Slashdot Mirror
Why Mobile Wallets Are Doomed
redletterdave writes: "The other shoe has dropped for Square. The once-hyped mobile payments company is killing off its Wallet payments app and replacing it with a new app called Order, which will allow users to order food and beverages ahead of time at their favorite cafes and restaurants. For entrepreneurs, the concept of a mobile wallet seems so logical that the payments industry looks like it's ripe for disruption. If everybody is always carrying around a powerful computer in their pockets, it's natural to consider loading payment information onto that secure device as an alternative to cash or plastic cards. The problem comes when this logical entrepreneurial spirit merges with an industry segment that is classically illogical. The payments system in the United States is a mess of entrenched interests, fragmented business opportunities, old infrastructure (like point-of-sale systems), back room handshakes and cut throat competition. This behavior is not going to change any time soon, which means mobile wallets like Square are going to continue to struggle — at least until a more legitimate, easy-to-use and cost-effective solution comes along."
This behavior is not going to change any time soon, which means mobile wallets like Square are going to continue to struggle — at least until a more legitimate, easy-to-use and cost-effective solution comes along."
Like a usable cryptocoin?
Silence is a state of mime.
why is paying by phone so much better than with plastic?
i do it starbucks for the rewards
only other reason is if a food truck took cards instead of cash. why do it anywhere else?
for the retailers its more money to spend with no return on investment
Putting a wallet on a mobile phone that is not the least bit locked down, and has god knows what else installed on it. Then being the information through the air to be intercepted by some enterprising hacker. Yep convenience and security. But its all failing because of back room deals.
If I have to carry something around in order to pay for shit, a regular wallet works just fine. With actual cash in it.
I barely trust using my phone to log into a social network, let alone anything that might cost me money. With every app attempting to spy on each other, I would never trust my phone for financial transactions. Not for many years to come.
is carrying around ALL their DEBITS and ALL their CREDITS in their pockets. i diversify with a mattress.
" that secure device "
Since when? Smartphones are not secure.
Just let these innovations arise in other countries if the USA has such a backwards infrastructure. Even credit cards are more secure in other countries (chip and pin may be flawed, but it is still better than the magnetic strip and signature of the USA).
I'd be very interested to see how they approach that. Well, any internet payment mechanism is going to struggle with chip and pin, I suppose.
Make sure everyone's vote counts: Verified Voting
So I need to go back to lugging my safe around?
Is that I have to plug them in to charge for 3 hours before I can use them to buy a coffee...
The first time I get stuck somewhere because my phone died and I was unable to pay for a bus or taxi is also the last time I rely on mobile payments.
Sure it is. If a hacker gets my CC info and makes charges, my loss is limited to hassle and frustration. If a hacker gets my BTC info, I lose my BTC forever. That makes BTC like cash, which sure can be stolen, but to steal my cash you have to walk up to me and get my wallet away from me. A wallet thief can only rob a handful of people per day, whereas a BTC thief can take a hundred million dollars from ten thousand people in one night.
There are lots of tradeoffs for all these different systems. None of them are exactly perfect but none of them are worse than all the others in every way. Each has different strengths.
Please. This is a "solution" in search of a problem. And not even a good solution. All the CC companies in the US are (finally) being forced to implement chip-and-pin. Do you really think they're going to switch off of that for something even less secure than a standard CC? Not that they really care about security.
Besides, There are so many entities (not counting the malicious ones) tracking what goes on your smartphone, do you really want to trust your money to an app on one of these? If so, please use my app. It's complicated to set up, so please send me all your financial information and I'll get things going for you. You may notice some charges or emptying your bank accounts, but that just me making sure everything is working properly.
No, no, you're not thinking; you're just being logical. --Niels Bohr
There are specific examples the implementation fails. For instance Starbucks has a good implementation, but many Starbucks does not accept the card. Why am I going to have something that is useless. It also by default wants to annoy you every time you go by a Starbucks. We see the same thing with CVS. It is nontrivial to pull up the card, and easier just to type in a phone number.
Most of the digital wallet is just gather information on consumers without providing value in return. Like a grocery store loyalty card. Sure, some are going to use it. Some are going to shop at the store because of perceived value. But many are going to the store that just provides simple service. Walmart does not have a loyalty card.
"She's a scientist and a lesbian. She's not going to let it slide." Orphan Black
If everybody is always carrying around a powerful computer in their pockets, it's natural to consider loading payment information onto that secure device as an alternative to cash or plastic cards.
The summary used the words "computer" and "secure" in the same sentence as "payment information".
It must have been something you assimilated. . . .
