After a time the news continues to show steady growth of the
smart card deployment. New projects pop up everywhere with Transit,
Government, Telecommunications, Payments and Mobile constituting the key
buying groups. Mobile payments remain a dream in the USA while
contactless is catching on everywhere. The struggle between Telco and
Financial Services continue unabated as they continue to position their
products as not yet being commodities. Time, distance, security,
transaction processing and bytes represent the variables in everyone's
revenue calculations. The holy grail is the interest and fee income
that can be charged the cardholder and the merchant. The dilemma is
that the complex interchange formulas cannot be proven to simply support the
systems processing, fraud and cost of carry built into the original
definition of interchange. They are now also incentives to help fund
commercial cards, rewards programs and an assortment of other cardholder
PIN based debit continues to becoming common place and cheques continue to decline in harmony with the growth of PayPal, ACH processes, bank settlement procedures and proliferation of phones. Most recognise that the issue is making sure everyone agrees to a coherent approach to identify and message authenticity. The rest is about politics and carving up the market.
Is the Global migration to EMV is going at a pace that is comfortable to all stakeholders? The magnetic stripe is a problem for our friends who have issued smart cards. They may just have to shut down the ability to use cards as magnetic stripe to close that backdoor.
Everyone who needs to be involved in pushing the trigger is mindful of the future risk of attacks on today's card and PIN based solutions. Fraud fraud remains the trigger for community action.
It would be good if everyone: processors and switch providers in particular, were to commit to upgrade their gateway interfaces to support the various associations implementations of transaction level EMV support as part of the 2009 compliance upgrade. As equipment is replaced it should at least be PCI-PED offline and on-line compliant, EMV certified and ready to take the domestic customisations through terminal and key downloads and merchant inputs.
These same parties will be able to commit to growing the terminal base and develop the EMV device drivers based on available resources and market demand.
On the Mobile Banking front the issue is how to support. Do the Banks simply build web sites capable of being displayed on the primitive cell phone browsers and the more elegant smart phones using account and password verification.
Or, is it an applet that must be resident in the phone, exploiting all the capabilities of these extremely powerful appliances we know will continue to emerge as we reap the power of the web or as some now want to call it the cloud.
Using the mobile phone as the "Something I have" element of security solution we can create binding identity bond by uniform principles to assure interoperability.
Yes we have to deal with a bit of the detail in how all these GSM, NFC, EMV, ICAO, PIV, PCI enabled components are going to talk to each other. Remember we are talking about our phone, car, house, computer, music, documents, media working together in harmony while also dematerializing this thing we call a card or a relationship between a person cardholder and a merchant, peer, door, ... .
Being able to become comfortably, through this combination of your phone, with your secure chip inside, and it representing us digitally in all relationships. In a next generation of these phones we will have the ability to secure with a biometric. Your smile can be the biometric. Today we will settle for a user selected PIN or Password.
Clearly if NSTIC can come to pass, there is an excellent opportunity to link the phone to our identity in cyber space.
What transactions should be served is all those now available on the Corporations Internet portal, through point of sale devices, what ever else can be served throught he screen on a phone, tablet, laptop ...
Properly serving contactless, <200 mille second transactions and taking more low value transactions, represent the next milestone. Paypass and its competitors imitators have not yet proven that they are secure enough or can be properly priced to be cost effective. Let us not forget the idea of a purse or value store inside a Smart Card with Mondex being an interesting solution that can say it was successfully achieved. These solutions could once again emerge as chips and terminals appear.
Central repositories work in a fashion but do not create the ubiquity of an electronic cash replacement oriented solution.
If I look back at 03/17/2012 13:48:01 -0400 on what these articles where saying and you had asked me when will the USA move to EMV. I would have said in 2014 the stars will align.
Today we are looking at having the backbone EMV/NFC ready April 2013. Discover, MasterCard and Visa have all agreed on that.
The next question is what is the configuration and requirements for the terminal used by the merchant. First make sure we are clear the only transactions we are talking about today, are those that can be attributed to the card being presented, at the time the agreement to pay is sealed.
We now have Square and PayPal with triangles and squares plugged into your mobile phone. EMV readers are also available they look more like a saddle and one NFC is in the phone that channel can be used.
Tapping two phones together, both connected to the cloud and the imagination soars.
20007 Smart Card News Releases
Articles of Significance:
Interchange fees under scrutiny - Off Site review
Federal Reserve Report on the future of payment systems
Interesting sites arising from discussions with those of you that called after viewing the website.