Digital Wallets – Core Functions and Competitive Strategies

What are the core functions of a digital wallet and what will the future bring now that Apple has opened up their Secure Element (see blog)?

I’ve been writing about wallets for over 12 yrs. Let me recap some history

  1. In 2006, mobile operators had control of what “apps” could operate on a phone. In the US Qualcom bought Firethorne in an effort to create a single bank application, where banks had to pay $1 for every balance request. I’m not joking.. Open app stores destroyed this model quickly, but so the MNOs pivoted to the SE and SIM card. 
  2. In 2010, Mobile Network Operators (MNOs) had control of the encryption keys for secure elements. Their pitch to Google was, “Give us a billion dollars, and we’ll give you the keys”. The absurdity here was only surpassed by Doug Bergeron (CEO of Verifone) marching into Google the next year and asking for a “Billion dollars” for Verifone to support contactless (I was just outside the meeting room).  Of course there was no economic model for Google to make a single penny off of payments back then. Even worse, there were 12 parties in the NFC ecosystem, all looking for economics, yet there wasn’t a dime to share between all of them (blog). Now wrap all this silliness into a MNO consortium with the name ISIS.. yep.. What a great brand!
  3. From 2008-2014 the GSMA had a global vision for managing the phone’s secure storage (see blog) and monetizing it for the MNOs. MNOs could control either the secure storage within the SIM card with Single Wire Protocol (SWP) or within the secure element.
  4. ApplePay’s 2014 launch did several things that changed the game. 1) Ripped away control of the SE from MNOs and OEMs, 2) integrated payments and security into the OS (Card in SE, biometrics in Secure Enclave), 3) required a card to activate a new phone, 4) Created economics with the networks for payment (see blog).
  5. From 2007-2014, US Issuers wanted to only enable credit cards for contactless (a premium experience). 27 Issuers (led by Citi’s Paul Galant) were working on their own wallet, to “own” mobile payments (see Civil War). In 2014 launch of ApplePay, Apple forced the Issuers to enable debit at parity to Credit, and also gave Issuers a take it or leave it revenue share (15bps in US, 7bps in EU and ROW). Charlie Sharff (then CEO of Visa) also established a fundamental network rule in “no wrapping”. You can’t wrap a Visa card with another number and let it operate. A rule that was ahead of its time and also more formerly established with Durbin regulations.
  6. The 27 bank project thus floundered for 16 yrs until last year when saw  the light of day in PAZE. Paze is Gen 5 of this effort, and really a white label version of SRC. A wallet that abandons the POS and focuses on eCom with Visa given the reigns as the lead architect only last year (see eCom Politics and Scenarios)
  7. Today, Issuers classify Apple as “enemy number 1” because of the 15bps fee that the Issuers voluntarily signed up for. Their renewed complaint is that merchant discounts (ie 45 bps and Costco, Walmart and Target) puts them upside down on transaction economics. Apple’s position (anecdotally)  is “you knew what my fee was when you gave the discounts.. You voluntarily signed the agreement.. And now its successful you want a discount”? (see 2022 US Payments Environment)
  8. Visa and Mastercard have become the identity infrastructure for the internet because of the binding of identity to payment. India’s UIDAI and UPI have shown the power of separating identity from payment. Europe is working to build a new digital identity infrastructure (and wallet) in eIDAS. Commerccially, Fast Identity Online (FIDO) is at the heart of new eCommerce experiences that will massively disrupt investments in risk and fraud infrastructure. These services are in Card Networks Payment Passkeys, PayPal’s Fastlane and others. These first generation identity services will be surpassed by 2nd generation identity solutions with hardware bound credentials. Google’s Seccure Payment Authentication (SPA) is the best in class authentication solution globally. (also see Adios 3DS hello FIDO2). 
  9. While the tech changing eCom is amazing, there are only 3 options for organizing it into a successful platform: 1) Government Led, 2) Standards Led, 3) Commercial (payment) Network. Of the 3 only V/MA have established an economic model where participants can invest (see Identity Models and my new blog this week on topic)
  10. Wallets have grown substantially from “payments” to the consumer interaction point for “everything” between the virtual and physical world. Door keys, concert tickets, boarding passes, DLs, loyalty cards, student IDs (see Apple’s list of UC’s it will support). 

