Visa Ooops – PR screw up on new Device Fidelity iPhone App

Device Fidelity is one of the premier MicroSD NFC players (other is Tyfone). Trying to beat Apple to market with their embedded NFC or enabling existing phones? My bet is that this one will have AT&Ts involvement. MicroSD is a great form factor for NFC, issue is who will pay the $15-20 for it and who will certify? AT&T has the best chance to make this successful and subsidize.. in order to bear this cost, AT&T must drive either transaction revenue (create a pre-paid card) or a new advertising service.

Looks like their PR came out a little ahead of time.
Device Fidelity is one of the premier MicroSD NFC players (other is Tyfone). Trying to beat Apple to market with their embedded NFC or enabling existing phones? My bet is that this one will have AT&Ts involvement.  MicroSD is a great form factor for NFC, issue is who will pay the $15-20 for it and who will certify? AT&T has the best chance to make this successful and subsidize.. in order to bear this cost, AT&T must drive either transaction revenue (create a pre-paid card) or a new advertising service.
More to come

Social Payments: Paying the Blogosphere

This could be the death knell for established news organizations. Having just renewed my subscription to the online Wall Street Journal last week, I was struck at how much of my news comes from informal social networks. I received a call today from an interesting team operating in this space… quite frankly a fabulous payment idea: Paying the blogosphere.

19 February 2010

This could be the death knell for established news organizations. Having just renewed my subscription to the online Wall Street Journal last week, I was struck at how much of my news comes from informal social networks. I received a call today from a team investigating this space… quite frankly a fabulous payment idea: Paying the blogosphere.

Take a look at Flattr’s YouTube video to get the picture. [youtube=http://www.youtube.com/watch?v=kwvExIWf_Uc]

One of the many competing w/ Flattr is Kachingle (see patent application). My uninformed opinion is that services in this category can structure themselves as commercial services and avoid MTO regulatory burdens. Kachangle’s approach (described in patent app above) seems to be “billing as a service” … in essence users are buying a service for a fixed monthly subscription at $10/mo. Others “social payment providers” contemplating entry here should be very cautious to avoid used of “tokens” which can be “redeemed” (Big US issues here… See eGold and  US DOJ Final, US DOJ Indictment). The rule of thumb for operating in the US: regular payments for a commercial value added/reseller service.. Good.. flexible payments to anonymous end parties .. Bad.

Key payment considerations

  • Where is NewCo legal entity and target customer base?
  • Where is NewCo operating from?
  • Where is NewCo’s bank account?
  • Is it a commercial service or “money transfer”? You have a regulatory requirements with either, but money transfer services are much more burdensome. If commercial service, then commercial requirements typically dictate disbursement KYC as well as tax/revenue reporting.
  • If service is money transfer, business will not only face regulatory hurdles, but also payment clearing hurdles associated with “payment aggregation”. Networks do not want intermediaries operating a payment network within their existing network as they loose their ability to manage regulatory control (ex. AML, sanctioned payments, …)
  • How does NewCo move money in? Cross border? Who will bear regulatory risk? Clearing bank? Network? NewCo?
  • Are there tokens or other stored units of value that can be exchanged?  

A great blog from a publishers perspective http://steveouting.com/2009/08/28/paycheckr-the-sharethis-for-donation-pay-options/

US Regulations – Online Payment/Transfer

This blog takes a look at the regulatory risk today’s start ups face and gives background on how PayPal got to where it is today. For today’s “emerging” payment companies, there are 4 primary choices for operating in the US: 1) Obtain the licenses, 2) Operate as an agent of an entity with the proper licenses, 3) Sell your software to a licensed entity, 4)Exchange non-monetary forms of value (minutes, eGold, credits, …).

Lessons from PayPal

January 25, 2010

I was on the phone today with Jeff McConnell, a tremendous exec with a long history of leading innovation in money transfer (WU, Moneygram, iKobo, …). In some respects it’s hard for me to believe that 2002 is 8 years ago, and I was reminded of how challenged PayPal was in obtaining the proper licenses “after the fact” in its early business.

In his 2006 book The PayPal Wars, Eric Jackson did an excellent job laying out the challenges paypal faced in its early years.  In the early days after its inception in 1999, PayPal was moving toward becoming a bank, but the Internet startup decided that banking regulations were too cumbersome. “We just wanted to be able to facilitate a quick payment,” he said. “The question of how to classify PayPal lingered for some time….It’s a sort of modern-era Western Union.. really, all PayPal is doing is shifting money around on your behalf.” 

To see the “change” in PayPal’s regulatory approach, take a look at PayPal’s 2002 prospectus.

We believe the licensing requirements of the Office of the Comptroller of the Currency, the Federal Reserve Board or other federal or state agencies that regulate or monitor banks or other types of providers of electronic commerce services do not apply to us. One or more states may conclude that, under its or their statutes, we are engaged in an unauthorized banking business. In that event, we might be subject to monetary penalties and adverse publicity and might be required to cease doing business with residents of those states. A number of states have enacted legislation regulating check sellers, money transmitters or service providers to banks, and we have applied for, or are in the process of applying for, licenses under this legislation in particular jurisdictions. To date, we have obtained licenses in two states.

This 2002 regulatory view, by the Paypal exec team, was based on a position that PayPal was acting as a Third party payments aggregator (TPPA), not in need of a money transfer license. TPPA is a description used for merchants that are charging a credit card for a product or service that they do not own. TPPAs simply facilitate the exchange of money between two parties sometimes using a credit card as a funding source. Several fraud and AML incidents arose which got the attention of both federal and state organizations. It became clear that PayPal was being used for much more then payment for goods within the eBay marketplace.

In Feb of 2002, the Federal Deposit Insurance Corporation (FDIC) ruled that PayPal is not a bank, which accelerated efforts by states to pursue PayPal for violating money transfer laws (New York and Louisiana are most notable).  This could have been the death knell for PayPal, as they were operating without the proper licenses. PayPal’s “post facto” licensing efforts were greatly aided by the local political support from thousands of eBay’s buyers and sellers. Today, according to spokesperson Michael Oldenburg,  PayPal is licensed as a money transmitter in 43 states (not all states require a license), demonstrating that regulatory risk was far greater than what they articulated in the 2002 prospectus. For those interested in the legal/regulatory conundrum faced by regulators, I highly recommend:  Regulating Internet Payment Intermediaries, by Ronald J. Mann, University of Texas School of Law

For today’s “emerging” payment companies, there are 4 primary choices for operating in the US:

  1. Obtain the licenses
  2. Operate as an agent of an entity with the proper licenses
  3. Sell your software to a licensed entity
  4. Exchange non-monetary forms of value (minutes, eGold, credits, …).

Obtain the licenses

For those of you that read my Blog, you’re probably aware that I’m fairly negative on Obopay, however they do excel in obtaining US MTO licensing (https://www.obopay.com/corporate/stateLicenses.shtml) . Unfortunately, all of these US licensing effort seems for naught as they are pulling out of the US and focusing in emerging markets as the “sender pays” model does not work in developed countries (morphing from a failed US P2P effort to Remittance). Today, PayPal, Western Union, Travelex, Moneygram, MoneyBookers (soon to be NY licensed) also operate as licensed Money Transfer Organizations (MTOs).

Becoming an MTO is not for the faint of heart, as regulatory capital requirements in excess of settlement obligations (fiduciary assets) are a complex (state by state) maze. This creates a challenging dynamic where capital reserve requirements grow as payment volumes grow. As a start up this means you not only need to raise capital to start the business, but also the regulatory capital BEFORE you get the state licenses.

MoneyGram’s 2007  “investment issues” offer many insights into MTO challenges. MGI suffered an $860M+ plus loss as it shifted out of high yield asset backed securities (which lost their investment grade rating). To preserve liquidity it sold $630MM in preferred and received debt financing of approximately $500M, a situation which today leaves MGI common shareholders in a $870MM equity deficit.

Operating as an MNO is not your only choice. I’m amazed at how few companies there are attempting to develop a bank based model. Trolling the dust bin of failed financial institutions may provide a unique opportunity for a start up to acquire the “shell” of a licensed bank to develop a “payment” focused value proposition. The strategy behind Revolution Money’s acquisition by Amex gives Revolution the “best of both worlds”: an acquirer and a bank. If it were not for Amex’s bank charter (and associated regulatory capital), Revolution’s PIN based debit would be highly susceptible to NACHA aggregation restrictions if they are operating as a non-bank, operating as a type of decouple debit.

I know from my own personal experience that operating as a “payment bank” is not without challenges, not just Citi C2it.. (which stopped 2.5 yrs prior to my role), but Citi GTS which today provides many of the banking licenses for payment providers like WU, Vodafone, ZAIN, …  In addition to Citi GTS, one of Citi’s most profitable “global” retail bank businesses is NRI (Non Resident Indian) which serves affluent Indians (within the US, UK, …) with comprehensive services that cater to the needs of affluent clients. Citi also effectively up sells NRI clients services within its investment and commercial bank.

Operate as an agent

Pre-paid cards offer a “fast track” to operating a new payment service (Revolution money, Squareup, payoneer, iKobo, …). In this model the service relies on the licenses of the underlying bank (example Metabank). The legal precedent here is rather new as witnessed by May 30, 2007 finding by the First Circuit , which affirmed that the National Bank Act preempted New Hampshire regulation of the pre-paid product. In the “agent” model, it is therefore paramount that start ups seek a federally chartered partner. 

There is still substantial “risk” in this pre-paid agent model, as traditional banks and networks control the “rails” for this payment type. For example, Consumer accounts must be “funded” from either a card or DDA account. NACHA has developed new rules which significantly curtail the ability of a “payment aggregator” operating off of a current account (see NACHA Tightens Risk Management and aggregation rules) . Additionally, card networks and acquirers are much more attuned to the risks that these new payment intermediaries present.

My top vendor in the bank model is CashEdge (having been the banker who signed the agreement at Wachovia). CE is the “3rd party sender” for Citi, BAC, Wachovia, PNC and other top banks representing approximately 50% of US DDA accounts. You don’t hear about them much because they are a white label “bank friendly” service. They excel in risk management, with a team second only to paypal. Most of you in the US reading this already use their software.. but just don’t know it.  In the mobile space, I love the innovation at BlingNation.

Sell your software

This is rather straightforward. Within the mobile money space, companies such as Monitise, HyperWALLET, Fundamo, Paybox (now Sybase 365) all provide good platforms from which to build an offering. Issue for small companies is that the entities which have the necessary license have largely made significant bets here already. Of course some of the bets by big banks (some alliteration here) have been terrible, most notably Firethorne which has lost the accounts at Chase, Citi and Wachovia all in the last 8 months.

Exchange non-monetary forms of value

Beyond the scope for my discussion here. My advice is that this is a slippery slope and you will have trouble (as a payment company) attracting “A Class” capital. Look no further than the history of e-Gold for education on the issues.

U.S. GOVERNMENT SEIZES E-GOLD ACCOUNTS, OWNERS INDICTED

Summary

In writing this I cannot help but be struck by many similarities in the “unregulated growth” of PayPal and Vodafone’s MPesa. The growth of both companies was driven by an existing customer base and a value proposition which addressed clear gaps within the payment systems of their respective markets. In both cases, there was no clear regulatory authority to restrict them and once they were firmly established (through contagious adoption) it was too late to stop.

Within the EU, the ECB has developed ELMI regulations that are supported by other initiatives such as SEPA (See http://www.paysys.de/download/Krueger%20e-money%20regul.pdf).

Related posts

http://tomnoyes.wordpress.com/2009/12/16/cash-replacement-part-2/

http://www.banking.state.ny.us/legal/lo020603.htm

http://www.ecommercetimes.com/story/18211.html?wlc=1264432425

SEPA: Chicken or the Egg?

The over arching goal of SEPA is to make the EU a single market on “payment” par with the U.S. Perhaps the best way to start is not by incenting changes to “payments”, but to open the EU retail banking market. (Think of the US banks operating under a Fed charter). “All banking is local” can be the mantra ascribed to the EU today, with each country maintaining tight regulatory control over domestic financial institutions (i.e. M&A and Liquidity). Significant market forces could be unleashed when local banks can operate throughout the EU, and a German consumer can seek the best rate and apply for an account at a “Spanish” bank.

4 January 2010

I was reading an update on SEPA : New Alliances Required to Tip the Market. The report gave me new perspective on how challenging it is to change a networked business. This challenge is exacerbated by the ‘well intended’ EU political compromises in SEPA (specifically) and EU regulation of retail finance (more broadly). Clearly “payment networks” can benefit from innovation, but as Juergen correctly states “In a network industry, cost reductions and/or additional revenues that can be realized by applying the new standards have to exceed the network effects currently realized with the old standard”.

SEPA is struggling to resolve issues in cost/benefit allocation given the slow growth and adoption for SDD and SCT. The greater growth in SEPA Cards Framework can be attributed to the “control” and investment from Visa/MA as they manage compliance (and marketing) or the new SCF brand. An excerpt from the report above:

Key strategic decisions have to be made almost simultaneously in organisations that are in competition with each other, follow different strategies and have different abilities to innovate or prepare for an industry change. Only if consensus on a new business model can be reached – among stakeholders who represent significant market shares and hold key positions in the industry– will it be possible to generate the synergies promised by SEPA. As already described, the cross-border business within SEPA represents only a small share of the payments market. The dominant national standards, which all would have to be replaced by the new SEPA standards, are built around national market requirements.

International banks (for example, Deutsche Bank) have separate organisational units in several European countries that run their own national payments engines. They maintain different payment infrastructures in Europe. Modifications in response to new compliance requirements (for example, money laundering or new requirements of the PSD) create several similar projects [for this single bank]..

The costs for SEPA (estimated at €10B) fall heavily on the banks, and the benefits (ex. e-invoicing, cross border competition in payment products, …etc) are expected to be realized by the consumers of bank payment services (with and estimate €7B revenue hit to banks). Fortunately for the Banks, in 2002 the approach decided on by the EPC was to create SEPA in a market-driven and self regulated process.

The over arching goal of SEPA is to make the EU a single market on “payment” par with the U.S. Perhaps the best way to start is not by incenting changes to “payments”, but to open the EU retail banking market. (Think of the US banks operating under a Fed charter).  “All banking is local” can be the mantra ascribed to the EU today, with each country maintaining tight regulatory control over domestic financial institutions (i.e. M&A and Liquidity). Significant market forces could be unleashed when local banks can operate throughout the EU, and a German consumer can seek the best rate and apply for an account at a “Spanish” bank.  Today the regulatory hurdles for this retail competition are significant.

The EU, ECB and the EPC started with payment standards and “infrastructure” as it did not alienate any of the existing participants (market driven.. .not mandatory). What we have is the fruit of this compromise, standards for payments across the EU without the ability for companies to compete for business across the EU domain. The unrealized value of the “SEPA Innovations” are thereby constrained by the market in which banking operates. Perhaps integrating EU retail financial markets would be a better first step. This “openness” would certainly provide an attractive carrot for bank led investment in common payments. Which comes first? The Chicken or the Egg?

See data here

CapCo Analysis

NFC Break Out – VISA/FirstData/AT&T

Get set for a major announcement in next 4 weeks from Visa, AT&T and FirstData that will combine an AT&T pre-paid card account, managed by FirstData, and with services from several Visa led start up companies (both mobile advertising, couponing and NFC).

23 December 2009

Previous post http://tomnoyes.wordpress.com/2009/11/25/visamobpay/

Get set for a major announcement in next 4 weeks from Visa, AT&T and FirstData that will combine an AT&T pre-paid card account, managed by FirstData, and with services from several Visa led start up companies  (both mobile advertising,  couponing and NFC). Consumers will be issued NFC stickers for existing phones and can fund the account with existing card and deposit accounts. AT&T will also have an integrated reward system to reward payment activity with coupons, airtime and special offers with participating merchants. In addition to the NFC sticker, Visa will also be trialing other “other form factors” including: plastic, handset integrated NFC (new phones) and 3rd party hardware for OTA provisioning. FirstData will begin a new role as both the processor and Trusted Service Manager (TSM).

As stated previously, the US market is ripe for a break from the 6 party political “fur ball” that is hampering mobile innovation (Card Issuers, Acquirers, Network, Merchant, MNOs, Handset Mfg). Mobile Network Operators (MNOs) are better positioned to execute in mobile payment in all markets. AT&T is no stranger to credit cards, even today the ATT Universal card is the largest affinity card within Citi’s portfolio.  The implications for card issuers are unclear, given the uncertainty of “mobile payment” consumers behavior and payment patterns. There is a storng possibility that this initiative will be a “tipping point” in both mobile commerce, unleashing a new wave of innovation for all consumers (not just iPhone any longer). It will be very interesting to see if Apple is a part of this initiative. 

More to come..  

From Previous Post

For those outside the US, US MNOs have substantial control over handset features and applications, they have been leveraging this “node control” to “influence” direction of payments. The central US MNO argument being “it is our customer, our handset, our network we should get a cut of the transaction rev”. Unfortunately existing inter-bank mobile transfers/ payments are settled through existing payment networks that provide limited flexibility in accommodating another party (beyond issuer/acquirer), with much room for improvement in authorization, authentication and consumer “control”. 

Outside the US, the situation is much different, as consumers have great flexibility in switching MNOs, have ownership of their handsets, and are largely on pre-paid plans. The MNO challenge for payments in this environment is largely regulatory.  Many countries (EU, HK, Korea, Japan, SG) have open well defined rules for MNOs role in payments (example: ECB ELMI framework within the EU), while other countries are highly restrictive and are in the midst of developing their legal and regulatory framework.  Even in the countries where MNOs participation is defined, they have largely benefited from the complimentary role that the service plays with pre-paid plans (not in interchange at POS).

Globally, MNOs are looking for a payment platform where they can benefit from interaction between consumer and merchant, with flexibility to deal with a heterogeneous regulatory environment. The competitive pressures on Visa/MC are much different then they were 5 years ago (when both were bank owned). The network fee structures and rules were written with banks and mature markets in mind. Emerging markets present a much different set of opportunities, as MNOs lead banks in brand and consumer penetration within every geography.

All of this leads to the case for a new “Mobile Payments Settlement” network, a network which will alienate many banks.  I expect to see Visa roll out the initial stages of this network in the next 2 months with an emphasis on NFC. Quite possibly the best kept secret I have ever seen from a public company. I’m sure many Silicon Valley CEOs are crossing their fingers (with me) on this, as a “new wave” of innovation is certainly close at hand that will drive growth (and valuations).

For those not keeping up with the 50 or so product announcements a day on NFC, handset manufacturers committed to have NFC enabled phones to consumers in mid 2009 in the GSMA 2008 congress. NFC capabilities are numerous (Vodafone YouTube Overview), and may represent a true disruptive innovation surrounding payments. There have been many very recent product announcements that will enable existing phones to use NFC, and P2P Capability. All of which will blossom in a more “fertile” mobile settlement environment.

Side note: This is not all bad news for Banks, as the structure will certainly provide for existing cards (debit/credit) and may deliver substantial revenue through cash replacement (small < $50) transactions.  More details on structure of MNO in settlement 2 weeks….

Select Product/Alliances Below:

Visa – New Mobile Payment “Rails”?

Word on the street is that Visa is set for a major mobile payments announcement in next 6-8 weeks. Separately, US MNOs are also rumored to be collaborating on Near Field Communications (NFC) payments with acquirers. Could it be that the log jam on NFC is about to be broken? Is Visa developing new rails to support mobile payments?

25 November 2009

Word on the street is that Visa is set for a major mobile payments announcement in next 6-8 weeks. Separately, US MNOs are also rumored to be collaborating on Near Field Communications (NFC) payments with acquirers. Could it be that the log jam on NFC is about to be broken? Is Visa developing new rails to support mobile payments? Let me say up front that this blog represents “connecting the dots” more than a definitive market projection.

The US market is ripe for a break from the 6 party political “fur ball” that is hampering delivery of mobile payment (Card Issuers, Acquirers, Network, Merchant, MNOs, Handset Mfg). For those outside the US, MNOs have substantial control over handset features and applications, and have been leveraging this “node control” to “influence” direction of payments. The central US MNO argument being: “it is our customer, our handset, our network we should get a cut of the transaction rev”. Unfortunately existing inter-bank mobile transfers/ payments are settled through existing payment networks that provide limited flexibility in accommodating a “new” MNO role and the network rules leave much room for improvment in: authorization, authentication and consumer “control”. 

Outside the US, the situation is much different, as consumers have great flexibility in switching MNOs, have ownership of their handsets, and are largely on pre-paid plans. The MNO challenge for payments in this environment is largely regulatory. Many countries (EU, HK, Korea, Japan, SG) have open well defined rules for MNOs role in payments (example: ECB ELMI framework within the EU), while other countries are highly restrictive and are in the midst of developing their legal and regulatory framework. Even in the countries where MNOs participation is defined, they have largely benefited from the complimentary role that the service plays with pre-paid plans (not in interchange at POS).

Globally, MNOs are looking for a payment platform where they can benefit from interaction between consumer and merchant, with flexibility to deal with a heterogeneous regulatory environment. The competitive pressures on Visa/MC are much different then they were 5 years ago (when both were bank owned). The network fee structures and rules were written with banks and mature markets in mind. Emerging markets present a much different set of opportunities, as MNOs lead banks in brand and consumer penetration within every geography.

All of this leads to the case for a new “Mobile Payments Settlement” network, a network which will alienate many banks. I expect to see Visa roll out the initial stages of this network in the next 2 months with an emphasis on NFC. Quite possibly the best kept secret I have ever seen from a public company. I’m sure many Silicon Valley CEOs are crossing their fingers (with me) on this, as a “new wave” of innovation is certainly close at hand that will drive growth (and valuations).

For those not keeping up with the 50 or so product announcements a day on NFC, handset manufacturers committed to have NFC enabled phones to consumers in mid 2009 in the GSMA 2008 congress. NFC capabilities are numerous (Vodafone YouTube Overview), and may represent a true disruptive innovation surrounding payments. There have been many very recent product announcements that will enable existing phones to use NFC, and P2P Capability. All of which will blossom in a more “fertile” mobile settlement environment. See one example “future” Visa mobile service here: http://tomnoyes.wordpress.com/2009/09/24/googleoff/

Side note: This is not all bad news for Banks, as the structure will certainly provide for existing cards (debit/credit) and may deliver substantial revenue through cash replacement (small < $50) transactions. More details on structure of MNO in settlement 2 weeks….

Select Product/Alliances Below:

[youtube=http://www.youtube.com/watch?v=2AmeM33r7wM]

EMV in US? No Way

Update Sept 2014

Did EMV in the US happen? Well to the surprise of issuers, Visa announced a scheme change in the US in August 2011 (see PR). The big issuers were not consulted about this program prior to rollout, as the dynamics described below in my previous article were occurring. Additionally banks were working on a new scheme that would leapfrog EMV: Tokenization.  The large banks were working on this scheme without the involvement of Visa and MA. If successful, this new token scheme would have bypassed V/MA altogether. I believe one of the reasons for this EMV push by Visa was to reassert its control of the network. Today we see quite a bit of friction remaining here between issuers and networks. See my blog on Chip and Signature for a view on some of the remaining chaos.

