Android Pay Revealed – PLUS Major Token Announcement

28 May 2015

Google unveiled AndroidPay today.

What happened?

  1. AndroidPay = ApplePay without the 15bps from banks. Same tokens and everything.
  2. GoogleWallet is morphing into a P2P Venmo service.. plus Hands Free “Square Card case” see Google URL
  3. Most significant?
    • Google has greatly expanded its footprint up to the silicon to create a secure enclave equiv within ARM’s TrustZone TEE
    • NO 15bps for Google. Google created bilateral agreements with top 5 banks (like Apple) only to be shut down by the new Network programs (VDEP Below) where tokens don’t allow for wallet fees. Google then had to trash 2 years of work (on bilaterals) and remake them for marketing/branding permission (to use Android Pay logo). This means the Apple deal (15bps) will not expand out of the US and will be sunset quickly.
    • Google has made Android Pay part of Google  Mandatory Services (GMS) for next version: Android M (like search, maps, gmail, …)
    • US MNOs have consented to Android Pay as GMS (with rumored economics)
    • Google WINS BIG in bringing retailers along with their plan (Coke, McDonalds, Papa Johns, …) and BEATS Apple to punch with integrated loyalty cards.  Apple gets and F here.. and Google gets an A-.. (Would have been A+ if ready to roll out with McD’s)
    • This means no other NFC wallets on Android in US (phones are locked down)
    • Google is using same token service as Apple.. any issuer can sign up through Visa/Mastercard intranet sites
    • Samsung Pay (or any NFC wallet) is completely screwed in the US.. No wallet installed on the phone. Imagine the problem in getting consumer to 1) Load, 2) Register, 3) USE (with another competing app)
    • HCE is a green light.. but Google is in a place to certify all NFC/SIM based wallets in the Android M architecture . MNOs will need to decide if they want to take the Google carrot and accept the new GMS terms. Or follow in the GSMA/NFC/TSM/SIM based model with no revenue and no control.  Europe and China and Korea will be the most interesting. My guess is that these markets will keep the GSMA/NFC SIM based model..  I’m still trying to process what this means for NXPi, but with the success of HCE and the new TrustZone within ARM it can’t be a good for any silicon specialist.

Side Story… The Banks hate the Apple Pay deal (NEVER AGAIN)..  My friends in mountain view take a meeting with a large bank on AndroidPay “You guys can forget about the Apple Pay deal, it will never happen again, lets start the conversation on what you will PAY for the privilege of having my card in your wallet.”  The Visa VDEP program (and MA’s equiv) addressed this issue. Google did not get the 15bps.. and the Issuers got nothing (exclusivity, revenue, … ).  Per VDEP, If you use the network’s token facilities you can’t discriminate… Cards will be permissioned to any approved wallet. There is also a new iron fence around payment data use.. A VERY VERY big step.

Hands free with McDonald’s could be cool..


Visa reveals Visa Digital Enablement Service (VDEP)

This is a MAJOR announcement, on part with the release of Tokens. The rails and rules for tokens. Think of this as “accept all cards” rule for tokens that is as important as VisaNet itself. A brilliant accomplishment.. WOW.. will write more this weekend.


Internet 3.0: Collaboration in Commerce, Communities and Networks

26 May 15

This is under revision… pardon the typos..

Exec Summary

  • Consumers, Communities, Markets, Technology and Commerce are undergoing tectonic shifts. Over the last 20 years Companies “enabled a channel” in Internet 1.0 and 2.0. Internet 3.0 will bring about fundamental transformation in organizational structures, products and processes.
  • Internet 3.0 (i3) eliminates traditional competitive barriers (assets intensity, specialized skills, product design, distribution, marketing, brand,… ) enabling new forms of collaboration and asset utilization within a new set of non geographic communities.
  • Swarms of specialized communities are hyper meritocracies which react to serve areas that are: #1 inefficient, #2 opaque (ie wiki leaks, banking, advertising…), #3 poorly serve the consumer or #4 at risk (ie Darwinian). Today we see this dynamic take place in many areas: App Stores, Uber Drivers, MOOCs (College Learning), Wikipedia, Blogs (vs Newspapers), …etc. This may be analogous to the end of the Jurassic period (no more Dinosaurs).
  • The structure of most corporations is at risk (inefficient, opaque, poorly serve consumer, at risk). Information intensity and the ability to manage across internal boundaries and interfaces will be key to future margin (not economies of scale, asset intensity and competitive hurdles).
  • Large companies must reshape organizational boundaries to enable many connections (to source demand and execute) within their processes to create new products and reach an amorphous set of new dynamic communities. The “boundaries” of a company MUST become more open (as they are currently in your marketing and sales sides today).
  • Historically, acquisition and JVs were the approach to boundary growth. The future will see a much more loosely coupled approach to deliver value, one focused around common platforms, standards and networks. Best examples are Microsoft/Intel, and Uber were many independent nodes innovate and connect to successful networks, and each node is in control (with ability to measure and price) its unique value.
  • Regulation (ex Taxi Commissions and CFPB), societal norms, ability to measure value, and Risk management are the environmental factors most influencing boundaries.
  • Modularity is the key technical term describing how business must react to boundaries (specifiability, measureability, predictability). What services do you want to make available? This is NOT a technical problem, but a business one. Amazon is one of the clear leaders in this discipline (ex Legos). The rules in which modules operate are “platforms”. Most platforms have been internal only, with a few exceptions (RosettaNet, Windows/Intel, Java, Commerce Signals, ..etc). Networks are required for platforms to communicate, discover and interact with heterogeneous clusters.  Today the most valuable networks are Visa/MA, Google, Amazon, Markets (NASDAQ/NYSE), Alibaba, eBay, …
  • Most large companies struggle with internal complexity today. Internet 3.0 brings on a whole host of new problems for companies that don’t have a software culture, and have legacy infrastructures which resulted from thousands of small tactical decisions.
  • There are many exciting investment opportunities in this hypothesis. For example, existing networks have a big leg up in constructing new collaborative networks. Their success will be driven by balancing openness/governance with control and value exchange. I’m quite impressed with Visa’s move here (see this week’s press).

Year of Collaboration

I painted 2015 as the year of collaboration in my 2015 Predictions. Why? The structure of most corporations is at risk (inefficient, opaque, poorly serve consumer, at risk). Information intensity and the ability to manage across internal boundaries and interfaces will be key to future margin (not economies of scale, asset intensity and competitive hurdles).

Large companies must reshape organizational boundaries to enable many connections (to source demand and execute) within their processes to create new products and reach an amorphous set of new dynamic communities.  Historically, acquisition and JVs were the approach to boundary growth. The future will see a much more loosely coupled approach to deliver value, one focused around common platforms, standards and networks. Best examples are App Store, Wikipedia, Microsoft/Intel, and Uber were many independent nodes innovate and connect to successful networks, and each node is in control (with ability to measure and price) its unique value.

What are the 2015 drivers of collaboration?

1) Consumer behavior is undergoing a tectonic shifts (mobile, commerce, social interaction, employment, education, reputation, …).

2) Information intensity has outpaced the importance of economies of scale (asset intensity). Both in terms of efficiency (cost) and growth (revenue). Over the last 5 years new networks (mobile, digital communities, Uber, …etc) have destroyed the traditional structures of information creation, curation, distribution and use (ex Universities/MOOCs, Maytag Repair/Youtube DIY, Britanica/Wikipedia, ..). It is NOT ENOUGH to manage your data (ie Big Data), you must find a way to let it work with the environment (ex CommerceSignals). Traditional networks and closed systems are fragmenting (ie Commercial, social, political).

3) Awareness (the Solo Approach has failed). Fortune 50s have each spent over $500M (each) in attempts to build a Google (aka business platform) where everyone works with them. They have now realized that this myopic approach creates magnets of opposing fields. No one company can do build a platform.. platforms REQUIRE collaboration not ownership. Partnerships (closed networks/clusters) are the natural first response to this environmental change. However closed networks are challenged to gain traction in dynamic markets.

4) Google, Amazon, FB and Apple have become powerful Star networks threatening just about everyone (see below). There is a race going on today, some of which I outlined in Banks/Non-Banks and Commerce Networks. Also see Google Creating Platform for Mobile Economy. My NewCo, CommerceSignals is focused on helping everyone else collaborate and compete.

Information Intensity

If information is power.. where is it flowing? If we assume Networks are conduits of information, will mapping networks allow us to map power?

  • 500 years ago information was held in books. Books resided in academia and in monasteries. Networks were largely structured in relationships and affiliations (which were highly geographical).
  • 100 years ago public information (books) moved into public libraries, and commercial information (designs and processes) was held within commercial enterprises. Networks expanded in geographical scope (reach), specialization (scope) but transaction depth and information organization did not change. Power largely resided with the creators of information and distributors of information.
  • 20 years ago – Democratization of Data (access/structuring). Public information moved online and became dynamic (Wikipedia) while private information became organized within any given commercial enterprise (ie ERP/Big data). Information organization and access exponentially expanded (mobile, internet, google, broadband…etc), new specialized networks formed with many new specialists (stores, outsourcing, design, hosted services, …). Power began to shift to individuals, virtual access points for information, and new communities.
  • 5-10 years ago – New networks facilitated new connected communities (social, educational, business, ..etc). Expertise and content creation shifted from traditional geographically based entities into loosely structured global communities of experts. Time spent in community increased, as depth of information increased, and tools for dissemination improved (MOOCs, Youtube DIY, ISIS Propoganda, …). Consumer behavior shifted massively to new channels and communities. Private commercial data became actionable through new private networks (ex supply chain, advertising, …etc). Power shifted to communities and orchestrators of (public) small world information (Google, FB, Amazon, Apple, …). Risk and Reputation expanded beyond closed networks and new companies (ex Uber, Airbnb) leveraged information to connect existing (small) assets to consumers in new communities and commercial processes.

Information in isolation delivers little value, particularly if you are the only entity that can act on your insight.  How many assets (and insights) do you have within your company that are discarded or underleveraged?

Internet 3.0 and Boundaries

Internet 3.0 (i3) eliminates traditional competitive barriers (assets intensity, specialized skills, product design, distribution, marketing, brand,…  ) enabling new forms of collaboration and asset utilization within a new set of virtual communities. Swarms of specialized communities are hyper meritocracies which react to serve areas that are: #1 inefficient, #2 opaque (ie wiki leaks, banking, advertising…), #3 poorly serve the consumer or #4 at risk (ie Darwinian).

Today we see this dynamic take place in many areas: App Stores, Uber Drivers,  MOOCs (College Learning), Wikipedia, Blogs (vs Newspapers), …etc. This may be analogous to the end of the Jurassic period (no more Dinosaurs).  The structure of most corporations is at risk (inefficient, opaque, poorly serve consumer, at risk).

Information intensity and the ability to manage across internal boundaries and interfaces will be key to future margin (not economies of scale, asset intensity and competitive hurdles). Large companies must enable many connections to source demand and execute  within their supply chain to reach an amorphous set of new dynamic communities.  The “boundaries” of a company MUST become more open (as they are currently in your marketing and sales sides today).

Boundaries and Collaboration ARE NOT a Technology Thing; It is a business thing.

Example – Uber

What makes Uber so successful? It created an effective market for existing assets, with an infrastructure to manage it. I see the core services in Uber’s network as:

  • Risk/Trust (driver vetting, insurance, reputation, insurance, reporting)
  • Quality of Service (Time to Pick up, Routing, Availability, Payment)
  • Consistent Rules/Terms
  • Cost to Connect (Customer Acquisition/Registration, Driver Registration, ..)
  • Value Added Services

What other areas of the economy have inadequate markets? Amazon started with books and leveraged to become the starting point for product search and reputation. Traditional university education is being threatened by Massive Online Open Courses (MOOCs), retail banking and prepaid cards, …etc

Platforms vs Networks vs Markets

Is Google a Platform or a Network? Visa? Verizon? All of these terms are over loaded and used too frequently. But there are very important elements loaded in here, with very large economic implications, thus worthy of discussion.


Platform Network Market
Technology Terms High Medium Low
Business Terms Poorly Defined Well Defined Well Defined
Investment Risk High Medium Low
Rule Making Closed Closed/Open Open
Number of Services +++ ++ +
Compliance Loose Rigid Rigid
Pricing Undefined Defined Bid/Ask
Control 1-3 Leaders Owner Members

Markets are defined by pricing (ie Supply/Demand) and neutrality. Networks typically have defined participants, value/services and pricing (payment acceptance, transportation, call routing). Platforms are largely technology constructs where collaboration may occur, but business terms are ill defined (example Microsoft and Intel). I discussed platforms in last year’s iPhone 6 blog, my favorite Platform book is Platform Leadership: How Intel, Microsoft and Cisco Drive Industry Innovation. The authors outlined 4 Levers of Platform Leadership

  1. Scope of Firm: What is done inside, how they encourage outside investment and focus
  2. Product Technology: Architecture, Interfaces, Modularity, What do they expose to partners?
  3. Relationship with Complimentors: Support of Complimentors, acting on ecosystem needs, path to consensus and standardization, profitability
  4. Internal Organization: What is the “core”, and how are resources allocated to core activities vs support for partners.

Networks are common facilities where heterogeneous nodes interact with a defined service(s) and rules. Networks “sticky”

in small world networks, building and maintaining links between network elements requires energy…. [in a world with limited resources] a transition will occur toward a star network [pg 75] where one of a very few mega hubs will dominate the whole system. The star network resembles dictatorships in social networks

Weak Links by Peter Csermely (viewable on Google Books here)

There are hundreds of platforms, millions of markets, yet only a handful of effective commercial (and social) networks. In layman’s terms could you imagine working across 10 different Facebook alternatives? Or installing rail road tracks next to your competitor? This is what the EU hates about Google and Facebook…  It is very hard for a competitor to break into this model.. as these services are already free (and open).

Networks are much more rare, they enable collaboration and unlock economic value. My top investment hypothesis: find networks where thousands of participants invest billions of dollars to make work (Visa, Mastercard, Nasdaq, Uber, Apple App Store, … ). Companies like Uber and Airbnb demonstrate how new networks can form to tackle inefficiency. It is only a matter of time before the swarm comes after your business. How do you react? Collaboration may be a good first step.

Can you “pivot” to a Software Company?

This is not just about “how we work with young innovative companies”, it is about your boundaries. How does a large company act more like a software company? See my blog on Braintree.  My favorite example today is Visa – See Forbes

“We’re telling [developers], ‘Please dream, please build new applications,’ ” says Taneja.

Don’t roll your eyes… Visa has great potential here. Certainly one of the World’s best networks (with much room to grow). After all, it is much easier for an existing network to expand services than an individual node

First a little “Buzz Worthy: background: Internet 1.0 was the static internet (indexing of publicly available information). Internet 2.0 was about user generated content, interoperability, transactions. Internet 3.0….

  • Value Orchestration and Partnerships (OK I planted this one)
  • Connective Intelligence
  • Internet of Things (IOT)
  • Mobilization of Everything
  • Big Data
  • Sharing Economy (Uber)
  • Shift to Hyperlocal
  • Innovation (sick of this one)
  • Trust/Reputation Portability
  • Remaking of businesses (not a web front end to the one that existed 50 yrs ago)

In Internet 1.0 and 2.0 companies treated the internet as a channel, business impacts were around getting your internal stuff into this new place: advertising (targeting consumers), consumer information (ex price transparency, reputation) and local fulfillment (online payments, shipping). The channel was new, and competition changed, yet businesses still created the same products, and didn’t substantially change internal operations.

The impact to businesses/economies from Internet 3.0 will be much more pervasive. How big? Answer these questions:

  • How much more efficient has your organization become in last 20 years (ex: net margin)?addon architecture
  • How long does it take your company to launch a major new product?
  • How long does it take your company to create a new partnership (with shared economics)?
  • How has your company’s core value proposition to consumers changed?
  • How long did it take your company to complete a major technology project?

No Design

Opening up your organization is not easy. Most Fortune 50s have system architectures that resemble this unique structure.  No one starts out with a design like this, it is rather a result of a 1000 tactical decisions, acquisitions, one off projects, and evolving technologies. This is not solely the fault of your CIOs, as technology is strategic area where strategic discussion and decision making is most deficient. What other area has so little discussion from lines of business? CEOs see a vision of what they want, but the ability to evolve is hampered by the high cost of reconstruction and inability to create a consensus design across the organization.

One of my favorite personal stories here was from my time as Senior Director or Oracle’s Global Solution Architecture Practice in 2001.  We met with the new CIO of Motorola where he asked our help in consolidating 124 different ERP systems into one (118 or them were Oracle). His quote “It may be our fault for letting you sell us your software 118 times, but you must share in the burden of helping me clean this up”.

Little wonder “big data” is popular, as gaining insight into the internal mess you have is just the first step of realizing where your customers are and how they interact with you. Most of you know JPM is building a Data Division, one driver is Jamie’s view that Banks have better data than Google. As a former banker I can tell you just getting a report on my customers across products and countries within the bank is a major accomplishment! The idea that I can also manage external data for millions of companies and billions of consumers is ludicrous.. and then deliver on a VALUE proposition to consumers I touch once a month is just plain silly (and myopic). Commerce value is unlocked by working with consumers, merchants and manufacturers.. Commerce is interaction. So how are you improving your interaction!?

One of the obvious challenges of opening up your organization is opening up the ugliness of your infrastructure. For example, FirstData created the OfferWise API a few years ago. Unfortunately this API only worked for merchants that were on its IBM mainframe (not it’s 3 other systems). Similarly its new Clover API is one of the best in the business, yet it only works on the Clover platform. As an advertising partner.. how are you to know what to develop on?beautiful house

Google, Facebook, Apple and Amazon have huge advantages in design as they operate like software companies run by engineers where design matters. In Amazon for instance, each and every service in the company can be leveraged by any other part of the company. It’s own systems architecture allowed it to create Amazon Web Services (AWS).  Integrating internal heterogeneous systems is hard. Exposing these services externally is even harder.

Another of example involves Google/Citi.

Citi was a launch partner for Google Wallet in 2011 and asked the Google team to freeze software deployment while the card provision application was certified. Google said “what is a freeze”? Citi said “you know stop any changes while we certify”. Google “we operate under continuous integration, changes are pushed out every day… we can’t do that”. Citi “what part can you freeze?” Google “I guess we could freeze our API to you”.  The old and new worlds of software design collided here (waterfall vs. Agile), integration is very complex…

How massive is the complexity? Here is a simple advertising picture… you tell me how card data fits in here. To get around the systems integration complexity, companies have begun the dangerous process of sharing the raw data. In the Datalogix model, 340 odd Retailers give DLX a daily copy of all loyalty card information and SKU level purchase information. If you are a CEO.. do you even know where your data is going? Who has it? What would consumers think? There is a better way (shameless plug call CommerceSignals).


Back in 1997, while I was at Gartner Group, my good friend Roy Schulte coined the term Service Oriented Architecture (SOA). An evolution of what he had referred to as software through contracts. Central to both of these models are the concepts of modularity (specifiability, predictability, measurability) and abstraction.

Today we have MANY interoperable software technologies.. but we have no way to unlock collective intelligence. One of the core problems here is how do you share value (measure) what any one company provided toward “success”. This is not a “big data” problem.. it is a network and market problem. This is what I’m focused on in Commerce Signals.. but more on that in a few months.

Action Plan

Where should a fortune 50 CEO start? People would make the most sense, but big companies are getting a BAD name. For instance JPM had 600 world class mobile engineers working out of Palo Alto.. and assigned 300 of them to Mortgage compliance.. not something you emphasize in your recruiting.

The US is fortunate to attract the World’s best software talent, and the best people attract the best people. The US amplifies this advantage by giving this world class  talent access to capital (willing to take risk).

Apple, Amazon, Google have all taken very different approaches to creating platforms and operating within networks (see Google Creates Platform for Mobile Economy). Most would agree that Apple is the worst partner, whereas Google partners heavily in areas it controls (search, advertising, ..). Amazon is the only company that has made great strides in creating a platform for 1000s of other businesses (retail store, distribution and AWS).

Common to all three companies is their senior management attention to technology and software. Execs get their fingers dirty in it and hire the best people.. then they LISTEN to their technology people. Google’s problem is that they don’t listen to anyone else. Apple’s problem is that software is a second stepchild to hardware/design.. but I digress.

Action plan

1) List out your most valuable consumer insights

2) List your top growth opportunities

3) List the top sources of new revenue from existing customers

4) Where are your greatest threats?

5) What are you not acting on?

6) Who can act on them more effectively?

7) How can you partner one time?

8) How can you enable 100 companies to run with the opportunity?

9) What needs to be measured?

If you don’t take action.. the swarm will …


The “Stripe” of Identity

16 April 2015

Making Payments easy is a very hard thing to do (see post).. the same can be said of authentication. Apple has created a new standard for biometrics/identity and authentication with TouchID.. and platform security (with iPhone 6). Problem for entities needing to authorize using Touch ID (ex Banks) is that Apple doesn’t pass the raw biometrics.. its actually against the law in Europe (which makes sense as fingers are rather hard to re-issue). 

How can banks leverage Touch ID for authentication/authorization of their bank app? There are 3 parts to the problem:

  1. integration with Touch ID (Trust of TouchID),
  2. Trust of the Phone (phone ID)
  3. Authorization for the Service. 

I can’t believe I’m going to write this next part.. it breaks most of my rules.. but a Bank Consortium has actually innovated!!  Early Warning’s purchase of Authentify may be the best bank innovation of the last 10 years. With Authentify, banks now have a consistent way to implement biometrics, manage trust, and authorization across iOS, Android and other platforms.  See press release below.

Early Warning’s other components include Payfone (jointly owned by US Banks, US MNOs and Amex), and the US banking industry’s top secret fraud fighting utility (which has migrated from ACH, Checks, Debit into Credit and lending) .

Early Warning has completely remade itself over the last 5 years.. becoming a the US Banking Industry’s best consortium for innovation and value creation. Congrats to CEO Paul Finch and his fabulous product, M&A and Tech team.. and to all of his bank members for making this possible. 

Apple Brands Payments!

28 MarchapplePay - Terminal Branding kit

I told you so in September.. Apple has created its own acceptance brand. Retails can now buy a decal kit on Apple’s site (ApplePay Kit). Great overview in Apple Insider this week covering merchant instruction where to put the decals “above all others” (door, register, terminal). From  I received this picture. 

Why would Visa, Mastercard and Issuers allow this!? I’m just flabbergasted. Banks pay 15bps, V/MA do 90% of the work.. and Apple creates a new acceptance brand without doing any role in the financial process?

As I predicted.. payments are not in the top 10 reasons most consumers buy a new iPhone, with only 6% of iPhone 6 customers even trying it (per the Apple insider article above).

See my long blog on the issues that this branding will cause Apple – ApplePay and Merchants (Sept 2014).

What are Banks to do? Merchants? Focus on value both individually and collectively. Payments are a brokering business.. Creating a new brand that no one can control is not a fast way toward “partnering” with either businesses or banks.

Oh.. and for goodness sake .. say a little something about this branding. Perhaps adjust the decline rate on AP relative to cards.. ?? (Apple didn’t authenticate you.. we would like to approve)

My View?

Apple’s brand will succeed in Apple’s “walled garden” Banks and merchants are well positioned to kill weeds in theirs.

For my Bank friends – Inventory of Payment Decisions

28 Mar 2015

(a partial inventory for Issuers)

Payments are normally a very sleepy business which changes at a glacial pace. Rule of thumb has been it takes 20 years for anything truly new to develop (Debit Cards, ATM, NFC, …).  All this has changed … as identity, authentication, trust, acceptance, value, regulation, infrastructure, cost of issuance, speed of issuance, consumer mobile preferences, consortiums, standards, bitcoin ..  ALL are shifting rapidly. I covered much of this in my January blog Structural Changes in Payments and 4 years ago in Banks Will Win in Payments! … But Which Ones?. With the top 5 structural changes:

  1. Risk and Identity (Authentication and Authorization)
  2. Data/Commerce Value
  3. Consumer Behavior/Trust/Acceptance
  4. Issuance/Customer Acquisition/HCE
  5. Regulatory/Rates/Rules (Fees)
  6. Mobile/Payment in the OS


It’s not just payments that are changing, bank branch footprint and the core deposit account are under threat. Not just pre-paid… companies like TMobile, Wirecard, Vodafone, and even Google are thinking of offering direct deposit and bill pay (See this week’s Recode and Future of Retail Banking: Prepaid?, T-Mobile – Great Move into Banking,  )

branch visits

Before we get into an arcane list of initiatives, let me tell you a few stories on just how bad the situation is.

12 months ago, Chase shows up at Amazon to present their new secret creation: ChaseWallet. The Amazon guys didn’t know before hand what JPM wanted to talk about…. On hearing the opening of the JPM pitch Amazon thinks its some kind of joke (…. listening for the punch line). But Chase was serious..!! the Amazon team is almost rolling in laughter/pity. As opposed to telling them how silly the idea is (Amazon has a little One Click button with 400M+ consumers registered) they ask how this is different than the initiative that Chase Payment Tech is leading to enroll merchants in One Click.. The Chase Senior Exec (consumer side) is silent.. “I’m not aware of that”. Can you believe that largest bank, shows up at the largest online merchant to pitch an idea for a wallet to the company that invented it!? Sorry Chase, but you deserved that… What was once the nation’s leading payment team is now a bit of a joke in the valley. (Chase went to Google with same idea following week).

Jamie Dimon was quoted saying that Google, Apple, … all want to “eat our lunch” in this metaphor I guess consumers are on the menu. As much as I respect Jamie as the best banker on the planet, he continues to miss the consumer view… we are not owned, we migrate to where value is provided. Rather than working to specialize in delivering value to consumer, Consumer Banks tend to work to build higher walls and create rules which work against the specialization. These walls will become their own jail if they fail to focus on value, knowing your customer and specialized risk management.

A flip side story.. ApplePay was a closely held secret (other than my blog). Apple only allowed 9 companies into the tent: 5 Banks, FirstData (and Star), Visa, MA, Amex. Within those companies employees had to sign a strict confidentiality agreement and only 5-15 employees could be made aware (within issuers).  I was with 20 of the bank fraud heads 20 days after launch of ApplePay, the guys were telling me how bad the binding process (enrollment fraud) was going to be. Apple wouldn’t respond to banks, networks or anyone.. not by phone, mail. It was a take it or leave it.  Thank goodness for Money2020.. helped get bank fraud guys together with Apple Product.. but the path for collaboration was just abysmal (Apple’s fault)

Inventory of Payment Decisions (Bank Issuer)

  • Bank/IssuerDebit Card
    • Credit Card
    • Debit Card
    • ATM
    • EMV
      • Creditpayments pyramid
      • Debit
      • ATM
    • Tokens
    • Token Vaulting
    • PIN
    • ACH/Wire
    • Check
    • Cash
    • Private Label
    • Pre-paid
    • Private Label
    • Bit Coin
    • Networks
      • Credit
      • Debit
      • ATM/PIN Debit
      • ACH
      • FED
      • SWIFT
      • FRB
      • CHIPS
    • Network Services
      • Tokens
      • Cross Border
      • Pricing
      • Money Transfer
      • Rules/Rule Changes
      • CNP Liability Shift
      • Virtual Card
      • Digital Wallets
      • Alerts
      • Debit Processing
      • Offers
      • Loyalty
      • Redemption
    • Digital Wallets
      • Card Provisioning
      • Partners
      • Apple
      • Google
      • Samsung
    • Infrastructure
      • Card Issuance
      • Measurement
      • Fraud
      • Authorization
      • AuthenticationPayments Council
      • Billing
      • Call Center
    • Partners/Vendors
      • Processing
      • Loyalty
      • Networks
    • Consortiums
      • ClearxChange
      • Early Warning
      • The Clearing House
      • NACHA
      • ABA
      • FSTC
      • ??
    • Regulatory
      • Fed
      • OCC
      • DOJ
      • FTC
      • Policy
      • Fincen
    • New Initiatives
      • Data
      • Offers
      • Fed Faster Payments
      • NACHA
      • Clearxchange
      • Tokenization
    • Standards
      • emvco
      • ISO
      • Open/Android
      • …etc
    • Structure and Organizational

What is a Bank to do?

How do you Prioritize or Organize in this Chaos?

Step 1 – Admit you have a problem!  Then find people that know about it. Look around your organization and find the 5 people that can give an informed view of 50% of the above.  If you don’t have them.. you should go get them.

Step 2 – Create Structure. Where Bank enterprise payment strategy is discussed, with a senior exec champion.  You need some young payment techies and some old hands in the mix. My blog Need for Bank Payment Counsils provided an overview of the structure and objectives of such an org.  CEO should be involved to show importance.

Step 3 – Assess your situation

1) Where is your Revenue today?

2) How do you deliver value in top 5?

3) What are your core Assets? How competitive?

4) What revenue is most at risk?

5) Is there a clear path to win or uncertain future?

Step 4 – Prioritize and create a plan of Action

Step 5 – Assess Partnerships and Assess Impacts. Payments is a networked business. No one can go it alone for long (message to JPM).

Step 6 – Act Quickly. Both Strategically and Opportunistically.

Step 7 – Measure and Adjust. We are moving from 20 year cycles to 12 months. Banks have not run this way before. They must find a way of adapting to the environment.

Facebook P2P

Why do I think Facebook P2P is a big deal?

1) Evolves Facebook’s network from social graph toward commerce and advertising

2) Enables participants (and FB) to monetize their networks

For readers of my blog, you know my view that Facebook has enormous potential to create a new form of social advertising that is far more powerful than banner ads and search. The primary reason I use Amazon for everything is product reputation. Imagine a future where facebook would allow social networks to create reputations on businesses and products from within “communities” where you participate (clothing, organic food providers, restaurants, local service providers, …).

The central challenge in executing against this vision is that consumer social interaction in FB today is not about commerce. This is why ad click rates are so low.. they don’t capture intent. Enhancing FB community’s ability to discuss products and services will help them capture more intent, and enhance the overall interaction of their network. But how do you get your network to start discussing “commerce”!?  Why would a consumer invest time (reviewing) here?

P2P Payments is a core service that would allow FB participants to monetize the value they create. Each and every person could become an advocate and an expert. Youtube self service videos would go to FB first as they enable creators of the videos to create communities, followers and revenue. P2P is Facebook’s first step to add commerce to community.

Given how far Facebook is ahead on Targeting and Attribution, combined with it’s champion position as the only channel where manufacturer’s interact directly with consumers.. means P2P and new commerce interaction will unlock a massive new “graph”.

Questions on P2P

If you want me to roll my eyes in any forum.. just mention P2P. P2P is simply the largest consistent failure in the market (with Obopay as the poster child)… technically, and as a business model. Consumers don’t split bills with friends at a bar, or pay their babysitters on their phone. P2P money flows are just too unpredictable .. and business models compete with FREE! (Paypal, Google, Cash, Intra Bank, ClearxChange). In this case FB has a solid business objective..

How does facebook enable this P2P? The only thing we know is that involves debit card linking. This is not a new service at all (See my blog on Visa Money Transfer from 5 years ago).  The transaction sets that Visa and Mastercard set 5-7 years ago are still not ubiquitous across all banks.. they may be “mandatory” but the big banks just don’t care.  Square Cash was the first product to break the mold and enable ubiquity, it did this through skipping the official VMT/MSS transaction set and issuing a credit/refund to the beneficiary (that was technically against the rules).

I would love to get more details on how FB will work (in the US). My guess? They structured a P2P routing business that combines ClearxChange (History here from its days as BAC-WFC Pariter) for top 5 bank P2P, and Visa/MA VMT/MoneySend for all else. This would give participating banks a “choice” between implementing the card networks transactions sets or going through ClearXChange.  My sources tell me the price of participation in Clearxchange is $60M (as core member). This routing approach would allow Facebook to work across 95%+ of US p2p transactions out of the box.It would also give Clearxchange its very first business outside of the Bank’s own online banking transfer service.

Can I see your ID?

credit_card_transaction_paul_burns18 March 2015


A major retailer just called me this AM. Theme of conversation is that the industry is creating a “perfect storm” for issuers in acceptance.  While LoopPay is very secure (because of Visa/MA tokens, phone ID, and transaction counters), the existence of a commercial grade mag stripe emulator in the hands of “bad guys” will create a little chaos… particularly when the cashiers think nothing of consumers (or fraudsters) waving their phones at the POS.

While both Visa and Mastercard have set rules that prohibit merchants for asking for IDs in a contactless EMV transaction (EMV), LoopPay (Samsung calls it MST) muddies the waters as it uses the phone to talk to the magnetic reader of the payment terminal. MST transactions are magstripe transactions which merchants are (and have always been) allowed to ask for IDs. Merchants can make the case that they have no idea which is which, and they have no way of “prohibiting” either, thus they must assume that it requires them to treat as something that requires them to validate (signature).

Let me see if I can list the different acceptance methods (looking for input into what I miss)

Acceptance Options


Add to this list Token authority (Tier 1, Tier 2, Visa, Mastercard, TCH, Bank, …) and TSM for GSM style NFC and we have quite a complex mess. The good news is that issuers have control over where their cards are presented.. Problem is that there are many new “exploits” which can be attacked by very well funded fraudsters.

Normally, all of this seems to put pressure to update and lock down your payment terminals. But merchants don’t bear any costs for POS fraud where they have validated signature/ID… it moves to the banks. How can Banks force merchants to lock down terminals? The incentives are very complex.. so complex that it may mean “can I see your ID” happens in every case.  So much for mobile making things easier.

In EMV transactions, issuers are normally in control of when PIN is required.. In mobile  there is no physical payment instrument (card)  for the cashier to validate signature … so when they ask for ID what do they validate against? (ie no embossed card with your name on it). This means issuers will naturally like PIN for mobile. In the US consumers don’t know their PIN (for credit cards)..

This is just too confusing.. lets just say small issuers will have a very challenging time adapting here, while the big issuers will maintain a substantial advantage. This is the normal course of [big] bank fraud strategy:  if a bear comes to your campsite you don’t have to be faster than the bear.. just faster than the slowest fellow camper (small banks)

Google Creating Platform for a New Mobile ECONOMY

16 March 2015

How can Google, Samsung or anyone else ever hope to catch Apple? It depends on what they are chasing!

My view is that Google has just begun a major transformation to the physical (offline) world with Android as the key enabling “platform” (beyond search to orchestration) for a new business network. This transformation involves 5 primary vectors:

  1. Enable Android as the secure platform (SE Linux, Trustzone)
  2. Create participant incentives for commerce “network” to invest and transact on “platform” (Advertiser, MNO, Bank, Retailer, …)
  3. Improve physical world insight/data collection to enhance targeting and attribution
  4. Capture and manage consumer identity
  5. Create/enhance consumer engagement platform for commerce

Mobile Industry vs. Mobile Economy

Apple is the #1 company in the world. (A very BIG period). Apple’s position is well earned through focus and hard work. Operating as a  consumer champion that captures a mind numbing 93% of the mobile industry’s profits.  The most obvious question to address in this blog: what could ANYONE do to dent this? (operating from a basis of under 7%). In other words, what could Google do that would possibly matter?