I've always been a fan of the mobile wallet concept. I have a Google wallet account and spent the money for the NFC sim and all. Then I discovered absolutely No one in my town (major US city here not a backwater hill town) is set up for it. Sure a few have tap and pay card readers but those as a general rule are not programmed to accept and virtual wallet. I hope one day we get to the point where it is common place to use NFC payment systems at most major stores but I do not think it will happen anytime soon.
(Note: This comment is US-centric. I'll let others do the analysis for the rest of the world, but the case is actually easier there.)
NFC is still coming, and soon. Now that any Android 4.4+ device can use Google Wallet and with ISIS deployed to AT&T, Verizon & T-mobile customers who want it, one half of the secure mobile payments infrastructure problem is all but solved. Android 4.4 includes open APIs so that anyone else can implement NFC payment apps, also, and there are rumors of many coming. There are hints that Apple is also doing something with NFC.
The other half of the infrastructure problem is merchant acceptance. Visa and MasterCard announced in 2012 (IIRC) that the liability shift will be implemented end of 2015. What that means is that after the shift takes place, any merchant will be able to completely stop paying for any credit card fraud simply by deploying chip (including NFC) payment terminals. Given that merchants pay for nearly all fraud, and that it costs many billions annually, you'll see them moving fast. Already in some parts of the country I can go through a whole day using nothing but my phone for payment, and it's improving rapidly.
It's about a decade later than when the industry thought it would be but contactless smart card / NFC payment is in full rollout mode now.
Square is wise to drop their custom, proprietary solution to a problem that has an industry-standard solution in deployment.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
E-wallets have been popular in Japan for years. They are extremely convenient, especially if you use public transport a lot (and Japan has good public transport). No more messing about with change at the convenience store either. Vending machines take them too. As an added bonus there is no receipt to throw away, that gets stored on your phone/online account automatically as well.
Business users love them because they can easily import the receipts into Excel and file an expenses claim. Everyone else just finds it easier to pay for stuff at the end of the month via their mobile bill, instead of loading up a stored value card or fishing for change every time.
I hate coming back to the UK and having to deal with all this crap just to buy stuff. Some places can just about cope with contactless debit cards now, but if you have more than one in your wallet you have to get it out or a random one will be charged. My phone is nice and separate.
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
Q. When is Fiat currency not fiat currency?
A. When it's pegged to the price of an automobile.
Actual Fiat currency would be an interesting concept, sort of like taking Canadian Tire money one step further. People could exchange goods and services for gift certificates denominated in micro-Fiats, and any licensed driver could turn in a million micro-Fiats for (imitates The Price Is Right announcer) A NEW CAR!!!!11
A few facts that aren't going away any time soon:
1. There are 1000 different e-wallet based solutions which are swiss cheese of compatibility with the few number of retailers that have even bothered to look into them (These have fees as well mind you, just possibly less than CC transactions)
2. There are many loyalty reward cards / apps that do what you want quite well but only for specific customer/retailer relationships
3. Easy solutions that are both ubiquitous/cheap/secure would basically require the entire industry to jump onto a single standard who's fee schedule is really low / non-profit and who's infrastructure services / equipment are interchangable
If its not easy, customers will just use Credit Cards or cash
If its not ubiquitous, you may as well just use a rewards/points card program
If its not cheap, retailers may was well use credit cards because at least its a system well understood and comfortable with
If its not secure, retailers are on the hook for fraud and it will likely not be ubiquitous because which retailer would want to carry large purchase liability
All in all, its a 'solution' that on a green field may work. The articles frankly a utopian paradise where the slightly cheaper solution would require the entire infrastructure of our retail commerce system to be ripped out and replaced overnight in order to be feasible.
Lastly, by far the most important facet of any of these schemes is TRUST. If you don't have consumer trust in your transaction products, you won't have consumer buy-in. Loyalty cards have the maximum loss of whatever you've refilled them. CC/Bank cards generally have historically adequite means of limiting liability of holders (at the expense of retailers). What does this new system have to verify that my cash is safe with them?
Bye!
I've done this for years. Problem is, only about one in 20 clerks actually check my ID anyway! I always make a point to thank them when they get it right.