The new EMVCo token scheme announced in October 2013, formalized in March 2014 and rolled out first with ApplePay in Sept 2014 is the new “best” scheme on the planet. In this scheme, the networks have taken over the original bank token model. Of course banks can also serve as TSPs, but none of them are currently prepared (as of Sept 2014).


 

Original Oct 2009 A

As I was reading an article concerning “why US Card issuers should move to EMV”, I was struck by the amount of “disconnectedness” on this topic in the industry.

A quick background for those unfamiliar:

  • EMV is a “Chip” that replaces the mag stripe on a credit card http://en.wikipedia.org/wiki/EMV
  • Rolled out in Europe in 2004 w/ hope that fraud would go down (it actually just shifted to Card not present “CNP” transactions)
  • European issuers are also acquirers. In US these functions have been separated w/ exception of AMEX
  • Europeans banks are complaining that US cards in EMEA markets and EMEA cards in US markets are the weaknesses in their beautiful vision of a “Chip world”. EMEA acquirers are also threatening to stop accepting US (mag stripe) cards.
  • US Adoption of EMV would take 10+ yrs for banks to re-issue cards and for all merchants to replace all terminals that use the mag strip.
  • Issuers in the US don’t collaborate very often because of anti-trust concerns. Rules are set by networks… in which banks are Board members. Big banks like competing through “best practice” in fraud management. Small issuers have trouble in the arms race.

US Issuers are exercising sound judgment in not jumping on the EMV bandwagon, yet many industry pundits (without access to the data) continue to push a POV that we in the US are somehow backward. Just take a look at the UK fraud data, the card losses have grown from 122M GBP in 1997 to 531M GBP in 2007, and 610GBP in 2008. What did the EMV investment “buy” the UK issuers? A detailed look at this fraud data (APACs confidential) shows that fraud adapted to the next weakest point in the card chain: CNP.

The US banks are highly motivated to do the right thing here, but the solution requires coordinated movement by 4+ highly fragmented groups (Issuers, Acquirers, Networks, Merchants).  The US banks do get together to discuss these topics, primarily at the Philadelphia Fed.  The top request from the banks (to their regulators) was to free their hands in working together on fraud and standards without fear of anti-trust reprisals.. A request that took on no owner, as the number of agencies involved were challenged to work between themselves (FTC, OCC, Fed, …)

http://www.philadelphiafed.org/payment-cards-center/publications/update-newsletter/2009/spring/spring09_06.cfm

Independent of the political challenges that the issuers face in the US, EMV is not the initiative to bring them together.

  • Old technology (will not last the 10yrs it will take to roll out in US)
  • Expensive (POS, Card). Costs are not borne equally in network
  • No proof point, fraud did not go down in UK, CNP was not addressed. http://www.computeractive.co.uk/computeractive/news/2238913/apacs-releases-fraud-figures
  • Fraud Shifts to the next weakest point, it is not static
  • Big issuers like to compete on risk management
  • No benefit from “incremental” rollout of any technology (below)
  • “Health” of issuers (below)

The “true” benefits of EMV will not occur until there is 100% adoption at POS (complete elimination of the mag stripe), and all other weaknesses are addressed (primarily CNP). That is the conundrum facing any new technology here:  New Plastic must completely replace the old. In other words there is no “Incremental” fraud savings to an incremental rollout.