Answer: The “Mobile industry” is not what Google is chasing (nor are Amazon, FB, Twitter, …). “Industry” is an old world classification that does not account for most aspects of the MOBILE ECONOMY (advertising, beacons, shopping, shipping, social, payment, identity, …etc). The mobile economy is about commerce. Perhaps my favorite “stat of the year” to exemplify the impact of mobile outside of the traditional “industry” came from January in Tech Crunch. Amazon’s business has shifted from 5% mobile to 60% mobile in 5 years!! (see Convergence Blog for more detail).star network

As mobile and IOT encompass ever larger roles/touches which impact our behavior, Google is moving to support both: Android as the embedded OS (connected everything) and Google core as the center of commerce (the orchestrator).  This blog focuses on mobile commerce and I will try to outline a few of Google’s strategic moves that are redefining the mobile economy.

Google’s core is centered on connecting businesses  and consumers, delivering services to all.  At the center of this star network is the indisputable “data” utility which becomes more efficient with every insight they gain on both sides (consumer and merchant).  Today millions of businesses and billions of consumers are investing “energy” to connect to Google (all with unique incentives)

Businesses, Banks and Consumers are all wondering if the beautiful simplicity of Google’s bright shining star [network] is a Faustian Bargain, much worse than Apple’s walled garden. Google’s position today is quite a feat given its humble beginnings as a free Open Source mobile OS that Google bought in 2005.

How is Google building platform and network? Moving to a model of shared incentives and partnerships?  Before we go deep here, let me first attempt to paint the picture of Apple’s dominance (and weakness).


Apple’s success is completely driven by the consumer, logically this means their organization and investment are focused on delivering great consumer products which operate within a giant walled garden. This walled garden works well in a small world (individual’s control: telephone, music, calendar, pictures) where Apple can control, but not very well in coordinating interactions outside of the garden. Stated differently, Apple’s approach of “my way or nothing”, means it has few friends.

As I outlined 2015 Predictions blog, competition is no longer about camera resolution, storage, and screen size, that enable you to manage items in your small world.  The visible (obvious) attributes of mobile competition have become a commodity; as well as the small world problems that your phone solves.  My view is  Apple’s greatest assets are consumer trust and its unique ability to change consumer behavior (see blog Apple and Physical Commerce, and Consumer Behavior). These assets allow Apple to assume a leading role in connecting and orchestrating consumers in the real “connected” world , however they are 5 years behind Google, Amazon and Facebook in their ability to execute here.

Why is Apple falling down in IOT/Connected Commerce? Apple has 4 primary strategic weaknesses: 1) it does not partner well (closed network and proprietary standards) and 2) it relies primarily on hardware for revenue, 3) its entire organizational culture and focus is on hardware 4) it locks consumers into its walled garden. Today pointing out these weaknesses is like telling Peyton Manning that his singing was out of tune, or Albert Einstein’s flaw as dancing. These shortcomings just don’t matter in a world where Apple is 3 years ahead of everyone else in profitability, quality, loyalty, integrated OS and Hardware.

Apple’s business model is perhaps the best example of how closed networks win through the domination of a benevolent “channel master” (see iPhone 6 – Apple’s Strategic Opportunity). Cisco, Microsoft, Intel all operate in this model. Apple’s star network is much smaller (ie connected business) but its bonds are much stronger. However, their success may become a hindrance.. as merchants, banks and others want to “own the consumer” too.

Compared to Apple, Google’s world is much more democratic, it wins by delivering value through customer choice every day (search, maps, mail, play, HCE, …).  Google is a commerce enabling, which tilts toward the consumer (on the phone) and toward the merchant (in advertising). Where Apple has a walled garden; Google is a semi open platform that supports many gardens and clusters.  Where Apple’s business is driven by hardware margin; Google’s is driven by daily consumer and merchant choice. Where Apple delivers value to consumers and itself; Google delivers value to every merchant, bank, MNO and almost every consumer (even on iOS). What other businesses are enablers of consumer and merchant? My list is fairly small…

Apple’s inability to make the iPhone work outside their garden, means that they are dependent upon device only margin (currently a fantastic business model). Critics will point out that Apple runs a fantastically successful App Store Platform that is 8x-20x more profitable than Google’s (with less than one quarter of the handsets).  However this is Apple’s walled garden.. where Apple made 30% from $2B from App store sales benefiting 500k odd top app developers, Google’s US Ad sales last year were $30B driving at least 20% of $185B in US eCommerce Sales. Google’s role was much more impactful to the overall economy (and almost all businesses).

Platform is turning out to be an opportunity lost for Apple. The iPhone 6’s security has made it the first “convergence device” with the ability to broker interaction in virtual world and the physical world (NSA, CIA and everyone else are still working to break industrial grade security). Yet Apple has no plan to leverage this identity management outside of their platform (see Brokering Identity), or even use basic identity information to assist banks with identifying ApplePay fraud (until very recently).

How to combine assets in the new Mobile Economy?

We need collaboration! The last 10 years has seen every major fortune 100 build big data facilities that work with nothing else. Banks, MNOs and others have all invested billions in an attempt to build an advertising business to rival Google’s. JPM Chase has a new data division on par with the investment bank, Verizon has built PMI, Walmart has WMX. All are constrained by their partial views of the consumer. Advertisers are challenged to work within these new proprietary efforts. The market need surrounds incremental insight engaging consumers in the channel which they prefer .. which means combining data.Data options

US MNOs spent over $600M+ trying to make their NFC play work. As my good friend Osama said at a recent MNO event “in order to create value sometimes we must let go of the assets we treasure most knowing that value is only created when they are combined with the assets and interests of others”.

Google provides a massive closed market (Ad Words) with unsurpassed consumer insight and trust. No company can choose NOT TO participate in Google’s economy, after all advertisers and retailers must go to where consumers are (not where they want them to be). Google operates in discovery, awareness, engagement, selection, sales, delivery and support.

Google is perhaps the only company in the world that is both loved and feared by merchants, banks and consumers. Particularly as their traditional open source, closed market, and “do no evil” approaches become more proprietary and less transparent. Google’s insurmountable advantage is in using data and insights within its own organization, where everyone else must be diligent with sharing (externally).

Today that fear is not well placed. Few understand just how myopic Google’s current data dominance is. While Google knows most about you online (search, mail, maps), they know very little about you in the real world. Google indexed the internet to create a common directory of public data, yet it has very little insight into private data (even your actual identity).  Facebook, Apple and Amazon all have far greater consumer identity insight.  Physical world (off line) data is of far greater value than online data, and online eCommerce sales are only $185B (US) comparted to $2.4T in offline Commerce.


Perhaps it’s easiest to start this section by outlining what has changed in the last 12-18 months?Google economics

As stated in intro paragraph, I believe Google has begun a major transformation to the physical (offline) world with Android as the key enabling “platform” (beyond search to orchestration) for a new business network. This transformation involves 5 primary vectors:

  1. Enable Android as the secure platform (SE Linux, Trustzone)
  2. Create participant incentives for commerce “network” to invest and transact on “platform” (Advertiser, MNO, Bank, Retailer, …)
  3. Improve offline insight/data collection to enhance targeting and attribution
  4. Capture and manage consumer identity
  5. Create/enhance customer engagement platform for commerce

Android as Secure Platform

Android is transition from open source Linux to SE Linux (which was oddly enough created by the NSA).  One of Androids major shortcomings was its dependency on OEMs (minimal say on hardware). While Apple worked to create innovations like touch ID that is stored within the secure enclave within the A7/A8, Google had to work with prime OEM vendors like ARM to build the equivalent (both Apple Secure Enclave and Google’s new equiv are based upon ARM’s Trustzone/TEE).  Android is making big bets in security, as managing information (and authenticating consumer) is key to orchestration (see  Authentication – A Core Battle for Monetizing Mobile).

Poor SamsungPay. These guys obviously don’t read my blog or they would have clearly seen the implications of Google’s new MNO deal. SamsungPay will not be pre-loaded onto Samsung’s own phone. Samsung not only lost in payments, but also in owning a proprietary security construct that secured the token (Samsung’s proprietary Arm TrustZone implementation). Even if a consumer loaded SamsungPay onto their phone, it will not work without Samsung leveraging the new Google/ARM firmware for secure credential management.

Apple’s biggest lead (with no apparent threat) is in touch ID. While SE Linux and Secure Storage are important… you must know WHO is coming in the front door. The Android approach seems to be more about behavior and forensic identification than biometric.

Incentives for participation

In 2011, the US carriers wanted an estimated $3B from Google for the “rights” to NFC (and the secure element). Google correctly responded.. “how about we figure this out together and see if we can make it work” (skin in the game approach). Last month we saw Google’s purchase of ISIS/Softcard for $60M with a new strategic partnership, with unknown revenue share, and unknown mandatory Android features (ie Wallet/Play/ ?) with the Carriers that redefines the “secure” standard of a new Android platform.

Whereas Apple has complete control over every aspect of iOS. Google has created a network for revenue/sales. Retailers advertise/engage/create, MNOs rev share, Banks manage payments.  You can only guess which platform Banks and MNOs would prefer to invest. This common platform may be a turning point for collaboration and Commerce 3.0 (my year of partnerships).

Offline insight

Google’s mission is to use the phone to cross the chasm into offline. The reason a new platform is needed has to do with offline data. For example, Mobile advertising will never work without an understanding of intent and behavior. This [private] information is locked up in millions of businesses (with a copy at the NSA).  data evolution

Today’s data business is just insane. Take a look at someone like CVS, Catalina is one of my favorite data companies (along with ADS), and Catalina works well with Nielsen to target and measure television ads. However they don’t work well digitally, thus CVS has to provide Datalogix (now Oracle) will all of it loyalty data (your SKU level purchase data) to play with Facebook (see my blog for background). Can you imagine having all of your data in multiple locations? Trusting these aggregators use it appropriately? Combining is with their proprietary models and other external data sets? What are they “gleening” from this data?

Google’s approach is to own the data and insights created from their services. Google now wants to create mechanisms to “share”.. the problem is that this “sharing” involves giving data to Google and getting customers back. This allows Google to create great experiences, but the price for data owners is loss of control.

Logically, nothing in biology or in capital markets has this amount of centralization. The title of this section is “combining assets”, is the only answer to combine assets giving them to someone else for unstructured use? This is what my NewCo Commerce Signals does: providing the plumbing for federated data where data owners retain the control over their data, determining not only who they should share data with, but also for what use (next blog). I’m fortunate to have a few big retailers, banks and MNOs that share this view (within Commerce Signals).

Capture Consumer Identity

Remember when you purchased that new iPhone? You couldn’t activate it until you created an iTunes account. That iTunes account required a credit card. What a brilliant Apple move!!  This year Google will finally catch up, as I believe a key facit of new MNO agreements is to make the Google Play account mandatory (with CCN/Token).

Knowing the identity of the consumer is important, authenticating them is quite a bit more difficult.  I believe third parties like Payfone will play a leading roll here. Payfone is jointly owned by top 6 US Banks, Amex, Verizon, RRE and a few other investors. They are tying together identity information of carriers, banks and platforms to score transactions and enrollment.

Customer Engagement

Google has many, many efforts here:

Retailers and Banks are loathe to give Google data, or let them assist directly in consumer engagement. However as long as Consumers choose Google’s services first, Google is in the driver’s seat. Companies that share data more effectively with them will reap greater benefits.

Wrap up

EVERYONE works with Google… it is where consumers are. Consumer behavior on mobile is changing much faster than anyone has anticipated. No one company can ever hope to compete with Google, they are moving fast to reshape the mobile economy.. where consumers spend 3 hr/day.


Android is a much easier platform to make investment. It’s a more predictable standards based environment compared to Apple (ex Sapphire glass or that darn lightening connector), with a strong partnership track record. Google’s democratic nature allows for experimentation. The path toward rewiring commerce is much easier in a Google world.

Having Google at the core of data is not without risks. Companies must work with many parties after all. How do you track the interaction between all of your partners today? Who has your consumer data? What will you share with whom? How can you accelerate trials and tests?

How do you combine your assets to create value in this new future? Without loosing control. This is the problem I am focused on.



Samsung Pay Launches Today: LoopPay + NFC + Tokens

1 Mar 2015

———–Update 8pm

It seems that in the US, Samsung plans to create and certify a new software secure element within the ARM Trustzone architecture that precludes the need for SE Keys, avoids US MNO SE Key Ownership issues (that can’t make MNOs happy).

In other countries (China, EU, …) Samsung’s architecture would leverage the traditional NFC approach within the NXP SE (and traditional TSM).

This is a great technical approach, but is doesn’t appear that Samsung has bothered to sell US MNOs on the concept (of going around them). Anything US MNOs subsidize they must approve..  Which means no pre-installation, particularly given the new Google relationship outlined below.


Brilliant tech and security.. killed in the US by recent Softcard deal

Samsung has just launched its LoopPay plus NFC (plus tokens) with support of top 5 US banks, MA, Visa, Amex, FD. What is it? a mobile payment wallet that works at the POS within Samsung’s new S6. The “new” part is hardware based upon their recent LoopPay acquisition (Samsung calls MST ?Magnetic Secure Transmission?). What does this Loop stuff do? It enables your phone to talk to any payment terminal that accepts a swipe by “emulating” the magnetic field generated as your plastic card’s magnetic stripe goes across the payment terminals’ reader (ie head). This is SUPER cool stuff.. and addresses the key problem impacting ApplePay today: merchant acceptance. In other words a LoopPay enabled phone payment can be accepted anywhere a card swipe is accepted (mag stripe).

Operationally the new payment wallet will combine Loop’s mag stripe emulation plus traditional NFC to work with terminals in either a “swipe” or “tap” mode. If a terminal accepts NFC SamsungPay will detect it and use the more secure NFC, if not it will emulate the magstripe. Technically Samsung has done a super job creating a “secure enclave” equivalent within the ARM TrustZone (and NXP’s PN66T.. having dumped Samsung’s Snapdragon). Samsung may have achieved a coup over  Apple in this new architecture (approval for storing card encryption keys within a new software secure element which will be certified as EMV compliant). This means Samsung doesn’t require the SE keys (in the US) and can also ride on the existing token rails that were created by ApplePay, thereby leveraging the same provisioning process for enabling cards that the networks created in ApplePay. Interestingly neither Samsung nor Google have been able to get the 15bps that Apple got.. showing that banks have learned lessons and that the ApplePay late followers (Samsung)  are now in a weaker position.

