Visa, Nokia Turn Phones into Wallets
Credit card company, mobile phone giant create system allowing consumers to pay for goods with their phones.
January 9, 2007
Visa, the world's biggest credit card payment system, has launched a global system to turn mobile phones into wallets for millions of customers in a deal with the world's top handset producer, Nokia.
Users can pay for groceries and other purchases by swiping a phone over a reader that electronically communicates with a microchip on the phone. Phone owners confirm the purchase with the push of a button and the deal is complete.
The platform is the result of many years of trials around the world and will enable mobile contactless payments, remote payments, person-to-person payments, and mobile coupons.
Consumers will also be able manage their payment accounts and funds from their mobile devices, Visa said in a statement issued at the Consumer Electronics Show here. IBM has also helped to create the mobile payment system.
Visa will use global technology standards which have been selected and developed over the past few years by groups such as the Mobile Payment Forum from the world's major credit card companies, telecoms operators, chip makers and handset vendors.
The wireless standard that will link mobile phones with payment systems in stores and elsewhere will be the Near Field Communication (NFC) chip, which will be hidden under the phone cover and makes contact when swiped over a reader.
This NFC technology, developed by former Philips chip unit NXP and Sony, is already widely used in public transport access cards.
Visa said its cards and payment systems currently generate more than $4 trillion in sales volume worldwide. On October 11, Visa announced plans to restructure its global operations and create a new publicly traded company called Visa.
The initial version of the mobile payment platform launched on Monday offers contactless mobile payment, personalization over mobile telephony networks, coupons and direct marketing.
Subsequent versions of the platform, to be made available later in the year, will include remote payment—also using mobile telephony networks—and person-to-person payment.
"This tiered launch approach enables Visa issuers and mobile industry partners to take advantage of near-term opportunities in specific markets and consumer segments now," Visa said.
Until now, mobile payment systems have been restricted to trials, and most test only one or a few services.
In October, Japan's leading credit card company, JCB Co., started Europe's first mobile phone credit payment trial with Nokia and Dutch telecoms operator KPN in seven stores in the Netherlands and among 100 card holders.
Other mobile phone payment trials in Germany and Finland enabled consumers to pay for public transport.
With Contactless, It’s Faster Payments That Draw Retailers the Most
(January 9, 2007)
The primary reason contactless payments are gaining favor with merchants has to do with speedier transactions and other point-of-sale efficiencies, while retailers installing or planning to install the technology show little concern about its security, according to a recent survey of retail companies. Some 58% of 160 respondents to the survey, which covered North America and Europe, said they plan to implement contactless payment within the next two years, while 30% have already done so. Of the 58%, those planning to install within a year accounted for 28 percentage points; within one to two years, 30. Retailers in Canada and the U.S. provided 54% of the responses.
As it turns out, though merchants generally are concerned about transaction costs and recognize contactless payments offer no direct benefit with respect to card-acceptance rates, they are drawn to the technology because it promises to speed up tender times and hike in-lane throughput, according to Sahir Anand, retail research analyst at Aberdeen Group Inc., a Boston-based research firm. Anand conducted the survey and analyzed its results.
So far, neither Visa USA nor MasterCard Worldwide has offered interchange incentives specifically targeted at contactless payments, so a contactless transaction costs merchants the same as if a card had been swiped. “The bulk of the respondents say the card associations are not offering anything remotely substantial, but cutting down on manual processing at the point of sale is substantial,” says Anand. This is especially true for cash-intensive businesses, he says, where contactless can replace bills and coins. “There’s less money handling and other input efficiencies, so there’s a hidden cost there that can be saved,” he says.
Indeed, among factors prompting merchants to adopt contactless, improved transaction volume and competitive differentiation rate highest, the survey shows. Meanwhile, the factors considered most important to achieving a return on investment in contactless, according to the survey, are process efficiency, transaction time, and customer satisfaction. The last two factors generated responses exceeding 60% overall. “They’re looking at how streamlined their lane experience is as a result of contactless,” says Anand. Studies by Visa, MasterCard, and American Express Co. have documented substantial reductions in average tender time for contactless transactions when compared with cash and conventional cards.
At the same time, merchants seem largely unconcerned about the security of contactless payments, which rely on radio waves to transmit card-account information to a POS device. Though recent reports have indicated heightened risk surrounding the security of payment data in contactless transactions—reports the card networks have rebutted—nearly three-quarters of respondents who had installed or are considering adopting contactless technology said they don’t view security as a “major factor in their planning or implementation strategy,” says an Aberdeen report. Indeed, 80% don’t see security “implications” as a reason not to consider contactless, the report says.
This result surprised Anand. “I was quite shocked,” he says. “It’s a valid issue.” He attributes it to retailers’ tendency to “absolve themselves” of liability for fraud losses related to cards, as well as to general confidence in security measures, including unique transaction codes and cryptographically protected transaction messages, that the card networks have introduced.
But, for all its progress so far, contactless does face significant concerns among merchants, according to the survey. Anand says these include the cost of transceivers, the devices that read the radio transmissions at the point of sale, and slow adoption among consumers. Merchants are concerned about whether the contactless “message is getting across to the average consumer,” says Anand. “A movie-theater chain said a lot of times a clerk has to suggest the use of contactless rather than it being impromptu.”
Apacs responds to chip and Pin scare
The Association for Payment Clearing Services (Apacs) has responded to claims of a vulnerability in the supposedly watertight chip and Pin system.
Researchers at Cambridge University claimed last week that a flaw in the system could lead to consumers being duped by fake machines.
Steven Murdoch and Saar Drimer said that most discussions over the security of chip and Pin have focused on the tamper-resistance of terminals.
But this only ensures that the terminal will no longer be able to communicate with the bank once it has been opened.
This does not prevent anyone replacing most of the terminal's hardware and presenting it to customers as legitimate, so freely collecting card details and Pins.
The researchers took the chassis of a genuine terminal and replaced much of the internal electronics, taking control of the screen, keypad and card-reader.
To demonstrate the technique they uploaded a video of the terminal playing Tetris to YouTube.
Apacs, the payments organisation representing high street banks, said: " People could, in theory, use this to steal account details from cards. Our experts are in discussion with the manufacturers of terminals to see what can be done.
"However, we would say that this has only been seen in a laboratory so far. People would not be able to create counterfeit chip and Pin cards, but they could use this information abroad to make purchases."
VERY GOOD REVIEW OF 2006 BY GLENBROOK.
Driving in Sri Lanka gets smarter
02 January 2007
Sri Lanka’s Department of Motor Traffic (DMT) is to introduce a new driving licence system using smart card and biometric technologies later this year.
The project will be rolled out by biometrics firm Face Technologies, which has formed a joint venture to handle the project with Austria Card as the technology partner and Metropolitan Group as its local partner.
The DMT will additionally implement a driving licence management system to streamline the personalisation, production and issuance of the new credentials. Each applicant’s photograph, digital signature and fingerprints will be captured when the application is submitted. The licence will then be processed, personalised and posted to the applicant within two weeks. The DMT also plans to introduce a priority same-day-delivery service.
The new smart card-format driving licence will include a microchip containing driver information such as digital photograph, fingerprint and digital signature. It could also contain additional emergency information, including the driver’s blood group and medical information. The card will use security printing features such as laser engraving, optically variable ink, holograms, guilloches and micro printing.
The entire project is being implemented on a build, operate and transfer basis. The supply contract includes all application software, computer infrastructure, servers, networking and work stations, as well as support and maintenance and operational services for seven years.
The driving license could also be extended to include integration with the country’s national ID card and the ePassport, as is being planned in other countries.
Tale of technologies
(Dec 30, 2006)
What: The black magnetic stripe on the back of your card that holds your banking information.
How it works: You swipe your card and punch in your pin number. The information is then sent back to your bank, which verifies a match and allows you to take out money.
How to crack it: Some fraudsters work with clerks, who swipe a customer's card twice -- once in the debit machine, and the second in an illegal, and likely hidden, card reader. Others sneak an inconspicuous card reader on top of an existing pinpad, which gathers information from the magnetic stripe without anyone noticing.
Skimmers also need the corresponding pin number, which they get from hidden video cameras.
What: A tiny computer with an operating system and software, just like your personal computer or laptop.
How it works: The chip "communicates" with the terminal, running through a host of security checks before sending the information to your bank, explains Kirkland Morris, assistant vice-president of strategic policy and programs for the Interac Association.
"It's embedded with cryptographic keys," he said. "It is very much like inserting a physical key into a lock and opening it, and it takes the right key to open the lock."