Sunday, March 31, 2013

The End Of Cash

The End Of Cash
(By Deirdre van Dyk, Time Magazine, Jan. 09, 2012)

Walk into a store, submit your shopping list, and a map directs you to the peanut-butter-brittle ice cream you crave. When you get to the front of the line, just bump your phone on the reader and you also get a discount via an e-coupon you've downloaded. Or scan pictures of the lasagna, salad and French bread you want for dinner from a Safeway ad as you wait for the train and pick up the bag on your way home. This is the year the surging popularity of the mobile wallet--a smart phone that also acts as credit card, checkbook and shop-bot--will radically shift shopping habits. It's the biggest thing in retail since the credit card got us talking about a cashless economy. The driving force is communication: cash can't communicate, but phones can. Your alarm clock, radio, camera, landline and GPS, even your laptop, have already been displaced by your phone. Why not the $69 and four credit cards the average American carries? "Everything eventually migrates to the cell phone," says Scott Ellison, an analyst with IDC who tracks the mobile industry. "And when it moves, people tend to do a lot more of it."

Tammy Lam, 26, a p.r. executive in San Francisco, uses her T-Mobile HTC myTouch phone to pay for just about everything. "I ordered dinner from my local Thai on GrubHub while sitting on the bus on the way home from work last night. I bought all my Christmas presents on my phone. When friends and I are out, we use Groupon to buy a meal," says Lam, who uses her phone instead of her computer for shopping even when she's at home. And she prefers it to cards or bills when she's out. "I hate cash," says Lam. Lam is an early adopter, but there are enough people like her to set off a mobile-wallet war that will escalate this year, converting billions of dollars' worth of transactions to cashless in the $4 trillion retail economy.

Google, the company that changed online search, just launched Google Wallet in partnership with Citibank, MasterCard and Sprint's Nexus S 4G phone. PayPal, the company that solved secure online payment, will announce 20 partnerships this year designed to allow you to order ahead, self-check-out in stores and simply use your phone number and a PIN to pay for purchases. Isis--a Verizon, AT&T and T-Mobile wallet with Visa, AmEx, Discover and MasterCard partnerships--launches midyear in Salt Lake City and Austin. Visa's own virtual wallet, V.Me, is also on deck. "Anything with an on switch could be a payment device," says Anuj Nayar, PayPal's communications director. And of course, everyone anticipates a move by Apple, whose stores are already processing sales through iPhones. Apple will announce a wallet this year, predicts Mark Beccue, a mobile analyst with ABI Research. "They have such a loyal following, and they're so vertically integrated--they'll help move everything forward."

Mobile wallets work in different ways. Google and Isis rely on NFC, or near-field communication. Basically, this means the phone and the sales terminal talk to each other. The Subway sandwich chain is installing NFC in about 7,400 of its 25,000 locations; 219 Macy's and Bloomingdale's stores have it up and running; Jamba Juice, OfficeMax, Coke vending machines, even New Jersey Transit trains are set up to take payments with a tap of your phone. Some of the more fantastic aspects of these schemes--like tapping a sign at Home Depot that automatically calls a service rep--require stores to be fitted with NFC equipment throughout, something that hasn't quite happened yet. But the pattern is set. "Consumers expect to use one click to buy just about anything," says Osama Bedier, vice president of payments at Google. "There are no checkout lines online."

Mobile wallets can also be your shop-bot, sniffing out exclusive offers--say, $2 off oatmeal at Jamba Juice as you walk by. Not hungry? Save the coupon to the wallet, which will automatically activate it when you buy your next oatmeal. "Twenty years ago, we had zero need for digital payments," says Bedier. "But today you can't buy a song or a game or an app without them. Increasingly, it will be hard to get a lot of experiences on offer with just cash." There's something ironic about getting your money's worth only if you're not actually using money.

PayPal, with its 103 million account holders and 9 million merchants, is betting on the cloud: store your information and access it from any computer or phone. It has been buying up companies, at least a dozen in the past year, that specialize in bar code readers, inventory tracking or offering location-based deals. And PayPal is working with retailers to put it all together in apps. Like Google, PayPal is building in loyalty cards and coupons and trying to wrap up other capabilities--like skip-the-line checkout at coffee shops, grocery stores and home-improvement centers--before NFC is built in. "There is nothing you can imagine that isn't happening," says Scott Thompson, president of PayPal.

The goal is to reduce friction in retail. To solve the lunch-hour crunch at Pizza Express restaurants in London, for instance, PayPal created an app that allows customers to enter the number from their bill into their phone and then pay without waiting for a server to run a credit card. The potential glitch? If your cell service or wi-fi goes out, so does your ability to pay. Starbucks' app, which has been used 26 million times, allows customers to tap their phone to pay for their triple-venti lattes; mobile payments hit 6 million in a recent nine-week stretch. LevelUp users get their own QR codes they can scan at 1,000 retailers to pay for coffee or pizza. Shop Savvy, a price-comparison tool, has added a buy button. AisleBuyer is a line buster, allowing you to do scan-and-buy self-checkout.

Certainly consumers seem ready to ditch paper and plastic. Every day, apps are launched that accommodate person-to-person transactions, giving you the ability to pony up your share of the rent as well as the ability to skip the checkout line. And 32 million banking customers are managing their money very comfortably on cell phones. Chase alone moves $3 billion a year on mobiles with an app that allows you to deposit to checking via a cell-phone photograph or pay friends for your share of the moo-shu pork by phone transfer. PNC Bank's app allows you to move money from one account to another by sliding your finger along a bar. The future of mobile transactions has already arrived--in Africa. In a market with few banks and even fewer ATMs but with a cell-phone network that makes the U.S.'s laughable by comparison, mobile banking is the standard. In Kenya, 18 million M-Pesa users now move 20% of the country's GDP via simple text messages. Pretty impressive for a program that started in 2007.

This Christmas season is a window on the mobile wallet's development. Salvation Army Santas used mobile phones to take payments, there were 500% daily jumps in mobile sales on PayPal, and customers pulled out their cell phones to check reviews and compare prices in stores in never-before-seen numbers. Amazon even offered $5 off to customers who scanned a bar code in a store--so Amazon could offer a lower price on the same item. This "scan and scram" behavior infuriates brick-and-mortar retailers, who fear they are simply being used as a showroom for online retailers. They may be right--but consumers now have a price-discovery tool that gives them more power, and they aren't going to give it up.

Our comfort and routine with cash and credit cards have been barriers of a sort. But mobile payment could jump the fence and move faster than anyone expects. When Haiti was hit by an earthquake in 2010, the Red Cross raised $32 million, $10 at a time, via text. Ultimately, mobile payments made up 7% of the money raised for Haiti. "We call it the game changer," says Roger Lowe, the charity's spokesperson. "If they say people aren't already using their phone for payments, I have 32 million reasons to believe they are." Mobile-payment platforms could power social movements too. WePay, an online-payment system that helped the Occupy movement raise $680,000, will launch mobile capabilities in the summer.

The mobile wallet, predicted to be worth $12.5 billion this year according to ABI Research, is about not just the Minority Report--style cool-retail factor but also practical things like ... money. "The consumer will save money, in part through deals that are based on past purchases, not just random offers. And they'll get better financial control," says McKinsey's Philip Bruno. But on an everyday level, the mobile wallet's big promise may lie in the little problems it can solve. "If it's a busy lunchtime and I can preorder and prepay at Chipotle, skipping that long line," says Charles Wilson, who helps companies with social-media strategies, "then it's a godsend." Or as Ed McLaughlin, head of emerging payments at MasterCard, says, cash will never go away but will only become less useful. "Cash is going to be like the postage stamp. If you aren't used to using it, it won't make a whole lot of sense why one would.",9171,2103289,00.html

The Most Dangerous Thing In Your Wallet
(By Bill Saporito, Time, Feb. 10, 2014)

A thin magnetic stripe is all that stands between your credit-card information and the bad guys. And they've been working hard to break in. That's why 2014 is shaping up as a major showdown: banks, law enforcement and technology companies are all trying to thwart a network of hackers who are succeeding in swiping account numbers, names, email addresses and other crucial data used in identity theft. More than 100 million accounts at Target, Neiman Marcus and Michaels stores were affected in some way during the most recent attacks, starting last November.  Swipe is the operative word: cards are increasingly vulnerable to attacks when you make purchases in a store. In several recent incidents, hackers have been able to scoop up massive troves of credit-, debit- or prepaid-card numbers using malware inserted surreptitiously into the retailers' point-of-sale system--the checkout registers. Hackers then sold the data to a second group of criminals operating in shadowy corners of the web. Not long after, the stolen data was showing up on counterfeit cards and being used for online purchases.

The solution could cost as little as $2 extra for every piece of plastic issued. The fix is a security technology used heavily outside the U.S. While American credit cards use the 40-year-old magstripe technology to process transactions, much of the rest of the world uses smarter cards with a technology called EMV (short for Europay, MasterCard, Visa) that employs a chip embedded in the card plus a customer PIN to authenticate every transaction on the spot. If a purchaser fails to punch in the correct PIN at the checkout, the transaction gets rejected. (Online purchases can be made by setting up a separate transaction code.)
Why haven't big banks adopted the more secure technology? When it comes to mailing out new credit cards, it's all about relative costs, says David Robertson, who runs the Nilson Report, an industry newsletter: "The cost of the card, putting the sticker on it, coding the account number and expiration date, embossing it, the little mailer--fully loaded, you are in the dollar range." A chip-and-PIN card currently costs closer to $3, says Robertson, because of the price of chips. (Once large issuers convert en masse, the chip costs should drop.)  Multiply $3 by the more than 5 billion magstripe credit and prepaid cards in circulation in the U.S. Then consider that there's an estimated $12.4 billion in card fraud on a global basis, says Robertson. With 44% of that in the U.S., American credit-card fraud amounts to about $5.5 billion annually. Card issuers have so far calculated that absorbing the liability for even big hacks like the Target one is still cheaper than replacing all that plastic.

That leaves American retailers pretty much alone the world over in relying on magstripe technology to charge purchases--and leaves consumers vulnerable. Each magstripe has three tracks of information, explains payments-security expert Jeremy Gumbley, the chief technology officer of CreditCall, an electronic-payments company. The first and third are used by the bank or card issuer. Your vital account information lives on the second track, which hackers try to capture. "Malware is scanning through the memory in real time and looking for data," he says. "It creates a text file that gets siphoned off."
Chip-and-PIN cards, by contrast, make counterfeits or skimming impossible because the information that gets scanned is encrypted. The historical reason the U.S. has stuck with magstripe, ironically enough, is once superior technology. Our cheap, ultra-reliable wired networks made credit-card authentication over the phone frictionless. In France, card companies created EMV in part because the telephone monopoly was so maddeningly inefficient and expensive. The workaround allowed transactions to be verified locally and securely.  Some big banks, like Wells Fargo, are now offering to convert your magstripe card to a chip-and-PIN model. (It's actually a hybrid that will still have a magstripe, since most U.S. merchants don't have EMV terminals.) Should you take them up on it? If you travel internationally, the answer is yes.  Keep in mind, too, that credit cards typically have better liability protection than debit cards. If someone uses your credit card fraudulently, it's the issuer or merchant, not you, that takes the hit. Debit cards have different liability limits depending on the bank and the events surrounding any fraud. "If it's available, the logical thing is to get a chip-and-PIN card from your bank," says Eric Adamowsky, a co-founder of "I would use credit cards over debit cards because of liability issues." Cash still works pretty well too.

Retailers and banks stand to benefit from the lower fraud levels of chip-and-PIN cards but have been reluctant for years to invest in the new infrastructure needed for the technology, especially if consumers don't have access to it. It's a chicken-and-egg problem: no one wants to spend the money on upgraded point-of-sale systems that can read the chip cards if shoppers aren't carrying them--yet there's little point in consumers' carrying the fancy plastic if stores aren't equipped to use them. (An earlier effort by Target to move to chip and PIN never gained traction.) According to Gumbley, there's a "you-first mentality. The logjam has to be broken."  JPMorgan Chase CEO Jamie Dimon recently made overtures to do so, noting that banks and merchants have spent the past decade suing each other over interchange fees--the percentage of the transaction price they keep--rather than deal with the growing hacking problem. Chase offers a chip-enabled card under its own brand and several others for travel-related companies such as British Airways and Ritz-Carlton.
The Target and Neiman hacks have also changed the cost calculus: although retailers have balked at spending the $6.75 billion that Capgemini consultants estimate it will take to convert all their registers to be chip-and-PIN-compatible, the potential liability they now face is exponentially greater. Target has been hit with class actions from hacked consumers. "It's the ultimate nightmare," a retail executive from a well-known chain admitted to TIME.

The card-payment companies MasterCard and Visa are pushing hard for change. The two firms have warned all parties in the transaction chain--merchant, network, bank--that if they don't become EMV-compliant by October 2015, the party that is least compliant will bear the fraud risk.  In the meantime, app-equipped smartphones and digital wallets--all of which can use EMV technology--are beginning to make inroads on cards and cash. PayPal, for instance, is testing an app that lets you use your mobile phone to pay on the fly at local merchants--without surrendering any card info to them. And further down the road is biometric authentication, which could be encrypted with, say, a fingerprint.
Credit and debit cards, though, are going to be with us for the foreseeable future, and so are hackers, if we stick with magstripe technology. "It seems crazy to me," says Gumbley, who is English, "that a cutting-edge-technology country is depending on a 40-year-old technology." That's why it may be up to consumers to move the needle on chip and PIN. Says Robertson: "When you get the consumer into a position of worry and inconvenience, that's where the rubber hits the road."


No comments:

Post a Comment