eCommerce Thoughts 2015

29 Sept 2015

Money 2020 in 4 weeks! My session is on Tuesday at 11:35. We are talking data and collaboration. Look forward to seeing all of you.

I’ve been on the hunt for a good article on the impacts to “eCommerce acquiring” from tokenization, new rate tiers, authentication, mobile… and I’m still looking. Payments is a very enigmatic space! Its just hard to believe that top 10 payment players have no idea of what each other are doing. Industry consortiums and utilities are much more political than they are threatening.. as their support at the CEO level and at the operating level are completely different. Example “Real time payments”.. A regulatory driven initiative that no top 10 bank wants to say no to.. but with no business case. So it just plods along on a 10-15 year cycle. Why would anyone in their right mind want to work on this initiative? Particularly when Square, Facebook, Google and Paypal all do real time payments for free through debit networks.. NOW.

As I outlined earlier this year in Structural Changes in Payments, there are 6 key areas that are impacting all payments:

  • Risk and Identity
  • Data/Commerce Value
  • Consumer Behavior/Trust/Acceptance
  • Issuance/Customer Acquisition/HCE
  • Regulatory/Rates/Rules (Fees)
  • Mobile/Payment in the OS

Today’s blog is on how these structural changes, and new solutions, are driving changes within eCommerce (payments). eCommerce is a “lumpy” business with 4 “payment” players managing 70%+ of the $190B in eCommerce transaction volume:

  • Cybersource US $80-100B
  • PayPal + GSI $50-60B
  • Amazon $90B
  • $14B

Obviously adding these figures up shows volume greater than the $190B in eCommerce sales, so a little more detail is necessary (Example I believe Chase Paymentech clears for Amazon, part of WMT and PYPL). What do each of these players do? For example Cybersource nits together acquirers, fraud services and methods of payments. Amazon and GSI layer on Logistics, shipping and website hosting. These are 4 very different companies. There will be some VERY large changes in eCommerce Payments which positively impact merchants, but will be detrimental to pure-play intermediaries. What was a specialized service (fraud mgmt, cards on file, checkout hosting, … etc) is becoming a commodity. Due to the improved ability to authenticate and consumer moves toward mobile.

I was amazed that I couldn’t find any articles that go through eCom intermediary services, and the impending changes that will impact payments in eCommerce. The payments industry is certainly one of the most opaque… not only is there a lack of academic courses on the subject, you can’t find any public articles that articulate what is happening. For example, a logical question for investors: What will impact PayPal US margins in next 3 yrs? How does Cybersource compete against PayPal? How do the services compare? I challenge you to find this in the press.


Before I start a discussion of the disruption and margin, I’ll give you my view on the history of eCommerce. The entire founding team of Paypal knows this much better than I do.. but let me attempt to summarize. In mid 90s consumers could buy things on the web.. the challenge was that banks had no way to manage card no present risk and fraud. Paypal and CYBS created CNP risk models. The key change here is that perfect authentication destroys the need for most risk and fraud (exceptions are credit risk and 1st party fraud… like taking your grandmothers card and using it).

Early stage companies don’t have time (or capital) to invest in large payments teams. In the eCommerce world, online stores went to gateway providers, In the mobile world Stripe and Braintree serve this function. What do Gateway’s do?? I would love to see a service matrix for the industry.. but since I couldn’t find one .. here is my list:

Front End

  • Checkout page (hosting)
  • Fraud services
  • Management of cards on file
  • Distribution of merchandise (example GSI)

Back End

  • Acquirer integration
  • Payment acceptance
  • PCI compliance
  • Taxes
  • Receipt

cybersource US



As small companies grow up their needs change. In phase 0 most start ups can’t afford to create a payments team. As they mature and go global they can’t afford not to. How do I accept multiple currencies? Paypal? Alipay? JCB? Qiwi?… Then there is global cash management, tax, compliance, … AND THE TECHNOLOGY CHANGE.


One of the big lessons we learned at 41st Parameter (now part of Experian) was that the market for eCommerce fraud services was very small. The big merchants (Amazon, Walmart, …) created their own tools, as did the big Gateways (Cybersource, Paypal, Digital River, etc) to serve the SMALL MERCHANTS. It was the medium size businesses that were too big to outsource to a specialist, and too small to create their own tools, where there was a market (example Airlines, Banks, Top Retailers, …).


eCommerce Service Providers – Long Tail Impacts




Of all the areas of payments, eCommerce is undergoing the most radical transformation. The reasons? All of the structural items listed above AND new entrants.


I like PayPal!


I am not a paypal hater, however I will continue to poke them for silly moves (like Xoom and Paydiant, and Kingsboro’s POS push). They are well positioned for 25%+ CAGR for years…. But they must change focus back to their core SMBs and “long tail” merchants.


Why long tail? Frequent readers of my blog know that roughly 60% of Acquiring profits are generated by the bottom third of the merchant base. Small merchants are where the margins are. If I were CEO of Paypal this is where I would focus my complete attention, as this is where Paypal has excelled (and it is where profitability resides). No one has proven an ability to acquire SMBs at scale other than Paypal in eCommerce.. NO ONE. Most of their competitive threats deal with consumer “Front End” components of the gateway value propositions (ex ApplePay). This does NOT address the merchant side (back end).


Paypal is by far the best in class SMB eCommerce Acquirer…. BUT

1) traditional acquirers are beginning to break in as the barriers to entry are disappearing AND

2) front end solutions like Apple Pay/Microsoft One Pay and VPP are coming to market AND

3) consumer behavior mobile shift

4) Payments are costs are moving to 0 and being bundled (ex. Google offering free shipping too)

5) Authentication is killing their core risk management asset

6) Networks are creating a new rate tier and shifting risk to banks for eCom (160 bps and no risk, vs Paypals 375 bps and merchant borne risk)


All these are threatening their existing base and growth. However most of these items DO NOT impact Paypal’s merchant acquiring directly. Paypal is a natural alliance partner of: MERCHANTS, CHASE, AMEX, and Private Label. I believe that something will happen here… the issue isn’t financial it is focus/alignment. Paypal is a super efficient on us network, that prices at Amex rates. Chase and Amex have this same strategy. Merchants want payments for free.. hence the challenge in working their directly without some other massive value proposition (see paypal at POS). My recommendation to Paypal is the same as the original founders: Stay focused on long tail merchants… forget about dragon slaying wal-mart… there is no margin at the high end merchants.


