Tag Archives: mobile

Mobile platform security is key for mobile payments providers

I was at one of many Christmas parties and conversation topics, of course, covered “where will you be for Christmas” and “are you done with your shopping.”  Almost everyone was done with their shopping, but the big follow up question was “Well, did you end up shopping at Target?” There were a handful of people at this gathering that did shop at Target over the ill-fated shopping period.

The conversation very quickly involved everyone around the buffet table and included comments like, “I can’t believe hackers actually were able to break into a huge chain like Target” and “your credit card information is not safe anywhere!” Clearly EVERYONE at this party will be checking their credit card statements very closely in January!

However, one comment made really grabbed me. “If my credit card can be swiped by hackers at Target, I’m sure as hell not going to want to use my phone to pay for stuff.”  Obviously this exclamation sparked another round of fervent debate and discourse. A few well-known coffee and pastry shops in the area were called out in conversation as using new mobile payments technologies and were “flagged” as potential places to monitor for card fraud.

The implications of the Target data breach on the mobile payments vertical are HUGE.  There are serious challenges that must be addressed both on the consumer and business side of the equation for the many emerging mobile payments technology providers.

First of all, consumers have the perception that it’s no longer safe to use even debit or credit cards at physical retail stores.  According to one account of the Target breach, a security analyst at a major bank was made aware that cybercriminals were planning to sell online a new stock of stolen credit/debit cards.  The analyst bought the stolen card numbers of his/her bank customers using Bitcoin.  Presumably, these transactions lead to the discovery that these card numbers were stolen from Target.

One could easily make the assumption that Target was not even aware of the breach until the bank analyst made these card number purchases from the cybercriminals. Yikes! This lack of awareness of the problem scares me deeply at the consumer level.  Would Square be able to quickly inform a merchant that consumer’s payment data has been swiped and is being sold by cybercriminals? Could Square inform users that their data was stolen?

Secondly, business and IT executives at Target and all major retailers are wondering how and why the Target payments system was hacked.  Obviously, there are fast and furious internal investigations within Target as their legal and technical teams prepare for a barrage of lawsuits coming their way from banks and consumers.  These Target executives will be pounding on the doors of their payment system providers and their 3rd party vendors as well.

The discovery phase of these lawsuits will get UGLY FAST.  Moving forward post breach, all physical and online retail payment platform providers will be evaluated with much greater scrutiny with a focus on platform security, ability to detect a data breach and processes to quickly inform users that data has been compromised.

Emerging payment providers such as Square, Dwolla and PayPal need to address these implications head-on to address consumer and business needs in a post Target data breach world.

Platform security is now a big focus.  Yes, each provider does have website messaging that talks to how secure their platform is.  However, security requirements and technology must be increased especially as the payments platforms are being sold into individual SMBs and at the enterprise level that use multiple mobile devices to process transactions.

Mobile payment providers can quickly equip themselves with cutting edge mobile platform security technology through strategic partnerships.  Industry leaders include MobileIron, Good Technology, or AirWatch.  For example, by partnering with MobileIron, Square can provide a layer of mobile platform security to their SMB customers who use the payment platform across multiple mobile devices (payment terminals).

Addressing the mobile platform security needs will help address consumer concerns as well that their payment data and money are safe at the payment platform level. Square, Dwolla and PayPal must educate consumers on WHY their payment data and money are safe.  Providers must clearly explain what happens if a Square account is hacked and the PIN number and cash balance is stolen.  Can these providers stand behind a guarantee that transactions are safe?  Can they back up consumers’ cash balances if the money is stolen?  These are all key concerns that must be addressed for consumers to feel safe in using mobile payments technology to pay for items at physical retail.

Personally, I keep a very low balance in my mobile PayPal account that is connected to a low balance bank account.  Why?  I still don’t trust that the receiving terminal is that secure and nefarious code could somehow steal my account numbers and distribute across the world…all through an unsecured wireless connection at the SMB’s business location.  Maybe I’m just paranoid and uneducated.


Square is proving to be a valuable alternative payment solution for small businesses

This past weekend I had a great conversation with a friend of mine about wine, politics, classic cars and payment technology.  As the song goes, “these are a few of my favorite things.”  My friend, Mick, is an auto mechanic based out of Monterey, CA who focuses primarily on British and other European import cars.  When I say British, I mean early 1970 Mini Coopers before BMW started importing the more stylized versions with nifty customized paint jobs and stripes. He’s a British car enthusiast’s enthusiast…with the accent and Rolling Stones t-shirt to boot.

Mick is a savvy business guy and has A LOT to say about small business banking, lending, payments processing and taxation.  After a few mimosas the conversation gets very lively as you can well imagine.

I learned that Mick currently uses the payment processing tools, software and equipment provided by his business bank, Rabobank.  The bank makes it easy for his business to use their credit card processing machines through favorable card processing fees, equipment leasing options and bundled low interest loans and credit cards.   Rabobank typically charges him 2 ½% – 3% on processing fees for Visa and MasterCard transactions only.  The bank also has account managers available to help with any problems in the payments processed…and are constantly trying to cross sell him into other bank products.

Last month Mick started to explore alternative payment processing options out of frustration with the Rabo solution.  Rabobank processes payments only in his shop using Rabo supplied machines.  Unfortunately, his checking account does not receive the payment until 3-5 business days after the credit card transaction is made.  These machines are a bit clunky and keep him tied to his shop which is a problem for he deals with many customers at other garages. The solution also does not connect to his inventory management solution so he has to track each sale separately on his supplier order forms.

A friend suggested that he look into Square.  His eyes got wider as he described all the great features Square has to offer through a FREE downloadable app and simple card reader connected to his iPad. Yes, the wide eyes could have been due to the mimosas, but his excitement was palpable.

“Through Square I can now load and access all of my parts inventory and process orders from anywhere.  I met a guy at a coffee shop last week and he ordered several Jaguar parts from me.  I punched in the order on my iPad, ran his credit card and emailed him the receipt. I gave him the parts and it was done.  Amazing.”

Mick was also excited about the 2.75% transaction fee, no equipment rentals and the ability to access Visa, Mastercard, Discover and AMEX.  The excitement around the mix of credit cards surprised me.  However, his clients are typically high-end car collectors.  AMEX is this customer segment’s card of choice….which is a point of differentiation for Mick’s shop compared to others in the Monterey and Carmel area.  Another benefit to Square is the ability to receive the payment deposit the next business day.  For Mick, and for any small business owner, this is HUGE to support the cash flow of his business.

The missing link is for Square transactions to integrate with a QuickBooks account.  Right now he has to export the Square transactions as a .csv file and then import into QuickBooks.  “It’s a bloody pain in the ass,” he says.  However, in time I’m sure Intuit will build out the API for easy automatic imports.

So how should Rabobank, and other small business lenders, feel about Mick’s Square epiphany?  Clearly, the Square solution is a formidable threat to Rabo’s business banking division.  Banks feed on a steady revenue stream from the services and relationships they support from their small business banking business. Banks need to pay close attention to how small business clients are responding to the Square solution and either adjust their payments business/product or consider a strategic partnership with this (and other) innovator.


Starbucks missed a golden opportunity to enable mobile payments to increase consumer value

I am a Starbucks loyal customer mostly due to their convenient locations, innovative marketing programs and mobile application.  Yes, as a coffee guy I prefer the flavor of Peet’s, but let’s face it, there are simply more Starbucks locations.  I use the mobile application several times a week, have scheduled auto-reload and have downloaded the free app of the day once in a while.  I also like how Starbucks informed me of The Share Event through the app’s messaging feature.  Well done, Starbucks.  What a great way to keep me connected to you and to increase my lifetime value as a customer.

Given all of this Starbucks love, I was SHOCKED by what happened to me this morning when I bought a small drip (dark roast, by the way) coffee.  I paid using my mobile app and the Starbucks guy handed me this…

starbucks2

“If you buy 5 holiday beverages you get one free.  Carry this with you and collect the stickers…it’s a good deal,” he said.

Wait….what?

Starbucks knows what I buy broken down to the transaction level.  Now I’m required to remember to pull out a wrinkly loyalty card from my wallet after I buy a holiday beverage….even after I paid for this beverage with my mobile app?  In a panic, I opened up my mobile app and checked “Messages” for a note that tells me how to sign up for this program through my phone.  Nothing.  Sigh.

However, this is not the only mobile marketing program fail that occurred this morning. My lovely (and I mean lovely) wife received an email from Starbucks regarding the Holiday Star Dash.  The email requested that she click through the link and enter a 9-digit code on her Starbucks.com account page.  She popped open the mobile app hoping to find an easier way defined in “Messages.”  Nothing. Sigh.

Screen Shot 2013-11-21 at 1.18.18 PM

So why does this upset me so? Well, for one it’s clear that the online marketing and mobile marketing teams are not communicating.  I would imagine that the mobile marketing team is a separate group.  The mobile team should be an integral part of the overall marketing organization to avoid these kinds of consumer experience disconnects.  However, the biggest offense to me is that Starbucks has missed a huge opportunity to demonstrate how mobile can drive engagement and loyalty through incentives.

Several articles have been written about the challenges of driving mobile adoption and engagement…specifically in the mobile payments space.  Imagine if Starbucks focused the “buy 5 holiday beverages” program on the mobile audience by guiding people to pay with their mobile phone?  Or enabled Holiday Star Dash activation through the mobile app?  Engagement and redemption metrics would increase…and the lifetime value of these customers would increase.

By enabling online and mobile app participation, Starbucks will be able to compare the ROI across both channels.  It would not be a stretch of the imagination to guess redemption rates will be higher for mobile and that the life time value of the mobile user would increase with the right incentives. The most interesting metric would be the lifetime value of  users who pay for their Starbucks items using their mobile device. Starbucks has the opportunity to show real leadership in how mobile payments can help drive revenue.


Will the real mobile wallet please stand up? Please stand up.

A recent study by Consult Hyperion found that over 64% of US consumers say that they would never use a mobile wallet.  Additionally, consumers were asked whom they would trust most to issue a mobile wallet.  The most trusted issuers were (in rank order):  banks at 20%, Google at 10%, major retailers at 3% and phone service providers at 2%.

American Consumers Dubious About Mobile Wallets

What intrigued me most was the statement of a Hyperion consultant who was offering an interpretation of the data:

“The study shows that issuers of mobile wallets need to do a better job conveying what mobile wallets really are and what benefits they bring,” says Dave Birch, a spokesperson for Consult Hyperion.

I think more effectively conveying the benefits of a mobile wallet is only a small part of the challenge. Agreed, the definition of a mobile wallet is not clear. Nodding to Eminem, will the real mobile wallet please stand up. Please stand up.

Does a mobile wallet enable P2P payments only?  Or can a user apply a credit card number to make a purchase through the wallet?  To make the definition even more confusing, does the mobile wallet include the myriad of loyalty cards as well?  If so, does Apple’s Passbook qualify as a wallet?  What about the lucky penny I carry in my wallet?  Can this penny, and the luck it has, be transferred to my mobile wallet? The Leprechaun lobby will have something to say about this.  They may be short, but they articulate a very clear point of view.

The biggest challenge facing increasing adoption of mobile wallets is the industry itself and the many different wallet technology providers available.  At this time, the mobile wallet industry is very fragmented and no clear leader has emerged.   There is no widely adopted wallet technology that a consumer can try to ease into this new payment tool.  Until this happens, consumers will be afraid to engage for fear of their financial data being compromised.

A similar problem plagued consumers around the concept of buying a vehicle site unseen through the Internet. I remember a friend who I thought was just insane for buying an Acura MDX off of eBay Motors from a guy in Phoenix.  eBay Motors has done a fantastic job in making the transaction process easy and safe. Now a vehicle sells every 60 seconds.  The mobile wallet vertical needs a leader like eBay to emerge to break ground into mass consumer adoption. Hmmm….maybe PayPal?

Now who will this leader be?  Based on the Hyperion study, it sounds like a bank could emerge as a leader.  From personal experience, I know banks are very slow to innovate…so I don’t think this will happen.  However, I think the provider of a mobile wallet platform that can connect to multiple banks’ online banking backend can emerge as a leader and industry standard setter.   Through the right strategic partnerships this technology provider can drive adoption fast before competitors can make “me too” solutions.

As I side note, I snickered at the Hyperion study data point that 10% of responders said they would trust Google to provide a mobile wallet.  Though small, this percentage I think can be accredited to brand advertising and marketing from Google.  The Google wallet technology is struggling and adoption on the merchant side is very low.  The power of marketing is very present in that statistic.


When can I buy more than coffee with my mobile device?

The concept of making a payment with a smart phone sounds very logical and conversationally appealing. We send text messages, share photos, check-in, buy things online and save travel itineraries with these devices.  So why not use it as a wallet too?  It would be great to have to carry one last thing in our pockets.

I think the CONCEPT of doing this makes sense to millions of consumers…but the reality is that it’s not happening as quickly as technology analysts or consumers predicted.  An eMarketer report predicts that mobile payments in the United States will cross the $1 billion threshold this year, which is a number far less than previously estimated.

This slower adoption rate reminds me of the slow broadband Internet adoption in the late 1990s.  I worked at Excite@Home and we promised to deliver high speed Internet access and robust content worthy of broadband to millions of homes and small businesses across the US.  I still have a t-shirt that says “broadband access, across all devices, all the time.” How cool was that promise!?  I expected to have this big pipe Internet connection into my home by the end of 2000.  What happened?

Similar to mobile payments, broadband Internet access was thwarted by multiple providers, convoluted access points and technologies.  It took a while for the cable networks to decouple from Excite@Home and offer broadband themselves.  DSL Internet providers slowly gained momentum to provide similar services, but not without a fight with telephony providers who controlled the coveted “last mile.”

Many of these technical and business challenges are faced by the mobile payments industry. A single mobile payment system has yet to emerge as a clear leader for consumers.  Making things more complex, no mobile payments system has emerged as a solution for small business to accept mobile payments.   With such confusion, business owners will be reluctant replace their POS card readers with a slick payment system that runs on an iPad.  Investors will also continue to be cautious as indicated by Capital One pulling out of its investment in Isis.

So, what to do?  Consumers and small businesses will need to take a wait and see approach.  Consumers will continue to make payments using a credit card, debit card or cash. But until a provider can develop a payments system easily adopted by small businesses, consumers will stick to only making mobile payments to buy their Starbucks coffee.


%d bloggers like this: