrader (Commerce Signals GC/CPO and Executive Director of the National Cyber Security Alliance) put together these 3 simple rules of thumb when thinking about data use:

  • Right to have the data
  • Right to use the data
  • Right to share the data

To be clear my goal is NOT to create a government imposed GDPR in the US. Rather I want Banks and Retailers to have a data business, and create great new consumer experiences.

Yes I have a bias here, it is what I built my company around (see Federated Data®). Data centralization is the v1.0 architecture of data science. Sure you can learn great things if all the data is mashed together but the value of data is based upon use. If you can’t control use… you can’t control the unique value that is unlocked (or the rights) within a given use.

Bank/Network Actions

Let me be clear.. banks must have a role in data! The economics of payments are changing. Banks must protect their ability to deliver value beyond the transaction. Banking is a commerce function and Alipay has shown what the future holds for “commerce orchestrators” .. payments allow them to become banking orchestrators as well (see WSJ and Ant Financial).  There are both offensive and defensive actions that must be taken. 

  1. Defense. Change the rules to protect your data ensure every party “in the network” is operating on your data with permissions. Your data is playing in the market today.. and you don’t even know it. Banks have permissioned and distributed their data to marketing, loyalty, and shared market insight vendors. While individual transaction data may not be distributed by your partners, consumer level models are built and shared (see Banks as a Data Business). Typical network rules allow for merchants to use card information for the purpose of “loyalty and marketing” these rules need to be tightened up as the rights to share this data with many parties was never part of the original intent.
  2. Retailers are not big enough to force change within the ad world. You are..  Ensure that all data operates within the simple rules above.
  3. Banks must collaborate in data. As a top 3 bank told me “… we have learned some very hard lessons in data, no one bank is big enough to go it alone. What we should have remembered is the success with V/MA. Even though we compete with [Banks] a common network allowed millions of businesses and consumers to work with us consistently….” and another “ The real threat to banks is the Alipay. We need a common data network with common rules. Banks have a role to play in creating great consumer experiences however there are only a very few of them we are poised to lead”.  
  4. Take on the roles of transparency and consumer champion.
Retailer Actions

Retailers have a right to payment data. While big data can create great new insights if we centralized and analyzed all conversations, there is a downside. Digitally, every interaction you have with a consumer is a conversation. Brands must manage who gets to take part in these conversations and build insight from them. If your downstream data “partners” mis-use your data your customers will go to Amazon (which doesn’t share data with Google and FB).  You must create great consumer experiences, but you must balance against consumer privacy and your rights to the data.

  1. Maintain control of your data supply chain. Both WHO is using your data and HOW it is being used. Create a mission control that allows you to see what data is shared with Whom, for which Use under which legal agreement (a shameless plug for our service)
  2. Rather than sending out raw transactional data that improves pricing leverage of Goog/FB build a CDP and enable your own targeting. Make partners bring their insights to you, or ask you to append a propensity score for a specific campaign.. not raw data for all of your customers. This is what Commerce Signals enables. 
  3. Hold all marketing partners accountable to performance against a common benchmark. This does not mean a measuring against a panel of 8M location based “presence” participants. But leverage your transaction data to measure performance consistently. This means Google and FB must be measured against your metrics.. Not report their own. Mark Pritchard of P&G is the most vocal advocate of this approach

For more information, please see my previous blogs

Rewiring – Part 2: Walmart+Goog, Amazon+Whole Foods, …

I’m taking a rather abbreviated approach to blogging today.. as most of my key points have more detail in my other posts. I’ll just link to my old posts and focus on a few new thoughts. Continue reading “Rewiring – Part 2: Walmart+Goog, Amazon+Whole Foods, …”

Amazon 2% + PayPal Discover

Two HUGE payment events this week

Amazon 2%

Per Bloomberg, consumers that don’t want to go for the 5% back Amazon store card (SYF) can now link their DDA and earn 2% back.  This may be the biggest payment innovation of the year!  Continue reading “Amazon 2% + PayPal Discover”

Payments Data and Google Attribution

Great articles yesterday

This year, the iab (interactive advertising bureau) labeled 2017 as the Year of Measurement. Understanding why, and what is changing here is key for retail, banking and advertising. Most of us know the adage “measure what you want to manage”. As an engineer, I view measurement as the key feedback loop in any system or process. In order to gain feedback (close the loop), you must know what happened. Continue reading “Payments Data and Google Attribution”

Chase Net 2017

Its tough to find time to Blog as a CEO…. Most of you my blogs are sometimes snarky and tactless (making NOT offending someone a new consideration).