Networks – Card holder present


Tokens in Mobile, will make their way to tokens in browser and create a new form of mobile authentication which will enable payment networks to create a MUCH improved version of VBV/MSC, shifting liability onto the bank with an interchange rate between CNP and CP. Who can take advantage of this rate and liability shift? Entities that can authenticate the consumer on the mobile device (Apple, Google, ?MNOs), securely manage a token and broker identity with other parties (see Authentication in Value Nets).


How will Visa/MA roll this out? There are many, many lessons learned in the prior 3DS (VBV/MSC) roll out. Already V/MA have been talking to major issuers and eCommerce service providers. Token issuance is currently a bit of a hang up as the issuers want to get their own TSP services up and running, and the Google/Amazon, … want to run their own TSPs. If everyone would agree to use the V/MA TSP services this could happen quite quickly. But because this is NOT the case, ApplePay and Visa Checkout seem to be the only services positioned for this move.


As I outlined in December 2014 mCommerce/eCommerce Converge, there will be a new rate tier: Cardholder present. When? Next 12 months is my guess. What does this mean. Merchants that accept tokens in eCommerce will get a reduction in fees (assuming acquirer/gateway passes on) AND liability will shift onto issuing bank (aka VBV/MSC circa 2006). In the US this means 140-180 bps AND liability shift….


As I stated previously in my ApplePay blog, when this new rate tier hits, it will free Apple (and others) to transfer the token to the merchant across a greater number of protocols. In store this means that NFC will compete with a BLE experience, with NFC carrying a CP rate and others carrying a Cardholder present rate (and bank liability) that is very close to the CP rate.


I must end here.. I have been working on this silly blog for 4 weeks (part time).


Sorry for typos

2015 End of Summer Payments Update

15 September 2015

Well kids are back in school and Europe is tan. 6 weeks left till Money 2020.. and I just completed our Series A here at Commerce Signals.. wow what a summer!!

This blog is a little bit more of an inventory of things going on.. mixed with some views and general rumblings.

EMV. Its going to happen in October and the big merchants are ready. Two top processors told me that small merchants are in big trouble, particularly as the issuers will be pushing back all fraud to non-EMV merchants VERY aggressively. Think of it this way. EMV does NOTHING to help the small merchant.. currently no business bares cost of fraud in card acceptance. In October merchants must change to accept EMV or they will have the risk of fraud on their business. ISOs to the rescue? This will be a great opportunity for Poynt, Square and other merchant friendly POS/Payment providers.

Acquirers. First Data is moving toward IPO. This is a very tough business.. but as I’ve said before my bets are around companies that can be merchant friendly.. Acquirers are the entity that own the merchant relationship in a 4 party network.. so it is theirs to lose. Nothing has really taken off (incrementally here), Clovr, Card Spring, First Data’s Palantir. Why?? Acquirers have largely been put into a pricing box at the top 500 merchants with a well defined service (not much room for incremental services), and have had their reputation impugned through the ISO channels at the low end (5-7% cost of acceptance). For any Acquiring CEO reading this blog.. my action for you today is to take a look at the invoice you send to a merchant. 2-4 pages of fees that are indecipherable.. When merchants don’t trust you they don’t buy more from you. This is why I would not invest in this space without a clear understanding of the disruption.

Private Label. Rumor is that both Amex and Paypal are looking at M&A here. Makes sense for Amex particularly given need for transaction volume, 3 party model and their state of the art infrastructure. Merchants love Amex customers.. and Amex does the best job in the industry of proving the value that they bring (justifying their hefty cost).

MCX. They are set with payment infrastructure from FIS and First Data. The payment capability is there, and it takes time to build a highly scalable payments company. I just don’t see the need for stand alone app. My guess is that there will be an MCX payment instrument that sits in Apple/Google wallet… just silly to compete on “presentment”. Is the alliance fracturing? I think all participants would love to have a payment instrument that they could own and control. The issue is that there is no agreement on anything beyond payment. Mobile is too important a channel to delegate to a consortium. Also, these are fierce competitors.. The real challenge? Creating a great consumer experience, quite frankly their product team was one of the worst I’ve ever met in any company. No wonder they were considering paydiant.. one of the only options out of the DIY.

Poynt and Square. This seems to fit right in to the flow..  I love both of these companies. Why? As described above the payment industry has been VERY unkind to retailers. Poynt and Square give retailers a greatly simplified hardware, software, and acquiring solution. As a small merchant moving from 5-7% acquiring to 2.75% is a rather simple value proposition. I believe Poynt has several significant advantages over Square: 1) Square has a 6month+ certification process on Apple devices. Whenever it changes anything in its app… it has to go through recertification by Apple. Poynt is the ANDROID of Point of Sale solutions 2) By staying off of Apple AND adding a separate stand alone processor for non-payment applications, Poynt can deploy more applications more quickly and act as a platform for other services. 3) Poynt has a powerful data solution that puts merchants back in control of their data, 4) Ergonomics/Design. Just beautiful. Chip/DIP, Chip Contactless, QR, BLE, customer facing touch screen (not a swivel stand) all work seamlessly without having to pick up the terminal and try to stick your card into a slot. Well done Osama and team.

Paypal? Not much of a stock pop.. I’m very high on the Dan and Bill. But their core asset (eCommerce risk management) is being rendered moot by great mobile auth. When Microsoft (OnePay), Google (Wallet), Visa (Checkout), Apple (ApplePay) all moving into eCommerce they also risk loosing consumers. One of my biggest beefs is their treatment of Venmo volume in TPV (it is 0bps). Rumors are also that they will lose Uber within next 6 months.. and worked a special deal to keep them with take rate below 90bps (perhaps a driver of their margin drop). Merchants are a natural ally here, but Don K really mucked things up with their POS try. It will take 2 years to get things in shape here.

Visa/MA.. They are my biggest holdings.. no change in my views here. VDEP and MDES have positioned both with new power to tokenize and own the rules on mobile. I expect to see a new CNP rate for tokens within next 9 months.

Google. Big news 9/10 (See Blog). Google wallet now on all phones KitKat 4.4 and above (50-60M in US). I love it.. This is the PLATFORM FOR PAYMENT INNOVATION. The user experience is not on par with Apple (or even Samsung Pay).. but Android users are more technical (only 6% of iPhone owners have ever used ApplePay). There are some BIG pluses over Apple, I love that it shows the ereciept and location of purchase for instance (most issuers). Very surprised that Google is still looking for bi-lateral deals from issuers (in order of $10M with no bps). This is why we don’t see many issuers at launch.  What is funny is that there is a “free path” to issuers as well. If they don’t want their card art.. issuers can still just “turn it on” via the V/MA intranet tokenization route (register BINs). Funny that the big hold out is JPM.. given its data play.

Apple. I wouldn’t be surprised to see an ApplePay product announcement in October at Money 2020. Note that my track record is near perfect here so I don’t want to mess up 2 years of predictions. I know that Apple has ApplePay working in Safari, don’t know if they will roll this out our not. I also know that Apple went back to issuers asking for an “Amex like experience with eReciepts”. The issuers said “sure we can do that.. lets first tear up that 15 bps contract and talk about what you will pay me”. My sources say that beacons are a part of the next launch.. they could be just feeding me *&^*(&.  My guess on new release? 1) New Developer Support Program and rollout of Private Label/ Synchrony, ADS and Citi. 2) Improved “eReciept” process (like Amex) in order to compete with Google. 3) ApplePay in Safari (60% chance.. it is working but don’t know if they want to push yet before new token CNP rate tier). 4) Beacons at POS. Improve retail experience with beacons (40%.. again working in lab but don’t know of readiness).

The big Apple news that everyone is talking about is their plans to finance phones directly (end running carrier subsidy dependencies). As I’ve stated before, Apple’s phone is already capable of enabling a virtualized SIM. This is the one step needed before Apple enables consumers to “switch” to the lowest cost network every month.. or every day. This obviously has big implications for Gemalto as well. Google is 2-3 years behind, but is making more progress in enabling wi-fi as network option.

Innovation. Chain getting investment from NASDAQ, Visa, Citi.. is big news. I remain very positive on use of bitcoin as a disruption to Payments (see blog structural changes to payments). I also live industry specific solutions where payments are combined with something else to solve a problem. hyperWALLET for global payroll, justpushpay for construction, WEX for fleet/gas. I also love payments and data (hence commerceSignals), in this Klarna and Sofi are just tremendous ideas.

Going South

Samsung Pay. No change in my views here. What is sad is that they didn’t know that their entire application is incompatible with Android M (until they read my blog). Working with a competing app on their own phones with no registration.. just sad.

Card Linked offers. Guys don’t believe the press.. all of these things are dying. Even the most successful (cardlytics). Citibank is rumored to have called EDO to come pick up the pallet of their equipment (after 300M+ spent).  The good news is that their transactional data is in better shape for use.

Gemalto. Stock is at a 5 year low.. I told you guys to be short here. NO MCX, No GSMA NFC SWP… now Apple is pushing the SIM out of the phone altogether (or soon will).

Monitise. I want to end on a humorous note. This company did a great job at enabling online banking 8 years ago.. enabling “check your balance” functionality via a quick integration to the ATM switch. They pivoted in 2006/8 to support development on an array of handsets (Nokia, RIM, Apple, Samsung, …) with their only competition being mFoundry (acquired by FIS). But the phone complexity went away with 2 mobile OS (Android and iOS) and the rapid shift of mobile from the periphery to the center of the customer relationship. No bank will outsource the CENTER.. mobile development was a specialized skill.. now it is mainstream. As if this were not sad enough, they hired a US network exec with no EU experience, no mobile experience and no network of issuers (that liked her). Then she pushed out the founder.. only to quit last week.  Wow .. I hope the BBC can make a Silicon Valley (HBO) equiv.. only make it more of a Shakespearian tragedy.

Android Pay Now Available

10 Sep 2015

Big news for 50+M Android phones with NFC in the US. Expect to see a very fast international expansion to this as well.

Why is this big news?

  • Payments are now in the OS (see blog). This is a PLATFORM not a just a “wallet”. If you compare Android Pay to Apple Pay the user experience is not quite a good, and most would ask (logically) what is different than the Google wallet launched 4 years ago. Under the covers the new AP “changes everything”. Google’s approach to security (Trust Zone, tokens, authentication, Host Card Emulation,…) and management of secure credentials has moved into the Android OS. Google Wallet (not mentioned in this PR) is an app that uses the standard Android Pay APIs at parity to any other wallet. This means that Google could care less about “wallet”. Can banks create their own app that does payment? Yep… Can a retailer? Yep.. can a health care provider store secure credentials? Yep..
  • Google is the “open” platform for Banks and Retailers to innovate on. As I’ve stated before, the objective of any platform (and network) is to have millions of people investing to build value. Payments work very very well… Google is approach is to let consumers and merchants decide what they want to do… and we will provide the “reference implementation” (See Open Innovation, Structural Changes in Payments). This first release works on Android KitKat 4.4 and above. The next release (within Android M) will bring about some massive security changes (TEE/Trust Zone) that will render other apps like SamsungPay obsolete. Google Android and Apple iOS are working to establish an identity brokering role that is FAR MORE VALUABLE than any role in payments.
  • Google is creating a PLATFORM for a new mobile ECONOMY (see blog). If you were a bank or a merchant what mobile platform would you invest in? There actually isn’t another choice… Apple is not a platform.. Apple wants to define, own, and brand the consumer payment experience. Apple has chosen NOT to create a platform. As I mentioned in blog above, this platform effort involves 5 primary vectors:

-Enable Android as the secure platform (SE Linux, Trustzone)

– Incentives for all to invest in commerce “network / platform”

– Improve physical world insight/data collection to enhance targeting and attribution

– Capture and manage consumer identity

– Create/enhance consumer engagement platform for commerce


  • ApplePay volume is leveling off… yes it is still growing, but usage is not taking off. I still believe that the ApplePay experience is the best consumer mobile payment experience ever designed. But it does nothing differently than my card. Actually my card swipe is faster. Perhaps it is muscle memory.. Apple has gone back to big issuers asking them to for transaction notification (ie “Amex like experience”) as today banks have not provided. Bank response? This is funny…. Banks said “sure we can do that.. but lets first tear up that 3 yr 15bps agreement and talk about what you will pay me to make that work”. Apple’s consumer base is just amazing, but they are a TERRIBLE PARTNER (see my blog). ApplePay has managed to alienate both Banks (15bps) and Merchants. They listen to no one. Alternatively AndroidPay is like a set of Legos… build what you want..
  • 50M-60M phones turned on at once. While Android demographic is 3x the phones.. they are at the bottom of the spending quartiles. But there is power in numbers, particularly given the fact that merchants are very reluctant to do anything the doesn’t help all of their customers. Remember the first Google wallet was limited to Sprint and Citi (GW 1.0) the next enabled all issuers (proxy card) but mobile operators still did not support (GW 2.0). In this latest iteration Google acquired the US MNO wallet consortium Softcard and has their buy in. Additionally when Android M rolls out.. all payments will go through them (Sorry Samsung I told you so).
  • Tokenization/VDEP/MDES. This is the first major rollout post VDEP/MDES with 0 bps for “wallet” providers. In an odd twist, google is going to market with only a handful of banks as it requires a marketing bilateral for marketing spend.  One issuer told me the fee was $10M.. ! wow.. So if you want your card art on.. and Google press you must pony up the money. If not.. your card will work otherwise.. same issuer registration process as with ApplePay.
  • Beats SamsungPay and the new ApplePay update to market (more on this next week). AndroidPay completely kills SamsungPay (see my blog with Loop CEO depating with me). Samsung is not built on Android M.. so all the user interaction for card registration will have to be done all over again when redeployed on Android M.. unless Visa and MA do the work of reissuing tokens during the OS upgrade. SamsungPay may have an edge on AP on user experience.. but this product is 4 years too late to market (the MST Loop Stuff). The idea of it launching just before the EMV Oct date is just plain silly. One retailer brought up the idea of putting a lead/iron sticky strip on the terminal (over mag head) to keep it from working.



Collaboration and the “Sharing Economy”: What does that mean?

5 August

As I wrote back in my May blog Internet 3.0 Collaboration in Commerce, Communities and Networks, we are transitioning to a new era of collaboration. The industry buzz word is “sharing economy” but this is a little too altruistic a moniker for my liking.  If an elephant was taken down by 1 million ants there would indeed be sharing… of the carcass!

Indeed the implications of collaboration and reduced Transaction Cost Economics (TCE) are much broader than “sharing”. As Uber demonstrates, existing industries will be taken apart and re-assembled through external orchestrators.  How can companies deal with the “unstructured complexity” of new market based orchestration, open APIs with unstructured requests for their data across thousands of new partners? This is our focus at Commerce Signals.


I’m currently reading the works of 2 Nobel prize winners in economics: Oliver Williamson (2009) and his mentor Ronald Coase (1991). Both were focused on the factors governing the “nature of a firm”. (particularly Transaction Cost Economics). Here are a few of the books I’m reading (for those interested):

There is no way to summarize the work of 2 Nobel prize winners in a blog, but I would like to focus on one element: Transaction Cost Economics (TCE).

Transaction Cost Economics (TCE) dictates the structure of a company


Ronald Coase, used a TCE framework for predicting when certain economic tasks would be performed by firms, and when they would be performed on the market. From this Williamson Paper

Ronald Coase posed the problem more sharply in his classic 1937 paper, “The Nature of the Firm.” He, like others, observed that the production of final goods and services involved a succession of early stage processing and assembly activities. But whereas others took the boundary of the firm as a parameter and examined the efficacy with which markets mediated exchange in intermediate and final goods markets, Coase held that the boundary of the firm was a decision variable for which an economic assessment was needed. What is it that determines when a firm decides to integrate and when instead it relies on the market?

Today, our network, and services, are evolving in a way that supports new mechanics for transacting: Authentication, reputation, coordination, contracts, risk, discovery, trust, …etc. Uber is the best example of this. We all agree that Uber’s success is reallocating the “assets” of production in a more efficient form.

As stated in my blog, the boundaries of [established] organizations will be changing as a result of changes in TCE and common facilities to construct agreements and partner outside of their organization. Modularity is the key technical term describing how business must structure boundaries (specifiability, measureability, predictability). What services do you want to make available? The answer to this question is NOT a technical problem, but a business one. Amazon is one of the clear leaders in modularity. The rules in which modules operate are “platforms” (technically) and “markets” (from a business perspective). After if everyone built their “API” in a different technology with no common directory it would be useless. For those interested, CommerceSignals is this neutral directory, never looking at the data.. but switching it as directed.

Collaboration what does it mean?

I guess it depends on your point of view (the elephant or the ant).  Look at the Google Buy Now Button (see my Blog). Google gets everything I’m saying in this blog (guess they listen well). Google Buy Now is a Partnership Platform (see blog on Google’s Strategy) for advertisers and physical retailers. Local retailer uploads store inventory, google helps them get customers to buy.. and ships the goods to the customer’s door twice a day with an Uber like delivery services (shopping express).  With all of these services Google will be in a position to guarantee sales.. For example if I’m a local specialty retailer Google could propose: I will drive $100k in sales for $1500… This is a MUCH bigger deal than Uber.