     

Continue reading

eCom 2025 

18 months of Revolutionary Change in How we Buy Online

Short Blog

Follow up to my June 2024 blogs – eCom Politics and Scenarios and Fastlane + FIDO Enabled Checkout. Today, we focus on the changes, what merchants are asking for, and what consumers will adopt (and when). 

You need to be logged in to view the rest of the content. Please . Not a Member? Join Us

ApplePay gets iOS Competition – Curve

© Starpoint LLP, 2024. No part of this site, blog.starpointllp.com, may be reproduced or retransmitted, in whole or in part, in any manner without the permission of the copyright owner. Also see our Legal/Disclaimer (this is a highly opinionated and partially informed blog).

The Times (London) Article – May 29 2024


In January of this year, Apple offered commitments to the EU to assuage their concerns about NFC payments and mobile wallets related to the EU’s Marketplace Fairness Act (MFA—see blog). Apple’s approach follows Google’s model in Host Card Emulation (HCE—see Apple Developer Doc).

Continue reading

Part 1 – Identity Models, Government and Governance Structures

This is a big topic, and I’ll get a few things wrong. My mechanism for correcting my viewpoint is this blog, where this community gives feedback. It’s the reason I write. I won’t get into the tech weeds in this blog series. When there is a need to drill down on a standard or tech, I’ll provide a link to documents providing an overview. The insight I’m attempting to provide surrounds the evolution, economics and value chain implications of various models. 

Why read this? 

Identity is the key shaping force across many domains (including payments) because: 

  1. ID touches “everything”,  
  2. ID is the “primary key”  in trust, risk, contracts and value exchange 
  3. ID is core to a well-functioning government (voting, taxing, regulating, …etc).

This breadth makes it challenging to sift through ID-related announcements and assess the implications. Thus, I’ve created three identity communities for my taxonomy:

  1. Government – Working to define identity as part of Digital Public Infrastructure (DPI). DPI has three legs: identity, payments and data exchange.
  2. Commercial – Platforms, Banks, Healthcare 
  3. Web3/Blockchain/Social – Jack Dorsey is the unofficial spokesperson.

These communities find alignment in technology but are working toward different end goals with significant philosophical differences across communities, particularly regarding the role of government and near-term objectives. These differences surround the definition of trust, authority and governance structure, which is the focus of today’s blog.

You need to be logged in to view the rest of the content. Please . Not a Member? Join Us

Adios 3DS “Step up”.. Hello FIDO2

Short Blog

There are significant changes brewing in eCommerce authentication and authorization. Today’s blog is more of a headline summary of key points that I hope to break down over Thanksgiving. 

You need to be logged in to view the rest of the content. Please . Not a Member? Join Us

Why are US Banks Building a Wallet?

This week, I outlined several of the friction points in the US card payment network in US Payments Where to Invest. Today let me try to articulate a few reasons why US banks are attempting to build a new eCommerce Wallet (Paze) as well as some additional merchant commentary on their efforts. 

You need to be logged in to view the rest of the content. Please . Not a Member? Join Us

MRC Learnings – September 2023

Merchant Learnings

This week I was invited to speak at the Merchant Risk Council’s (MRC) – Santa Clara event. As a former banker, I never gave much throught to retailers. Fraud was something I worked to manage with Account Opening/KYC as a core focus because of the potential for regulatory hot water and NCLs as #2 because it drove reserves, profitability and investor scrutiny. Card transaction fraud was something we worked to keep under a threshold. 

You need to be logged in to view the rest of the content. Please . Not a Member? Join Us

DOJ Probe – Network Tokenization – 2023

It’s hard to believe I’ve been writing about payment tokenization for 11 yrs. Tokenization is an overloaded term with multiple definitions. Last week McKinsey wrote a fantastic article on crypto tokenization, this note is about the tokenization of card numbers (PAN to DPAN) performed by network tokenization services like Visa Tokenization Service (VTS) and Mastercard Digital Enablement Service (MDES). 

This week the US DOJ opened a probe into network tokenization services (Bloomberg). The specifics of the probe are not known

You need to be logged in to view the rest of the content. Please . Not a Member? Join Us

Short Blog – US Paze and RTP – Consumer Terms

New consumer terms rolled out at several banks this week. As the former head of online and payment services at Wachvoai (40%+ of Wells) I had managed these agreements. Changes are a very big deal, usually less than once per year. Given my history with Wachovia I chose to review the Wells Fargo below agreement (JPM, BAC, and COF all have similar).

https://www.wellsfargo.com/online-banking/online-access-agreement/

Continue reading