I am the senior writer and mobile editor of ReadWrite and have been writing about mobile payments for years now. Thank you. And actually, I didn't add that link to the coffee shop, one of my editors must have put it in. What would you like to discuss, Mr. Mopps? I have discussed mobile payments solutions with just about every company that is in the game and many of the analysts firms that follow payments. The harsh reality of the mobile wallet is not something that I pulled out of thin air. My conclusion is based on evidence of consumer usage (both empirical and data driven), the performance of these apps, talking to merchants and other various field research and the actions of the companies for almost five years. Google Wallet? Isis? Square? LevelUp? All have issues affecting adoption ranging from merchant adoption to conflicting industry interests to consumer behavior, privacy and security. What do merchants want? Low interchange rates. What do consumers want? The ability to use a payment method wherever they go while deriving value from it. What do big tech and payment processors want? A slice of the pie and will cut the other company's hamstring to do it. Payments are hard ... for so many different reasons and every single hyped mobile wallet that has been released to the consumer market has, in one form or another, failed.
Thank you.
E-wallets have been popular in Japan for years. They are extremely convenient, especially if you use public transport a lot (and Japan has good public transport). No more messing about with change at the convenience store either. Vending machines take them too.
If I could get here what you can get from a vending machine in Japan, I might want one too!
Public transit would be a very useful application for an e-wallet, especially in Tokyo with all those incompatible rail lines where you have to pay to transfer trains. But that could be solved by a dedicated transit pass which auto-recharges from a credit card account, sort of like the EZPass does in the U.S.
... is a time-tested Slashdot commenting strategy!
But seriously, I don't always carry my wallet with me, but I almost always carry my phone with me. Last year I found myself in the perfect position to benefit tremendously from a mobile wallet on my phone.
I was on mile 4 of a long bike ride when my rear tire failed. Not the tube (I carry a spare), the actual tire. I had decided not to bring my wallet with me, but I did have my phone. Anyway, I needed a replacement tire, but I had no money on me, and I realized that despite having my credit card number memorized, I didn't actually have any direct way to pay a bicycle shop for a tire, so I walked home.
But it felt silly - that I was carrying around a smartphone that has access to multiple bank accounts and payment services, and that I even knew my credit card number, yet without a little piece of plastic, I couldn't pay for anything.
Since then I don't go on bike rides without my wallet, but that's not really the point. Sometimes I take walks and don't want to bring my wallet. Occasionally I change my mind on the way home and decide it would be a good idea to stop at the grocery store. But no wallet, no way to purchase anything, despite having my phone.
In other words, there do exist situations in which one might reasonably have a phone but not a wallet. You may argue they are edge cases, but I am just one person. Other people mentioned check splitting, which is especially a headache in recent years since no one seems to carry cash anymore.
"Anyone who [rips a CD] is probably engaging in copyright infringement." - David O. Carson
Technically this voids your credit card. Read the line above the signature panel, "Authorized signature - not valid unless signed."
The standard merchant agreement says that merchants are supposed to check the signature panel on the back of your card and compare it against the receipt. They are not allowed to ask for ID (or to impose minimum purchase amounts or fees for that matter) unless the signature does not match. If the card is not signed they're supposed to decline to use it.
Of course, very few merchants actually read the agreement they've signed, much less follow its rules. They do this at their own peril, for they're the ones on the hook for fraudulent transactions.
I want peace on earth and goodwill toward man.
We are the United States Government! We don't do that sort of thing.
When exercising, I have a wallet pull-out that holds my driver's license and a credit card. It is extremely thin, I can swim with it, get it dirty, drop it, run it over with a bike, while never having to worry about it's power level. Yet I can use it for almost any financial transaction short of buying a house. If stolen, I am not responsible for the unauthorized purchases.
Top that and we can talk.
And about the malicious entities, this really isn't as big a problem as what your picturing. A wallet app is really just a UI. All the meat goes into your Secure Element. Your card info gets put in remotely by a trusted authority, and is read directly off the chip by a POS. Apps on your phone don't have access to it.
... it never once ran out of battery.
The only phone that never run out of battery in that period was the one bolted to my wall or standing on my desk.
"it's natural to consider loading payment information onto that secure device"
Is there any such thing as a "secure device"? I'm aware of several types of devices that were initially proclaimed to be secure, and subsequently hacked.
That that is is that that that that is not is not.
Here in the US I started seeing the ability to use debit cards at the cash register circa 1999.
I can't find any information online about a debit card system operating in any country before 1982.
Where are you?
Now that any Android 4.4+ device can use Google Wallet
The rest of the problem becomes getting manufacturers and carriers to push out Android 4.4 images.
its brown and leathery and contains a whole lot of money and other useful stuff :)
You could manage the same thing with a prepaid card with contactless payment. This is what is used in London (Oyster), at least for public transport. No change required, but no issue with battery life.
Contactless debit has got very common this year.