Who do you work with? Are you the lead? Are you the follower? Who decides? Who sets the rules? My favorite collaboration story at Commerce Signals is from the Chief Marketing Officer of a National Movie Theater chain. Brent said “Tom I’m the anchor tenant at 500 locations, I’m surrounded by 10-15 restaurants and 20-40 retailers in each of them, when I win they win. It is my community that competes with my competitor’s community, yet I have no facilities for collaboration. My data just falls into the trash can, how can you help us”?

For example every Fortune 100 company wants a “big data team”.  These companies have internal plans based upon internal data driven by internal teams.  While I agree that determining what products and consumers are profitable is a key area for everyone, the REAL VALUE to be unlocked is at the intersection of your data with something else. Afterall what company can compete with Google, Amazon and Facebook in consumer insight!?

One of the MOST SIGNIFICANT developments in last 5 years is that there is now a broad recognition that collaboration is necessary. For example Bank’s spent over $400M (EACH) trying to make CLOs work, MNOs spent $600M trying to make payments work, .. I could go on. Commerce is about markets. Markets are about connections. We are moving from an era where every Fortune 50 built their own closed market (where no one showed up) to a model where at 2 or more work together (Closed to semi open to …??open). The early battle in this shift to collaboration is Google, Amazon and FB (GAF) vs Everyone Else. What ONE COMPANY could possibly compete against GAF?

Collaboration is more than just advertising and demand how do you work with specialists? What parts of your organization are not best in class? When should you have your own internal team, vs an external one? When should you build and when should you buy? Technically we see this dynamic in great companies like Salesforce and Amazon Web Services. Uber and Google Buy Button have given us business led examples.  The challenge for existing enterprises to adapt is tremendous. From a management perspective how do you manage a collection of suppliers vs a hierarchy of employees? If you have challenges managing internal compliance, how do you do it across many external organizations? How do you specify the “unit of work” to be performed and how do you measure it? What is a 1099 employee? In which country/State?

This is where trust, reputation, markets and the strategies of (distributed) modularity come to play.

My Fortune 100 recommendations (from previous blog)

Action plan

1) List out your most valuable consumer insights

2) List your top growth opportunities

3) List the top sources of new revenue from existing customers

4) Where are your greatest threats?

5) What are you not acting on?

6) Who can act on them more effectively?

7) How can you partner one time?

8) How can you enable 100 companies to run with the opportunity?

9) What needs to be measured?

If you don’t take action.. the swarm will …


Sizing up Paypal’s new competition

16 July 2015


Huge announcement yesterday on “Amazon’s Prime day”. Google rolled out the first glimpses of its new cross organizational product yesterday “a Buy Now Button” just in time for rain on Amazon’s Prime day

This has potential to be both an Amazon killer and a Paypal killer. My frequent readers are going to roll their eyes .. but to recap I’ve been consistently championing the view that the future in profitability for retail, mobile and payments (and Google) is in Commerce Orchestration. See Blogs

The Buy Button is a HUGE effort by Google that represents well over 3 years of work and spans multiple divisions (search, ads, local, payment, shopping express, android, maps, …etc). Sure Google builds cool stuff and then looses focus as its engineers go on to do the next cool thing. But how many efforts within Google have spanned 4 lines of business and took 3+ years to pull off!? This one is a VERY VERY big deal for Google. Lets talk about WHY they are doing it.. and what it is.

Why a Buy Button?

Most product search now starts with Amazon. Amazon has become THE STANDARD source for price and reputation… but it is also the PRIME hook (I’m very loyal). Searching for a product is THE MOST important source of consumer intent advertising and “commerce orchestration” are both dependent on understanding this intent.

Google wants to create a PLATFORM for commerce (per blogs above), its current customers are merchants, and consumers… While Amazon is redesigning RETAIL Google is enabling Merchants to compete (with Amazon). This will bring both merchants and consumers into Google’s world to interact. Google is creating a MARKET to help millions of merchants and consumers (in both virtual and physical world). Where Amazon is creating a new retail model that destroys most existing retailers.

The problem with this Google vision is that retailers (and consumers) are loosing substantial data within this interaction and that you must use all Google components to make this work. My newco Commerce Signals is working to facilitate this same commerce interaction without the Google “lock in” by enabling each entity to own and control their data (federated data) with NO DATA stored centrally. After all what organism in nature exists that knows everything about everything… the “God” structure..!? (hmmm same first two letters.. ).

What is the Buy Now Button?

As you can see from Google’s site, elements are

  • Search with buy button (was offer ad extension)
  • Integrated local store inventory
  • Payment
  • Google Shopping Express (delivery)
  • Android
  • …?

With this utility, a local merchant can upload their inventory and compete with Amazon. The consumer can receive the goods to their house same day (via Shopping Express). This is just brilliant.

How on earth can Paypal compete with this bundle? Particularly as they divest their distribution business (GSI spin off announced today).

Visa Checkout

I’ve been a little bit skeptical on this but have actually come around based on conversations with top 20 retailers and Acquirers. Visa has a carrot that I never knew about. The Visa Preferred Partner (VPP) program. Anecdotally, Visa works with acquirers to guarantee a blended rate across all cards. This can be as much as 30-40bps. VPP has been around for a few years, but this year Visa has evidently made promotion of Visa Checkout a requirement for participation. This incentive, combined with tokenization and new rate tier (card holder present) and a forthcoming liability shift means that total blended eCommerce costs could be as low as 160bps for credit with Bank issuers holding liability for CNP transactions.

WOW. This is a BIG BIG Carrot. I project that 80% of the top 20 US merchants will have Visa Checkout by next year. Why not!? Visa has the added benefit of CYBS assets to move this to market quickly.

Paypal’s headline eCom rate is 375bps.. with no liability shift. You don’t have to be a rocket scientist to do that math.

ApplePay Private Label

5 July 2015

Last month I discussed on “twitter” how Mastercard has enabled private label on ApplePay. Thought I would back that up with a short blog. First I recommend reading Jason’s article on Re/code from June 9 and the Mastercard Press Release outlining its role as “First Network to Add Tokenization Support for Private Label”, and this Synchrony PR outlining use of MDES.

Private Label Today


General flow of Private Label Plastic today

See picture below from an excellent Green Sheet Article

PL Switching


Private Label issuers Citi, ADS and Sychrony are leveraging Mastercard’s presentment and acceptance applications, as well as their TSP (token services) to route private label through the MA network. Key requirements for ApplePay Private Label:

  1. Card emulation application on the iPhone (card presentment)
  2. Card acceptance application on the payment terminal, and
  3. Acquirer processor to “route” the transaction to the “bin sponsor” and private label issuer. Remember that many payment terminals are “owned” by the acquirer.

Within the latest June ApplePay announcement, there are 3 options for PL integration.

Option 1)  Private label card looks like a MasterCard through authorization. Benefit: no payment terminal mods, no acquirer involvement.

Con: Everything would process fine in this model, but there would be limited integration of PL incentives (real time) at the merchant POS. For example if PL customers had a special discount.

Option 2) Leverage Mastercard for card presentment and tokenization with a “new card acceptance application” at the POS. I believe this will be the primary model for most PL programs, thus requiring a software upgrade to the Payment terminal to translate the MA token into the PL card. Think of this as MA powering the “token service” for PL cards.

Apple PL

Option 3) Of course PL cards could just be held statically in the wallet, but this would challenge “security” at 2 levels: Issuance/provisioning (binding card to APPROVED user), and Fraud (use of PL without ID)

Tilting the Networks… a MASSIVE Change

4 July 2015

Payments make up far more than 70% of my personal portfolio.  This investment strategy has been a great bet. Take a look at the 5 yr investment performance of Visa and MA. 333% growth in MA and 247% for Visa.  5yr return payment stocks

From Mar 9 2015 Seeking Alpha


With this exposure, I keep close track on structural changes in the industry, which I outlined in my January blog Structural Changes in Payments:

  1. Risk and Identity
  2. Data/Commerce Value
  3. Consumer Behavior/Trust/Acceptance
  4. Issuance/Customer Acquisition/HCE
  5. Regulatory/Rates/Rules (Fees)
  6. Mobile/Payment in the OS

Will these structural changes… is my current V/MA at risk? Is there something else I should be moving toward? No way!  I think Visa and Mastercard are start ups that have just begun realizing the value of their network as they EXPAND NODES and SERVICES Let me try to explain why am I such a bull on these  payment stocks.

Network Tilt – Toward Merchants

As most of you know, V and MA were started as Bank consortiums (see Wikipedia and MA History). Rules (and rates) were thus defined by banks for both credit and debit (see this blog for debit history). As a former Banker I never fully understood the Retail view of Visa and Mastercard. For example, Walmart pays an estimated $1.3B in interchange. Most merchants would admit that the benefit from electronic payments and ubiquitious acceptance. Even Mike Cook says that “no one complains about the network fee side of card costs… it is the issuer side that everyone has a problem with”. In other words Visa and MasterCard earn their fees (it is the issuer reward schemes that drive merchants bonkers).

As stated previously Payments, in their simplest form, are a brokering business which manages value exchange between two entities engaged in commerce. Logically, a broker must be removed from the transaction to maintain the trust of both parties, and deliver value through managing the financial risk associated with the transaction. My view is that Card issuing banks, have lost the neutrality of their “brokering” role by creating a card rewards system that incents card use (paid by the merchant). However, this ideal “neutral” world is NOT the nirvana that we should seek, as no one would invest and we would be stuck with cash.

Complexity in payments is driven by the quest for control and margin of the various participants, NOT by necessity. This is what makes understanding payments so hard…. most of the changes are not logical, but political. The friction (inefficiencies and illogical design) in payments is what makes them work. As I’ve stated before, no engineer would design a payment system to operate the way we do today (see Push Payments). Thus there is beauty in this chaos! The V/MA model created incentives for 1000s of banks to invest in payments, and I doubt if we will ever see any other companies that could repeat this feat.

Both Visa and Mastercard realize that their future rests in leveraging their neutrality, thus “tilting” away from their prior “bank centric” model into something that is MUCH MORE merchant friendly. Bank issuers certainly WANT to be in this role, for example the largest US Visa issuer JPM has created a unique off VisaNet transaction routing (see blog) and is building a new data business (ChaseNet) to compete here. The bank efforts are completely stunted as there is no path for obtaining critical mass is a closed network that requires both merchant and consumer consent.  American Express is the clear leader here, but their network is also stunted through its focus in T&E, affluent and business travelers.

Visa and Mastercard win when consumers and merchants transact.  Encouraging use by consumers, and acceptance by merchants, is top priorityThe future of the networks is COMMERCE. This may seem like a logical statement, but historically Visa and Mastercard acted as extensions of the large issuers. Look for both networks to create new teams to rebuild relationships with merchants.. they know they have work to do.Visa-AmEx-Are-up-MasterCard-Discover-Are-Down-3 (1)

What is “Tilt”?

  • Phase 1 – Rules and Facilities to Enable Competition
  • Phase 2 – Merchant Friendly Services / Merchant Rules Setting
  • Phase 3 – Competing with Banks (V/MA Opening up to non Banks)

The First Phase of tilting involves creating network rules and facilities that are favorable to the merchant and/or take away control from issuers (to enable issuer competition). 2015 winners include

#1 VDEP (Data protection and $0 wallet fees)

#2 Visa/MA Token Facilities

#3 ApplePay requiring debit card enablement

#4 Mastercard’s new Merchant Insight Service

Payment industry is very heterogeneous and highly tiered. Large merchants like Walmart, Target and Kroger are able to support strategy teams that can negotiate very competitive payment rates with issuers and acquirers. Similarly the large banks can build multi billion dollar fraud and square pricingauthorization infrastructure. My rule of thumb is that the bottom third of any acquirers merchant accounts (SMBs) result is approximately 60% of their earnings (hence the success of Square).  As an example, try to find the cost of payment acceptance at Chase Paymentech, now do the same at Square or Paypal.

Tokenization and EMV have taken away issuer advantages (control points), enabling smaller issuers (competition). They have also enabled competition in eCommerce and POS acquiring (bringing down merchant costs). Take a look at this must read article from 13Nov14. “Tokenization has opened up this whole world for us to be able to use digital devices to be a meaningful part of the payments flow in a way that (those payments) wouldn’t have in the past,” – Scharf at BAML Banking & Financial Services Conferenceglobal digital snap

On this last point, Visa and MA are growing from 1.9B cards to their “network” into mobile, creating services that will be critical to deliver payments and authentication/authorization in the channel that is capturing consumer time like none other.

Phase 2 – Merchant Friendly services. The number one Retailer issue is “who are my customers?” As I outlined 3 years ago in Payment Enabled CRM, payment networks are well placed to solve this (given consumer consent). These articles provide an overview of 2 new services coming out.

  • 4 June 2015 – Loyalty360. Visa Commerce Network. From Michael Lemberger (Visa VP Offers and Loyalty Solutions) “creating strong connections across commerce is an important piece of the payment ecosystem. As such, Visa also is developing and employing innovative loyalty platforms for merchants to engage with their customers in meaningful and compelling ways”
  • Mastercard Market Insights. [Report] analyzes extensive purchasing data to provide insights into restaurant level econometrics and trends, such as changes in sales, average ticket prices, and customer frequency across fast-casual, casual and family dining restaurants

Phase 3 – Competing with Banks. Banks tend to believe that everything V and MA do is “theirs”. The predominant view was best captured by a former head of strategy “we built these companies once, and we can do it again”.  Thus the definition of competition is rather squishy as banks believe that they own everything. Today every Visa “member” must be a bank. We are starting to see consumer direct services and merchant direct services (Mastercard MoneySend/Omney, CYBS/Visa Checkout, Mastercard Local Market Insights, …). This is MORE THAN ANYTHING turns Issuers apoplectic.

From an investor view I believe that Visa is much more cautious in remaining neutral, whereas Mastercard is much more aggressive in delivering new services. For example few know that Mastercard holds money transfer licenses, or may have purchased a processor (Omney). A key objective of MA may be to create a commercial payments business with debit cards as the key “down line” for disbursements. See!/app_details/omney#top

The real battle will be on DATA. Issuers strongly feel that they have 100% ownership of payment data. Yet Visa/MA data also belongs to the merchants (for the restrictive and squishy purpose of loyalty and redemption). JPM felt so strongly about this rule that is specifically took its data out of VisaNet purview as part of the 2012 deal. Every payment player is chasing after ADS and Amex in their capabilities to become a “super charged marketing scheme”.

Mastercard has a BIG win by becoming the payment network behind the ApplePay private label enablement (as I discussed on twitter). Take a look at the private label graph above (relative to total number of cards). Private label is a super charged loyalty scheme that I’m keeping a very close (investor) eye on. I believe this may be the first REAL driver of Merchant Friendly “tilt”  that delivers substantial revenue. It is also a reason why I believe ADS will be aggressively chased as an acquisition target.


Visa and Mastercard are trading at roughly 30x earnings. Today they take less than $0.02 per transaction. Incremental revenue on existing volume through tokenization (see MA Digital Enablement Fees),  and new retailer friendly data services should add at least 10%-15% in near term depending on “wallet” success and merchant adoption. The future for V/MA profitability rests in their ability to balance the merchant Tilt with neutrality, and “stepping on Big bank toes”. As if this growth opportunity were not enough…

Global electronic payment growth is still positioned at 25%+ CAGR. The best industry payment report (IMHO) is from Cap Gemini a must read for anyone. Globally electronic payments are in their infancy. Roughly 90% of the world’s electronic transactions happen in the top 10 markets (< 10% of the world’s population). What happens when the other 7B people on the planet get a card (with their phone)? The global growth opportunity for V/MA is 35% CAGR in just about any economic environment and independent of local market payment schemes (ie CUP, Rupay, ELO, …). The payments world continues to look for the “next Brazil” (BTW it is NOT RUSSIA), but it is everywhere. Paypal is another network that capitalizes on this global growth trend (in an eCommerce segment that is growing even faster than the “payment market”).  The emerging markets I like best? China, Columbia, Peru, Ghana, Nigeria, Tanzania, Pakistan, Philippines, Indonesia…  The markets I stay away from? Europe (see SEPA Blog).

Have a great 4th of July…. And go buy V/MA.

Visa’s VDEP is HUGE – Reason #1

VDEP is a MASTER STROKE! WOW! A Brilliant move by Visa to make payments, wallets, tokenization and USE easy.

I thought I was the last one to know about VDEP (see PR). Turns out I was one of the first.  Today I was at a top 5 Issuer and Google just called them to say Wallet (errr correction Android Pay) is delayed a little while they finish token integration.  Google initially wanted 15bps (like Apple) and had 6 or so bi lateral bank agreements in hand (see Bank logos displayed on Android Pay’s site for who signed).

android pay


Some of the banks (like JPM) said no way.. and you should pay us “Google you are no Apple”. The chaos of some cards not in some wallets was just about to hit, when Visa created common ground. Telling everyone (banks and wallet providers) that if you accept tokens, you accept all wallets (and all cards). Also setting rules to limit (read eliminate) data leakage from the transaction/wallet, and ensuring there is no discrimination (CARD OR WALLET). This basically BLEW UP all of Google’s bilateral deals (looks like 6 of them).. Google initially was more than a little upset .. resulting in CEO level conversations. I believe Charlie and Jim McCarthy told everyone why this was a good thing: Establishing a common token facility with wallet provisioning facility + new rules on use.

Banks can now expect to enroll in Google wallet much they way they enroll in Apple Pay.. only guess what ? NO 15bps!   This same flow will also happen for errr… Samsung Pay… and I would guess other token schemes like Visa Checkout (eventually).  This is just a masterstroke.. it would take me 10 blogs to explain in order to do this topic justice.

Now every bank can provision any Visa card to any wallet that abides by the rules of VDEP! This GREATLY simplifies the old NFC provisioning process.. as an example.


Well good news for Europe and ROW is that it will be 0.. that is right.. no more bps for APPLE!! They question then becomes when does APple’s 15bps expire?  I have no idea..


Google is now running around with NEW agreements for rights to display the Google/Android Pay logo. Deals include mandatory advertising spend. My recommendation is to ignore this for next 4 months or so.. your card WILL BE ABLE to be in Google’s wallet. You don’t have to spend a dime unless you want to display Google’s logo somewhere.

… on a funnier/sad note.. Apple is rumored to have met with TCH last week to discuss an alternative token scheme (to Visa/MA). Good luck with that!

Why SamsungPay is Toast

Samsung Pay has 2 parts

Android L

1) NFC (Contactless EMV ISO 14443 stuff)

2) MST (Mag Stripe Emulation)

Both “could” work in the new Google world. But Samsung does not seem to be aware of the new Android efforts to build an organic security solution within Arm’s TrustZone that completely steps on the proprietary work they did (mostly with Knox). For background, see the following articles

– Android L vs Samsung (see this article)

Samsung Knox 2.4 vs Google For Work

Samsung nixes Knox – Bob Eagan

The BRAND NEW Google for Work Security Whitepaper

Historically, NFC wallets driven by GSMA’s SIM based approach require MNO support (keys for either SIM based or for embedded). SamsungPay was based upon a new software SE that ran within its own proprietary security architecture.

Android for work
NEW Android M

Problem is that Google’s new Android M steps on Samsung’s security architecture. Both are claiming the same space.. Sorry I can’t be more specific.. I’m almost 50 now and have lost most of my real skills.

Now Samsung could redesign its wallet, give up its security architecture and run within Google’s HCE environment. Samsung pay would operate as Google wallet does.. at Parity. But Samsung is not currently running in this model.. Samsung could also launch a loopPay only wallet that works in this model..

Why are Google and Samsung so focused here on payments and security!!? See my blog on Brokering Identity, and Authentication in Value Nets. The key to future profitability within mobile is about managing interaction between the physical and virtual world… security, identity and authentication is EVERYTHING.

Forget about technology.. here is the real problem

Let’s assume that Samsung solves ALL of the technical issues above and now SamsungPay works on all Android devices. Everyone knows that MNOs decide what gets pre-installed on the phones they subsidize (even Apple). Six weeks before MWC, Google made a strategic deal with the US MNOs to buy ISIS in exchange for Android Pay (the new Google wallet) becoming part of Google Mandatory Services (GMS.. just like search and gmail).  Part of this is also a new android registration flow that addresses THE KEY weakness of Android profitability.. it gets consumers to add a card and play account (Apple brilliantly required an iTunes… with accompanying credit card.. in launch of iPhone).

Samsung’s wallet could still work.. however IT IS NOT PRE LOADED.. so this is what the consumer would have to do (AFTER REGISTERING FOR ANDROID PAY):

1) Find out about Samsung pay

2) Install Samsung Pay

3) Register for Samsung Pay

4) Understand where they can use Samsung Pay

5) Wave it near the Mag Head reader

6) Then use Android pay for in-app and play purchases..

Forget about the technical issues. In a world where only 6% of iPhone 6 users have ever used mobile payments..  What Mobile wallet has ever succeeded without:

#1 MNO Support

#2 OS Support

#3 Merchant Support … PLUC


Samsung .. just drop it… !? there is no longer any revenue or data rights associated with it.

Short Post – is GSMA’s NFC Dead?

Is Google prohibiting SIM based NFC?  How does Android M impact the SIM Model? I’m tired of answering this question so here is the answer to this multifaceted question.

1) Android M
2) MNO Agreements, Google Mandatory Services
3) HCE

Take a look at Android technically supports ISO 14443… so technically any OEM or MNO can build a handset with a GSMA SIM based wallet in Android. There is not a technical limitation in Android that would prohibit GSMA SIM Based Wallets. But why would you want to build one?

Google has created a new Google Mandatory Services  (GMS) agreement with Android Pay as part of it. Do carriers have to agree? of course not.. but it is a double edge sword, not agreeing to Android M + the new GMS agreement means MNOs/OEMs will not recieve the latest Android updates/capabilities (in app payment, biometrics, …). It is a great big support headache for OEMs and MNOs.. they are left holding the bag on Android support. Some can do it …. Android started out as a free open source software.. and it still is.. but Google’s core services have become much more secure running in SE Linux. Anyone can still use the free open source Android.. but if you want to use Google’s versions there are strings attached. Those services come in the form of OEM and Carrier agreements.

HCE + Tokens is a new construct supported by the card networks. I have many blogs on the topic. Google provides OEM, Banks, MNOs the API to build payment capabilities into the phone for free. A further BIG advantage is that Visa and Mastercard have set up fast “on ramp” services that drastically simplify card provisioning (all at zero cost to everyone). In essence.. this new approach has greatly reduced the complexity of the entire contactless payments process. My GSMA friends HOWL at how unsecure HCE is (compared to hardware/SIM based payments) but this misses the point. HCE + Tokens + Mobile Auth is far more secure then any piece of plastic out there today. See

See my blog What part of NFC is Dead (The GSMA Part)

On a related note, I just responded to an email on why Samsung Pay is dead

1) Agree that Samsung has new TZ architecture w/ SW SE
2) Agree that Samsung has not sold MNOs

What Samsung still does not get is that their new SW SE will NOT WORK in Android M. Google has also built a SW SE.. that COMPETES with Samsung’s … no one is writting about this. This is the issue beyond the US. Samsung spent quite a bit of effort making this work.. but now Google has defined the SW SE.

Net is that Samsung pay has problems for 3 reasons
1) no MNO support
2) No SW SE in US (OEM Config)
3) no load of their wallet on phone

” ———–Update 8pm  From anonymous source

It seems that in the US, Samsung plans to create and certify a new software secure element within the ARM Trustzone architecture that precludes the need for SE Keys, avoids US MNO SE Key Ownership issues (that can’t make MNOs happy) …

This is a great technical approach, but is doesn’t appear that Samsung has bothered to sell US MNOs on the concept (of going around them). Anything US MNOs subsidize they must approve.. Which means no pre-installation, particularly given the new Google relationship outlined below.