I was taking a look at JPMC’s latest investor presentation and noticed that ChaseNet is gone.. Why? I’ve written on JPMC and ChaseNet a number of times over last 6 yrs. Today I’ll cover my views on the latest developments and my views on JPMC’s ChaseNet strategy. Lets recap first: Continue reading “Chase Net 2017”

Acceptance – Part 1

I haven’t written much on acceptance over my 9 yr blogging career for one simple reason.. I was never “in” that side of the business. Given how much is going on in here I can’t leave it out any longer. Acceptance at the POS is a big topic, I see the following areas: Continue reading “Acceptance – Part 1”

Browser Tokens – Payments in OS Part 4

My last articles on this topic were
I’ll forgive you if you didn’t see the big news out of Google I/O. There is a MUST READ article in Android Police that is spot on. Summary? Google (Chrome/Android) and Apple (Safari) are ready to integrate payment tokens in the browser.. Buy buttons will be integrated into ads, product listings, or a single “pay” button with no subsequent user information to fill out “quasi one-click”. From Android Police

Continue reading “Browser Tokens – Payments in OS Part 4”

Changing Economics of Payments

2 Dec 2015

Happy ‘After’ Thanksgiving everyone, I’m coming out of my tryptophan coma and thought I would go for a mental stretch. This is a pretty big topic, and I won’t do it justice. Thanks in advance for your comments and perspective. [Note I’m not naming the titles of my reference blogs and used only URLs.] Continue reading “Changing Economics of Payments”

2015 End of Summer Payments Update

15 September 2015

Well kids are back in school and Europe is tan. 6 weeks left till Money 2020.. and I just completed our Series A here at Commerce Signals.. wow what a summer!!

This blog is a little bit more of an inventory of things going on.. mixed with some views and general rumblings.

EMV. Its going to happen in October and the big merchants are ready. Two top processors told me that small merchants are in big trouble, particularly as the issuers will be pushing back all fraud to non-EMV merchants VERY aggressively. Think of it this way. EMV does NOTHING to help the small merchant.. currently no business bares cost of fraud in card acceptance. In October merchants must change to accept EMV or they will have the risk of fraud on their business. ISOs to the rescue? This will be a great opportunity for Poynt, Square and other merchant friendly POS/Payment providers.

Acquirers. First Data is moving toward IPO. This is a very tough business.. but as I’ve said before my bets are around companies that can be merchant friendly.. Acquirers are the entity that own the merchant relationship in a 4 party network.. so it is theirs to lose. Nothing has really taken off (incrementally here), Clovr, Card Spring, First Data’s Palantir. Why?? Acquirers have largely been put into a pricing box at the top 500 merchants with a well defined service (not much room for incremental services), and have had their reputation impugned through the ISO channels at the low end (5-7% cost of acceptance). For any Acquiring CEO reading this blog.. my action for you today is to take a look at the invoice you send to a merchant. 2-4 pages of fees that are indecipherable.. When merchants don’t trust you they don’t buy more from you. This is why I would not invest in this space without a clear understanding of the disruption.

Private Label. Rumor is that both Amex and Paypal are looking at M&A here. Makes sense for Amex particularly given need for transaction volume, 3 party model and their state of the art infrastructure. Merchants love Amex customers.. and Amex does the best job in the industry of proving the value that they bring (justifying their hefty cost).

MCX. They are set with payment infrastructure from FIS and First Data. The payment capability is there, and it takes time to build a highly scalable payments company. I just don’t see the need for stand alone app. My guess is that there will be an MCX payment instrument that sits in Apple/Google wallet… just silly to compete on “presentment”. Is the alliance fracturing? I think all participants would love to have a payment instrument that they could own and control. The issue is that there is no agreement on anything beyond payment. Mobile is too important a channel to delegate to a consortium. Also, these are fierce competitors.. The real challenge? Creating a great consumer experience, quite frankly their product team was one of the worst I’ve ever met in any company. No wonder they were considering paydiant.. one of the only options out of the DIY.

Poynt and Square. This seems to fit right in to the flow..  I love both of these companies. Why? As described above the payment industry has been VERY unkind to retailers. Poynt and Square give retailers a greatly simplified hardware, software, and acquiring solution. As a small merchant moving from 5-7% acquiring to 2.75% is a rather simple value proposition. I believe Poynt has several significant advantages over Square: 1) Square has a 6month+ certification process on Apple devices. Whenever it changes anything in its app… it has to go through recertification by Apple. Poynt is the ANDROID of Point of Sale solutions 2) By staying off of Apple AND adding a separate stand alone processor for non-payment applications, Poynt can deploy more applications more quickly and act as a platform for other services. 3) Poynt has a powerful data solution that puts merchants back in control of their data, 4) Ergonomics/Design. Just beautiful. Chip/DIP, Chip Contactless, QR, BLE, customer facing touch screen (not a swivel stand) all work seamlessly without having to pick up the terminal and try to stick your card into a slot. Well done Osama and team.

