SUBSCRIBE NOW
IN THIS ISSUE
PIPELINE RESOURCES

Mobile Payment Chains

By: Wedge Greene

Payments from mobile devices

The Big Three mobile device makers [Apple, Google, and Samsung] have advanced into the mobile payment market [Apple Pay, Google Pay, Samsung Pay]. Microsoft Wallet is on the doorstep. The major credit card companies, seeking to hold their traditional market, have become active mobile payment enablers.  So have many large banks. 

With all these movers-and-shakers on boarding this innovation, it seems natural and inevitable.  But today mobile payments are still a negligible fraction of the total number of digital financial transactions. Nevertheless, this is shaping up as a major change in commercial operations and will significantly impact the life of the mobile operator – plan for billions of transactions in a few years.  Soon the quantity of financial transactions will rival the transaction totals for connecting phone calls.

Mobile payment technology has advanced considerably since PayPal. PayPal is now being superseded and, in some cases, replaced as a provider by new approaches. Financial mobile transactions now come in two forms: in-app payments and point-of-sales.

In the first form, "in-app" payments, an app resident on a mobile phone, can be used by a browsing user to make a payment, much like any commercial website would be used to make an online payment.  But there are additional technical considerations related to security.  Typically, account numbers for credit cards (CC) and banks are not carried on the phone, so loss of a phone does not impact a user’s finances.  No account numbers are transmitted over the mobile network. Instead the phone generates a token, aka, unique digital identifier, or a similar string type, identifying the transaction. It uses another embedded token [for example, from encrypted SIM or Host-based card emulation (HCE)] representing the user’s account. These are resolved in a cloud-based transfer of funds. 

Efforts are ongoing to make these mobile transactions more secure than web payments and credit cards and to insure neither fraud nor theft impact users. For example, transactions must complete in a short time. Most important is use of two-factor authentication and in some approaches three-factor security. Apple iPhones require fingerprint recognition to authorize the payment.  Other devices use PINS and other specific ‘user does something’ methods.  I find authorization by facing the phone and ‘blinking your eye’ to be a very clever approach.  It not only is biometric identification via selfie; it insures you are a living buyer.  MasterCard also seems to think so.

These transmitted payment tokens are associated with specific payment transaction networks; for example, the Visa Token Service and its associated host card emulation (HCE). Other transaction networks also support mobile device manufacturers, giving consumers some choice when configuring their device for payments. Each of these transaction networks provide tool kits to device manufactures, for inclusion in mobile device OS.  Behind the transaction networks are many individual banks, one of which is always a party in the financial transaction.

The second form, point-of-sales, is the substitution of a mobile device and a secure app for credit cards, checks, and cash in point-of-sale transactions. Typically these involve intercommunication of the point-of-sale terminal with the mobile device via near field communication (NFC). This approach, with a secure token following the EMVCo payment token standard, is used by Apple Pay and Google Pay. There are technical alternatives in the market that accomplish much the same thing and some do more. Samsung Pay, with its Magnetic Secure Transmission (MST) technology, allows consumers to also use magnetic stripe terminals.



FEATURED SPONSOR:

Latest Updates





Subscribe to our YouTube Channel