The “bad news” is that SamsungPay software is VERY VERY far behind (think Aug/Sept best case), and even if it were ready today it will never be be pre-loaded on ANY phone in the US (given the recent Google/Softcard deal with all 3 major US MNOs). The Google/Softcard deal hit Samsung HARD.. a complete surprise. What does this mean? Complete chaos. SamsungPay Loop requires specialized hardware (MST in S6 Only),  This means that SamsungPay will not work with any existing US handsets (all the SE keys went to Google and old phones don’t have the new ARM TEE with Software SE), applekorea-nov2014-counterpoint

Why would Samsung make this kind of “marketing announcement” without an operational wallet, carrier support and big US holes? Guess is they are feeling the pressure from Apple. The new iPhone is even grabbing over 33% marketshare even in Samsung’s home market (see Reuters article). There are MANY pieces necessary to make a wallet launch work: hardware, new loop acquisition, tokens, certification, bank support, it looks like they have those taken care of.. what is missing? MNO support, SW SE certification and a production ready software wallet.

While I’m rather negative on the prospects for Samsung in the US, I’m very enthused about Samsung’s prospects outside the US by leveraging a traditional NFC architecture plus tokens. As I discussed in Secure Element, NFC, HCE, EMV, Tokens and Cards, tokens plus mobile enabled identity (token assurance information) have enabled software to displace specialize hardware. In this case, a tokenized LoopPay is pure genius.. taking a basic device the tricks the card head into accepting information.. into a card transaction much more secure. I’m not going into the fraud prevention measures, but rest assured “replay attacks” will not be possible.

The purported “mobile acceptance gap” that Samsung’s wallet WOULD address is primarily in the US and due to a lack of merchant terminals that accept NFC. LoopPay addresses this gap through emulating the mag stripe swipe.. The US is where mag stripe swipe remains predominant, and only in a very short term “interim” period before EMV becomes mandatory in October of this year. Thus the market where mag stripe emulation would deliver the most value is the US, yet it is only so for the near term (EMV rollout), with a much delayed software release (September) in an inaccessible MNO environment (per Google/MNO reasons above).


  • SamsungPay is LoopPay plus NFC plus tokens. There won’t be anything to even trial until late summer, it is a marketing launch only (S6 contains the necessary HW)
  • Google/Softcard/US MNO deal has completely killed hopes for SamsungPay in the US, as MNOs CAN NOT pre-install on any Android phone (including S6).
  • Samsung’s hardware is very innovative, leveraging Arm’s TrustZone to store the EMV keys in a new software secure element within ARM’s TEE. I’d be surprised that the networks have already certified this.
  • Visa/MA and Amex will leverage their existing token infrastructure (from ApplePay).
  • LoopPay is super cool and tokens make is super secure.
  • Banks will be able to provision cards to SamsungPay just the same as the do with ApplePay today. Some banks may want to consider the incremental risks associated with the LoopPay card emulation. It looks like the controls are there, but it is not a card presentment mechanism that many have experience with.
  • Perhaps my biggest news here is something that wasn’t announced. My understanding was that Paypal was part of the launch. Perhaps they want to get a little momentum before pissing off all the banks.
  • My biggest unknowns: software live date, bank rev share, TEE certification for holding card keys (Tier 1 TSP), Paypal, HCE in the US (to by pass the Google’s SE key ownership), how will consumer install on top of (next to) GW and why would they want to?




Google+Softcard Levels Field Against Apple

24 Feb 2014

Well done Google. As predicted last month, Google announced last night that it had acquired “some exciting technology and IP from Softcard”. The price? My guess is around $50-60M, plus multi year revenue share (below). This is a FAR cry from the $3-$4 BILLION that these same Mobile Operators wanted for “NFC RIGHTS” in 2011. Google proposed a rev share back then too.. but MNOs were convinced they could go it alone. After dropping almost a billion in ISIS/Softcard with no future revenue of any kind in sight the drivers of the deal were obvious. Not only did carriers need an exit for their investment, they needed a partnership that gives them a role in the future of mCommerce.

What technology will stay? The SE Keys and the vending machine acceptance terminals.. seriously.. 98% of what ISIS/Softcard was is completely dead. My biggest unknown? I would love to see if Amex Serve could pick up the pre-paid card from Mastercard.. as the banks wanted to beat up my good friend Ed McLaughlin for doing what I still think was one of the best most innovative deals ever (Google pre-paid).SONY DSC

What did Google get? MANDATORY GOOGLE WALLET. That’s right, now EVERY ANDROID phone sold by the carriers will have wallet installed. This addresses a key advantage that Apple has in mandating an iTunes account (with credit card) for activating the iPhone. Apple’s brilliant registration process allowed it to know its customers (ID, card on file) where Android/Google did not. Many analysts believe that this ID/Payment deficiency is THE KEY reason why Apple’s environment is 8x-10x more profitable with less than 20% of the handsets. Now Google can compete in all things which require identity+payment. Not JUST in buying apps/music in Google Play, but in orchestrating commerce and brokering identity. I cannot understate the win here for Google. A brilliant move, and I firmly believe that this was the primary driver of the deal. Don’t look at this as a ApplePay competitive thing, it is about enabling Google to identify every Android holder as a default “opt in” during phone activation (iTunes Account Mandatory = Wallet Account Mandatory).

The Carriers? A partner that will share revenue. Where Apple takes 15bps for itself, my guess is that Google will give that to the MNOs, plus some revenue share for play services. My TOP 2015 prediction was that this would be the year of partnerships.. This is certainly my top new one for the year. MNOs are losing sleep about Apple’s unmatched “walled garden”, no one plays but Apple here. Google is developing an open model and this deal may be the first template for MNO/Platform revenue sharing.

Banks? Google will likely slowly “roll out” of its Google Wallet Card (also see TXVIA blog) which wrapped all other cards in a Mastercard Debit. Banks will be able to sign up for Google Wallet through network agreements just as they do for ApplePay today (at same rates/rules). This will mean that the networks will provision bank cards as tokens, and that Google will also benefit from forthcoming CNP token rules this summer. The primary difference in GW operation is HCE+Tokens (see blog). The Google Wallet model is not dependent on the SE Keys, or SD storage.. but it CAN operate in a non HCE model (from its GW 1.0 lineage).

Payment Networks. BIG WIN. Cards are the defacto standard for everything in mobile. I’m interested to see if the networks recognize (certify) the HCE card emulation application, as of 3 months ago it was still not certified. My belief is that they certify as part of tokenization scheme acceptance. This is a funny side story in itself. Most would ask how Google Wallet could run a non-certified card emulation app. Remember that the ONLY card being emulated was a Google owned mastercard debit.. just a brilliant work around. Note that in ApplePlay, Apple operates as a tier 1 token requestor in the current ApplePay model, and V/MA/Amex are tier 2 token requestors (see this excellent blog by SimplyTapp). In the Google model Visa and Mastercard will act as both Tier 1 and Tier 2 token requestors.

Big Losers? Samsung. OUCH!! No wonder they had to buy loop. Their new wallet strategy was to have a DUAL NFC/LOOP wallet. Google just got all the SE keys for the Samsung Phones. This means that Samsung’s wallet will only work on new phones.. a rather rough place to start.  Paypal.. with the birth of a new CNP scheme this summer driving ApplePay and Google Wallet beyond Apps to mCom checkout.. Paypal has no future in Mobile…  Except in emerging markets.

More to come.. but wanted to get this out today.