Monday, March 2, 2009
Once upon a time, cell phones were just phones, novel for being truly mobile (unlike their cordless land-line predecessors) but used like traditional phones in most other respects. Today, they're little hubs of communication, recreation and information into which various technologies, old and new, are consolidating.
"The telephone is not a telephone anymore," said Ted Svoronos, E-Commerce Consultant and Certified Fraud Examiner with Group ISO Inc. "It's a ubiquitous device for multi-use."
The ability to make mobile payments (m-payments) has been part of the mobile phone landscape since the advent of mobile Internet access (and the corollary of online bill pay). Now m-payments appear poised to make the leap to the POS – effectively transforming cell phones into credit cards.
Some observers had expected the technology that enables m-payments to enter the U.S. market some time ago; the phenomenon is already common in Korea and Japan. "Japan is about three years ahead of the rest of the world," said Mohammad Khan, President and founder of ViVOtech Inc., an information technology company specializing in contactless payments.
The Silicon Valley-based ViVOtech, which in December 2008 was awarded a patent for near field communication (NFC)-related software, is helping to lead the charge toward the use of electronic-wallet (e-wallet) technology in the United States. It enables cell phone users to download one or more credit cards (including gift cards and other prepaid cards for things like public transit) onto their phones.
Khan said the company will do a limited product release of its m-payment software in the United States by early 2010; he expects m-payments to be consumers' preferred method of purchase within several years. ViVOtech's first trial will be conducted in India beginning in April 2009.
"By 2012 and 2013, things are coming so [m-payments] will be basically business as usual, with hundreds of millions of NFC phones becoming available," he said.
Khan said ViVOtech's biggest roadblock to introducing its software was convincing the cell phone companies of its merits. "When they started looking at it a year ago, [they asked about] having share of the fee … and with a typical transaction that's not the case," Khan said.
"But mobile operators started looking at various applications they can enable into the mobile phone," he added. "For example, in getting the card downloaded into the phone they can get the money, or get a coupon or promotion downloaded in the phone; they can get the money from the market retailers, or enable a new cardholder on behalf of card issuers; they can get a commission from that as well."
Khan noted that the major cell phone companies, including Sprint Nextel Corp. and AT&T, have since gotten on board, and all the major credit card companies are locked in as well. However, other factors that may have helped stall m-commerce could continue to be impede its deployment even after POS m-payments hit the market.
Svoronos said that, while the first e-wallet was released some years ago, "the reason why it didn't take here was basically people weren't ready. I don't think people truly understand the scope of what m-commerce could be. … A big key part is educating people on the versatility of m-commerce and what it can do."
Svoronos expects m-commerce to continue its growth but believes it might be a little slow to catch on. "It may not be used for a whole lot of things, but a mobile wallet will definitely be handy for day to day," he said. "There are some things you need to do on the fly – these are part of the mobile situation."
Then, of course, there are security concerns, for which ViVOtech has several important measures in place, according to Kahn.
Mobile POS payment security can be divided into two domains. The first involves preventing unauthorized users from making payments with someone else's phone; the second is preventing theft of sensitive data in transit.
Two primary things are in place to authorize credit transactions, Kahn said. The first is a self-authentication process, in which users must relate personal information – like the last four digits of a Social Security number or a mother's maiden name – for cardholders to be able to download payment cards to their phones.
The second is the requirement of a password for access to the e-wallet – a method that Khan said will likely be replaced by fingerprint identification technology within three to five years.
"It will be password-protected, so even if you lose your NFC phone, nobody will have access to your card," he said. "The second thing is if you lose your phone – which is also a lot easier than losing your wallet – you can make one single phone call, and all those cards will be turned off."
To secure data passing through a network, multiple layers of security are in place both to block access to data and ensure that it's encrypted, Kahn said.
There is a "high-security memory chip where it's just not easy to break in, and even if someone hacks into your phone, they would not be able to access your credit card or debit card," he added.
Not everyone is sold on the promise of m-commerce, however. Deane Sellens, Chief Operating Officer and Consultant for TCB Consulting LLC, expressed concern that hackers could have a field day as e-wallets proliferate.
"There are a lot of cell phone hacks, and when I say a lot I mean a lot. … There's a lot that can be done with cell phones, and they're very sexy to these geeks," Sellens said.
Sellens attends a hackers' convention in Las Vegas every year called Defcon (you have to know your enemy, she said) where she's seen firsthand just how menacing and effective computer hackers can be.
The first year Sellens attended, she had "no idea" what she was getting into. "I walked past this guy, and I actually saw all my cell phone data on his screen, where he had pulled every phone number and text message out of my phone within seconds," she said.
Sellens stressed that POS m-commerce has the potential to be a safe and viable method of payment, but cautioned that it "can be good or bad depending on the security features and how they push forward with it."
Regarding the introduction of contactless payments, she said, "I don't think it was thought through all the way," adding that mobile cyberspace has given computer hackers a much more accessible target to prey on.
"How many people carry their laptop into a store?" she said. "I mean, there's Wi-Fi snoopers that go cruising looking for Wi-Fis in hot spots, but at least they have to go look for it. Everybody's got a cell phone in their pocket."
Svoronos pointed out that security is invariably a concern when new technology is implemented. This doesn't mean "the applications of the phone are going to have those issues," he said. "I think it's just one of those issues that needs to be tested a little deeper."
The shift toward an m-payment structure has been slow, but it may also be inexorable. Khan recently returned from the Mobile World Congress in Barcelona, Spain, where ViVOtech showcased its mobile phone payment technology. He said only a handful of people attended the company's presentation in 2008, but this year 2,000 people signed up.
"I think m-commerce generally is a great concept," Svoronos said. "It takes everybody in what is now a very mobile society and gives them more to do on the fly. That's absolutely huge in our day and age."
The Green Sheet Inc. is now a proud affiliate of Bankcard Life, a premier community that provides industry-leading training and resources for payment professionals. Click here for more information.
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.