Monthly Archives: December 2013

Mobile platform security is key for mobile payments providers

I was at one of many Christmas parties and conversation topics, of course, covered “where will you be for Christmas” and “are you done with your shopping.”  Almost everyone was done with their shopping, but the big follow up question was “Well, did you end up shopping at Target?” There were a handful of people at this gathering that did shop at Target over the ill-fated shopping period.

The conversation very quickly involved everyone around the buffet table and included comments like, “I can’t believe hackers actually were able to break into a huge chain like Target” and “your credit card information is not safe anywhere!” Clearly EVERYONE at this party will be checking their credit card statements very closely in January!

However, one comment made really grabbed me. “If my credit card can be swiped by hackers at Target, I’m sure as hell not going to want to use my phone to pay for stuff.”  Obviously this exclamation sparked another round of fervent debate and discourse. A few well-known coffee and pastry shops in the area were called out in conversation as using new mobile payments technologies and were “flagged” as potential places to monitor for card fraud.

The implications of the Target data breach on the mobile payments vertical are HUGE.  There are serious challenges that must be addressed both on the consumer and business side of the equation for the many emerging mobile payments technology providers.

First of all, consumers have the perception that it’s no longer safe to use even debit or credit cards at physical retail stores.  According to one account of the Target breach, a security analyst at a major bank was made aware that cybercriminals were planning to sell online a new stock of stolen credit/debit cards.  The analyst bought the stolen card numbers of his/her bank customers using Bitcoin.  Presumably, these transactions lead to the discovery that these card numbers were stolen from Target.

One could easily make the assumption that Target was not even aware of the breach until the bank analyst made these card number purchases from the cybercriminals. Yikes! This lack of awareness of the problem scares me deeply at the consumer level.  Would Square be able to quickly inform a merchant that consumer’s payment data has been swiped and is being sold by cybercriminals? Could Square inform users that their data was stolen?

Secondly, business and IT executives at Target and all major retailers are wondering how and why the Target payments system was hacked.  Obviously, there are fast and furious internal investigations within Target as their legal and technical teams prepare for a barrage of lawsuits coming their way from banks and consumers.  These Target executives will be pounding on the doors of their payment system providers and their 3rd party vendors as well.

The discovery phase of these lawsuits will get UGLY FAST.  Moving forward post breach, all physical and online retail payment platform providers will be evaluated with much greater scrutiny with a focus on platform security, ability to detect a data breach and processes to quickly inform users that data has been compromised.

Emerging payment providers such as Square, Dwolla and PayPal need to address these implications head-on to address consumer and business needs in a post Target data breach world.

Platform security is now a big focus.  Yes, each provider does have website messaging that talks to how secure their platform is.  However, security requirements and technology must be increased especially as the payments platforms are being sold into individual SMBs and at the enterprise level that use multiple mobile devices to process transactions.

Mobile payment providers can quickly equip themselves with cutting edge mobile platform security technology through strategic partnerships.  Industry leaders include MobileIron, Good Technology, or AirWatch.  For example, by partnering with MobileIron, Square can provide a layer of mobile platform security to their SMB customers who use the payment platform across multiple mobile devices (payment terminals).

Addressing the mobile platform security needs will help address consumer concerns as well that their payment data and money are safe at the payment platform level. Square, Dwolla and PayPal must educate consumers on WHY their payment data and money are safe.  Providers must clearly explain what happens if a Square account is hacked and the PIN number and cash balance is stolen.  Can these providers stand behind a guarantee that transactions are safe?  Can they back up consumers’ cash balances if the money is stolen?  These are all key concerns that must be addressed for consumers to feel safe in using mobile payments technology to pay for items at physical retail.

Personally, I keep a very low balance in my mobile PayPal account that is connected to a low balance bank account.  Why?  I still don’t trust that the receiving terminal is that secure and nefarious code could somehow steal my account numbers and distribute across the world…all through an unsecured wireless connection at the SMB’s business location.  Maybe I’m just paranoid and uneducated.


Square is proving to be a valuable alternative payment solution for small businesses

This past weekend I had a great conversation with a friend of mine about wine, politics, classic cars and payment technology.  As the song goes, “these are a few of my favorite things.”  My friend, Mick, is an auto mechanic based out of Monterey, CA who focuses primarily on British and other European import cars.  When I say British, I mean early 1970 Mini Coopers before BMW started importing the more stylized versions with nifty customized paint jobs and stripes. He’s a British car enthusiast’s enthusiast…with the accent and Rolling Stones t-shirt to boot.

Mick is a savvy business guy and has A LOT to say about small business banking, lending, payments processing and taxation.  After a few mimosas the conversation gets very lively as you can well imagine.

I learned that Mick currently uses the payment processing tools, software and equipment provided by his business bank, Rabobank.  The bank makes it easy for his business to use their credit card processing machines through favorable card processing fees, equipment leasing options and bundled low interest loans and credit cards.   Rabobank typically charges him 2 ½% – 3% on processing fees for Visa and MasterCard transactions only.  The bank also has account managers available to help with any problems in the payments processed…and are constantly trying to cross sell him into other bank products.

Last month Mick started to explore alternative payment processing options out of frustration with the Rabo solution.  Rabobank processes payments only in his shop using Rabo supplied machines.  Unfortunately, his checking account does not receive the payment until 3-5 business days after the credit card transaction is made.  These machines are a bit clunky and keep him tied to his shop which is a problem for he deals with many customers at other garages. The solution also does not connect to his inventory management solution so he has to track each sale separately on his supplier order forms.

A friend suggested that he look into Square.  His eyes got wider as he described all the great features Square has to offer through a FREE downloadable app and simple card reader connected to his iPad. Yes, the wide eyes could have been due to the mimosas, but his excitement was palpable.

“Through Square I can now load and access all of my parts inventory and process orders from anywhere.  I met a guy at a coffee shop last week and he ordered several Jaguar parts from me.  I punched in the order on my iPad, ran his credit card and emailed him the receipt. I gave him the parts and it was done.  Amazing.”

Mick was also excited about the 2.75% transaction fee, no equipment rentals and the ability to access Visa, Mastercard, Discover and AMEX.  The excitement around the mix of credit cards surprised me.  However, his clients are typically high-end car collectors.  AMEX is this customer segment’s card of choice….which is a point of differentiation for Mick’s shop compared to others in the Monterey and Carmel area.  Another benefit to Square is the ability to receive the payment deposit the next business day.  For Mick, and for any small business owner, this is HUGE to support the cash flow of his business.

The missing link is for Square transactions to integrate with a QuickBooks account.  Right now he has to export the Square transactions as a .csv file and then import into QuickBooks.  “It’s a bloody pain in the ass,” he says.  However, in time I’m sure Intuit will build out the API for easy automatic imports.

So how should Rabobank, and other small business lenders, feel about Mick’s Square epiphany?  Clearly, the Square solution is a formidable threat to Rabo’s business banking division.  Banks feed on a steady revenue stream from the services and relationships they support from their small business banking business. Banks need to pay close attention to how small business clients are responding to the Square solution and either adjust their payments business/product or consider a strategic partnership with this (and other) innovator.


PayPal must provide consumer incentives for repeat use of payment app

As I walked through the Financial District in San Francisco last week I came across one of the oldest forms of marketing  promoting the newest way to pay for something; a sandwich board offering $5 off for customers who pay using PayPal.

Image

I did a double take when I saw the PayPal logo for most restaurants promote their relationships with Yelp, Foursquare or OpenTable…let alone promote the use of a mobile payment tool.   I’ve seen very minimal payment tool promotion beyond what Peet’s is doing to promote their relationship with Google Wallet.  As we all know, Google Wallet has gained little traction.

I ducked into the restaurant, Bamboo Asia, to get the special offer that required me to pay with the PayPal mobile app to receive $5 off my purchase.  I ordered a Bhangra Bowl and a tea.  I opened the app on my phone, paid and received the discount.  Cool.  It was easy.

Image

Clearly Bamboo Asia is part of PayPal’s merchant payments pilot program and has been provided incentives to generate consumer awareness and drive app downloads. PayPal has an up-hill battle here for there are other payment solutions, such as Square and Dwolla, who are competing for awareness and consumer wallet adoption as well.

The $5 off purchase offer may help PayPal increase trial, but it falls down at driving repeat use.  This week I went back to Bamboo Asia and used the PayPal app to pay.  The restaurant manager said, “Oh, the discount is one time only.” “No worries…I still want to pay using PayPal,” I replied.  The manager looked at me like I had a booger hanging from my nose. “Why would you want to use the app again without the discount?”  That statement points out the importance of not only increasing adoption, but also providing reasons why consumers should continue paying with the mobile wallet.

Unfortunately this store manager was only focused on the immediate discount offer and didn’t really see a benefit if his customer base continued to pay with PayPal.  Bamboo Asia customers were also not provided a reason to pay with PayPal either.  This should be concerning for PayPal for two reasons.  First of all, the merchant will see a spike in sales for the short term, but will not see a continual lift from repeat customers.  In this case, consumers downloaded the app just to get the discount. The merchant may wonder why he participated if none of the PayPal app users become repeat customers.  Secondly, PayPal is driving downloads, but not demonstrating to customers the value in continuing to pay with PayPal…which leaves the consumer mind share WIDE open for a competitor to tell consumers WHY they should pay with a mobile payments tool.

What do PayPal and the merchant need to do as a follow up to the “download the app” discount program?  Offer incentives for consumers to continue to pay with PayPal.  Maybe Bamboo Asia offers special deep discount offers to users who use the app to pay 10 times?  Or, maybe PayPal creates a consumer loyalty program that offers points every time a consumer uses the app to pay for anything at a restaurant? OpenTable followed a similar strategy by rewarding their customer base with 100 points for each reservation made through their service. I believe the customer is sent a check or discount coupon from OpenTable to spend at a restaurant of their choosing.

Given how crowded the mobile wallet space has become, it’s clear that consumers need an incentive to adopt a solution. PayPal has the right brand awareness in the B2C and B2B space.  The big question is how PayPal can make it easy for merchants to use their mobile payment tools. A second factor to success will hinge on what co-op marketing programs PayPal can build out with merchants to provide incentives for consumers to pay with PayPal.  PayPal, the field is wide open now.  You’d better act fast or the teams at Square and Dwolla will get there first!


%d bloggers like this: