Gemalto QR Codes.. One Giant Leap _________ ?

10 Jan 2013

NFC is a beautiful technology with uses far beyond payment. In the payment use case however, it is not the technology, but rather a business battle over control and ownership  (a 12 Party NFC Supply Chain Mess) which has conspired to create many forces against NFC’s payment success. QR_code_phone

As I stated yesterday, latest news is that MCX has chosen QR code based approach from Gemalto (following Starbucks success). My guess is that Gemalto has developed a one time use QR code that is derived from device information (it will change for every transaction… ).  You can safely assume that ACH will be the primary funding mechanism (just as in Target’s Redcard and Safeway’s FastForward).  The banks had some idea of MCX’s plans are thus moving aggressively to create a directory service to “protect” customer DDA information via tokenization. My guess is that this protection will come at a price….

Here is my best guess of the transaction flow (assuming the rumor is true).


  • Customer downloads Gemalto’s wallet
  • Account is created unique to the phone
  • Consumer registers phone, DDA, loyalty cards, backup funding instrument
  • Bank account is validated, consumer risk scored, back up payment instrument run for auth
  • Wallet is activated on first use at a participating merchant after ID is validated


  • Customer opens wallet at checkout
  • Unique QR code is generated based upon phone information (ex IMEI, time, network, phone #, …)
  • Cashier selects “check” or “loyalty card”
  • QR code is presented to register and scanned. Note MCX merchants are large multi lane merchants with POS development teams.. there will be some work to be done here
  • Authorization – ECR passes QR code to MCX. Example via store controller routed much the same way coupons are done today.
  • MCX validates code, performs fraud screen, authorizes payment (performed by FIS).
  • Individual stores also will be able to leverage code as key for consumer “cloud wallet” access where coupons are stored and redemption is paperless.
  • Coupons are applied
  • Loyalty price/promotions are applied
  • Payment is applied
  • Zero balance
  • Consumer gets electronic receipt and paper one.

I like QR codes for their ubiquity and established consumer behavior (thank Starbucks in the US). Stores don’t need to buy any new hardware for this to work, there is a zero cost of issuance, and it will work on a broad spectrum of phones. Development cycles for Store POS software are normally 18 months… so it could be some time before we see something come out.

QR codes may not be rocket science, but NFC has demonstrated the downside of tech heavy solutions. We may not need a $400M F22 when a simple bicycle will do. Carriers face a future as dumb pipes, a future share by banks, as both work to control their market positions instead of delivering value. MNOs and Banks (in the US) have proven themselves equally incapable of succeeding with new walled garden strategies.  Commerce will find the path of least resistance, like a mighty river…

The big challenge for MCX will NOT be in technology, but rather a consumer value proposition.  Retailers stated goal is to bring death to merchant funded bank card reward programs. What will convince me to part with my Amex card at the POS?… it will need to be something substantial.

Another often asked question is can MCX keep a bunch of fierce competitors working together in the same tent? This approach seems broad enough to insulate MCX from retail competitive forces and align them in fighting a common enemy. Per Sun Tzu “the enemy of my enemy is my friend”. Retailers are looking to turn the tables on the  2% “payment tax” on their business. There is serious enterprise commitment to making MCX work, banks will do well to treat them with respect.

Who will lose in this approach?

  • Payment Terminal Manufactures
  • Anyone dependent on NFC
  • Existing Payment Networks – Debit Volume primarily (if MCX can create a value proposition)
  • Retail banks. The primary payment relationship is a strong “daily use”… there are many downside for banks if they loose it.. for example retailers could offer instant credit based upon your history and network reputation.
  • Start ups building case for value around bank cards or payment networks
  • Consumers that want anonymity.

Other Related Blogs

7 thoughts on “Gemalto QR Codes.. One Giant Leap _________ ?

  1. Interesting. Short comments:
    – Terminals will stay in the shops for long time (MCX participants will still need to take cards for a very long time).
    – Shops to invest in upgraded cashier systems and QR readers.
    – I see comment on difficulties that “other systems” need data connectivity and that coverage can be bad in shops…well this system will also need data connectivity.
    – If you are right that it is a Gemalto wallet, there should be at least one more player in the deal..I don’t think G has a loyalty system..
    – Using process above quite long..I wouldn’t like to be in the queue behind a few that want to use that wallet.
    – Personally I don’t believe that QR is the long term solution..and for short term I think a reversed solution is more effective (fixed unique QR per cashier)
    – Being already authenticated when it’s your turn to pay, press pay in mobile, get directly “sign what see” (the purchase) in the mobile and approve with or without PIN (depending on amount) should be the longterm I think.

    See also this for a similar initiative

    • Payment terminals won’t go away…. ever….

      re Connectivity and flow. The flow above is already in place for all top 20-60 retailers, certainly anyone that can accept a paper coupon. In the back end coupons are validated, price promotions are applied.. 100% of these stores have their ECRs connected to internal networks.

      re Loyalty. Gemalto is just the QR code and validation.. all of the other stuff will be store specific. All possible after they identify the consumer.

  2. Ummm…anyone thought of security? None of the so-called unique data available on a phone cannot be spoofed. If I root my device, I can make it appear to be your device, even on the mobile network. This is even easier to commit fraud with than magstripe payment cards. Who will pay for the fraud, the merchants?

  3. Pingback: Business Implications of Tokens « FinVentures

  4. Pingback: Payments – Wrapping, Rules, Acquiring and Tokens | FinVentures

  5. Pingback: Another Bank Consortium? Paydient | FinVentures

Please Login to Comment.