Where there is chaos there is opportunity…

With respect to card use at the POS in the US, prospects for NFC in mobile handsets is very exciting. NFC enabled handsets provide great customer convenience and the cost(s) are not borne by the banks. I highly recommend the business whitepaper below for those interested in the subject.

http://www.gsmworld.com/documents/gsma_pbm_wp.pdf

Other Data

NCL losses of Top Issuers for 3Q09

Top 5 issuers have seen their businesses deteriorate substantially, as NCLs moved from ~3% in 2007 to 10-12% currently. 3Q09 Examples (Data is for QUARTER)

  • – Citi.  NCL of $4.2B,
  • – JPMC. NCL 9.41% (ex WaMu) Card Net Income ($700M) for quarter
  • – BAC. NCL $5.47B, 12.9%
  • – CapOne. NCL $2.3B, 10%

 

http://www.javelinstrategy.com/2009/08/06/emv-us-magnetic-stripe-credit-cards-on-brink-of-extinction/

iPhone at POS? PaybySquirrel – updated

Twitter founder Jack Dorsey. Card swipe on iPhone.

Roberto Garavaglia was nice enough to share this finextra story on linkedin. Is this a consumer play.. or a “merchant play”? Will I see my local ticket scalpers taking credit cards on their iPhone? This start up was certainly “in the black”.  Data we know:

  • Squirrel has a “signature” line in the app
  • Have hardware on the phone
  • Alpha test in NYC
  • Receipt in engadget pic above shows consumer payment (you paid)
  • Mind behind it is Dorsey
  • Top VCs know about it, and seem to think it is a merchant play.
  • Very US centric.. no EMV (Chip and Pin)

There are certainly some conflicting data points. If a consumer play.. this signature will not be valid… and transaction will be treated as a CNP (so why the signature?). If this is a merchant play who would possibly want to act as acquirer (fraud loss)? The merchant use would make most fraud heads loose a little sleep, for they would have a whole new threat vector. Can you imagine the buyers of the merchant use?.. The bank and I will have to worry about every kid in a fast food window and every waitress holding my card swiping on their iPhone (in addition to paying for my dinner). My guess is that squirrel has the technology working.. but haven’t figured out the “banking side”.

Fraud attacks the “weakest link” in payments quickly. Would love to hear from others on the community, but my view is:

  • Interesting as a merchant play…. but acquirers will shy away from originating transaction in either network without solid fraud controls. The merchant owns the loss here by rules of network in a “CNP transaction”. Signature capability will be debated…
  • Squirrel biz model.. questionable as anything but a hardware business. The fraud numbers of leading merchant selling digital goods is astounding. All top merchants have had to develop their own internal specialist teams to handle.  If Apple and PayPal have trouble with teams of 300+ (after 10 years) this will be a challenge for any new “merchant”. As a payment method, squirrel will have to take this on. Having access to the physical card may allow them to try something disruptive like MagTek which reads the randomness (noise) in the card stripe to establish a “unique” card… which has the downside of card registration. Something like this would push squirrel further into a “US centric” model as it appears that they do not support EMV (aka Chip and PIN).  
  • “No go” as a consumer play. Why not just keep my card at the Apple app store? or at PayPal? What is the incremental value that this provides me? Why not just key in my card data.. why add a reader to my sexy iPhone .. .in its sexy case.

Innovation in payments is tough…  if I were going to add something the Steve Job’s product plan for the iPhone what would it be?

  • Global
  • Ubiquitous
  • Unique to every person
  • Globally Accepted for use in Payment and Authentication, by merchants, banks, networks, regulators
  • Low error rate
  • Impossible to clone
  • Difficult to crack

The answer is… (   ). OK so nothing fits my criteria, but any appendage on my iPhone must certainly seek to optimize the goals above. Only item I’ve seen that comes close it IRIS scanning.. now being miniaturized to fit on a chip the size of your thumbnail (below). Just for fun.. I bought “paybyiris.com” domain as I finished this article (today). 

http://www.nydailynews.com/archives/news/2002/01/07/2002-01-07_credit_card_cloners___1b_sca.html

http://4g-wirelessevolution.tmcnet.com/news/2009/08/19/4331395.htm