Paypal? Not much of a stock pop.. I’m very high on the Dan and Bill. But their core asset (eCommerce risk management) is being rendered moot by great mobile auth. When Microsoft (OnePay), Google (Wallet), Visa (Checkout), Apple (ApplePay) all moving into eCommerce they also risk loosing consumers. One of my biggest beefs is their treatment of Venmo volume in TPV (it is 0bps). Rumors are also that they will lose Uber within next 6 months.. and worked a special deal to keep them with take rate below 90bps (perhaps a driver of their margin drop). Merchants are a natural ally here, but Don K really mucked things up with their POS try. It will take 2 years to get things in shape here.

Visa/MA.. They are my biggest holdings.. no change in my views here. VDEP and MDES have positioned both with new power to tokenize and own the rules on mobile. I expect to see a new CNP rate for tokens within next 9 months.

Google. Big news 9/10 (See Blog). Google wallet now on all phones KitKat 4.4 and above (50-60M in US). I love it.. This is the PLATFORM FOR PAYMENT INNOVATION. The user experience is not on par with Apple (or even Samsung Pay).. but Android users are more technical (only 6% of iPhone owners have ever used ApplePay). There are some BIG pluses over Apple, I love that it shows the ereciept and location of purchase for instance (most issuers). Very surprised that Google is still looking for bi-lateral deals from issuers (in order of $10M with no bps). This is why we don’t see many issuers at launch.  What is funny is that there is a “free path” to issuers as well. If they don’t want their card art.. issuers can still just “turn it on” via the V/MA intranet tokenization route (register BINs). Funny that the big hold out is JPM.. given its data play.

Apple. I wouldn’t be surprised to see an ApplePay product announcement in October at Money 2020. Note that my track record is near perfect here so I don’t want to mess up 2 years of predictions. I know that Apple has ApplePay working in Safari, don’t know if they will roll this out our not. I also know that Apple went back to issuers asking for an “Amex like experience with eReciepts”. The issuers said “sure we can do that.. lets first tear up that 15 bps contract and talk about what you will pay me”. My sources say that beacons are a part of the next launch.. they could be just feeding me *&^*(&.  My guess on new release? 1) New Developer Support Program and rollout of Private Label/ Synchrony, ADS and Citi. 2) Improved “eReciept” process (like Amex) in order to compete with Google. 3) ApplePay in Safari (60% chance.. it is working but don’t know if they want to push yet before new token CNP rate tier). 4) Beacons at POS. Improve retail experience with beacons (40%.. again working in lab but don’t know of readiness).

The big Apple news that everyone is talking about is their plans to finance phones directly (end running carrier subsidy dependencies). As I’ve stated before, Apple’s phone is already capable of enabling a virtualized SIM. This is the one step needed before Apple enables consumers to “switch” to the lowest cost network every month.. or every day. This obviously has big implications for Gemalto as well. Google is 2-3 years behind, but is making more progress in enabling wi-fi as network option.

Innovation. Chain getting investment from NASDAQ, Visa, Citi.. is big news. I remain very positive on use of bitcoin as a disruption to Payments (see blog structural changes to payments). I also live industry specific solutions where payments are combined with something else to solve a problem. hyperWALLET for global payroll, justpushpay for construction, WEX for fleet/gas. I also love payments and data (hence commerceSignals), in this Klarna and Sofi are just tremendous ideas.

Going South

Samsung Pay. No change in my views here. What is sad is that they didn’t know that their entire application is incompatible with Android M (until they read my blog). Working with a competing app on their own phones with no registration.. just sad.

Card Linked offers. Guys don’t believe the press.. all of these things are dying. Even the most successful (cardlytics). Citibank is rumored to have called EDO to come pick up the pallet of their equipment (after 300M+ spent).  The good news is that their transactional data is in better shape for use.

Gemalto. Stock is at a 5 year low.. I told you guys to be short here. NO MCX, No GSMA NFC SWP… now Apple is pushing the SIM out of the phone altogether (or soon will).

Monitise. I want to end on a humorous note. This company did a great job at enabling online banking 8 years ago.. enabling “check your balance” functionality via a quick integration to the ATM switch. They pivoted in 2006/8 to support development on an array of handsets (Nokia, RIM, Apple, Samsung, …) with their only competition being mFoundry (acquired by FIS). But the phone complexity went away with 2 mobile OS (Android and iOS) and the rapid shift of mobile from the periphery to the center of the customer relationship. No bank will outsource the CENTER.. mobile development was a specialized skill.. now it is mainstream. As if this were not sad enough, they hired a US network exec with no EU experience, no mobile experience and no network of issuers (that liked her). Then she pushed out the founder.. only to quit last week.  Wow .. I hope the BBC can make a Silicon Valley (HBO) equiv.. only make it more of a Shakespearian tragedy.