My wallet is mobile and it works even days without recharging. Also most payment systems do not work that well at the local market or flee market. It is not free of charge. It is also unable to work between normal people everywhere. The latter could be fixed with a standard which works with different payment systems. The free of charge thing is most likely not fixable if the whole thing is not state or central bank driven. The biggest problem is, however, the limited battery power. With no electricity the thing is worthless. If it is used for train/plane tickets, no electricity means no ticket. For payment apps, it means no money.
In addition, present solution work good enough and the benefit of app based payment is not that big.
Did you read the article? There are five links on the bottom to sources other than me. There are three or so links in the post itself leading to other stories I have written recently on the subject. Also, to note, my original head was "It's Time To Face The Reality For Mobile Wallets." It was changed by editorial team consensus so that more people would read it. I wouldn't call it a troll headline, but it does invoke some thought. Also, to note, The Platform is my opinion and analysis based column for ReadWrite. So yes, it is opinion, as stated in the header for the series on top of the article ("The Platform is a regular column by ReadWrite mobile editor Dan Rowinski and so forth). The column we are referencing was discussing a specific point of news (Square Wallet) and noting an empirical observation on the state of an industry segment that, really, has gone nowhere after years of hype. And yes, typing and spelling are quality attributes in a writer, I have always found. Also, I am not the one that submitted to Slashdot. I saw traffic coming in from our Chartbeat and decided to check it out. I lurk Slashdot like I lurk Hacker News, Reddit or Techmeme to see what people are saying and what is being read and discussed. I tend not to submit myself because I think that is a little self serving and the boards tend to frown on that practice. Doesn't mean I won't come in and say a good ole How Do You Do and respond to a commenter that is sure (in their own mind), that I will never see the attack on me.
Germany. And, OK, technically it was a "Cheque Guarantee Card" for the Euro-cheque back then, that also was usable as an ATM card when they stared to put up the first more widely adopted ATMs around 1981/1982.
Do you really think they're going to switch off of that for something even less secure than a standard CC? Sorry but I bought a 2800 dollar laptop with my CC that has no signature on the back and no PIN without the blink of an eye while I can't "charge" $5.56 worth of coffee and pastry to my Starbucks app without my PIN. Which one is less secure again?
The one that's not wifi or cellular connected. Duh.
No, no, you're not thinking; you're just being logical. --Niels Bohr
I agree that it's a solution in search of a problem. But the CC companies don't need to switch off of chip-and-pin to support mobile wallets. Have you noticed that you can tap a chipped credit card against the new generation of POS devices to pay? If you can do that, you can tap an NFC phone as well. Ever noticed how the chip in your credit card looks a lot like a SIM? Not a coincidence, it's the same underlying Smart Card tech.
And about the malicious entities, this really isn't as big a problem as what your picturing. A wallet app is really just a UI. All the meat goes into your Secure Element. Your card info gets put in remotely by a trusted authority, and is read directly off the chip by a POS. Apps on your phone don't have access to it.
Very good. And when my phone is remotely hacked, all my info is in the hands of thieves and I won't even know it. If you want my cash, you'll have to take it out of my pocket. Also, when I want to purchase things anonymously, how exactly do I do that with my phone?
No, no, you're not thinking; you're just being logical. --Niels Bohr
The Puget Sound region (Seattle area) has Orca cards. And Washington State DOT has their Good To Go pass. These are all stored value systems where the issuing entity gets to sit on your cash between the time you load it until you use it. They all profit from the float inherent in the system. Same thing for gift cards and customer accounts at the local coffee shop. Everyone want you to hand them a lump of cash that they can invest until they need to pay expenses.
Nobody want to give their little pile of cash to a bank or other third party. So its in every businesses' (and gov't agencies) best interest to use a proprietary system.
Have gnu, will travel.
Rapid Price Changes are part of a infantile system. As the system matures, and becomes wider spread, pricing will stabilize.
IF it matures
AND IF it becomes wide spread.
Although almost half (48%) of American adults now know what Bitcoin is, just 13% say they would choose to invest in it over gold, according to a new Harris Interactive poll on behalf of Yodlee, a financial software firm.
The poll was conducted in December 2013 among 2,039 adults ages 18 and older.
Support for the digital currency was strongest among younger respondents:
20% of 18-34 year-olds who know what Bitcoin is said they would choose to invest in Bitcoin over gold.
Thirty-nine percent were not in favor of any government being able to regulate Bitcoin, compared with 28% among 45-54 and 24% among 55-year-olds and older.
Other findings:
55% of Westerners said they'd heard of Bitcoin, but just 7% said they'd choose it over gold, the lowest in any region.
Only 35% of women across the country have heard of Bitcoin, compared with 63% of men. Only 10% of women said they'd choose Bitcoin over gold.
The Northeast is America's most pro-Bitcoin region, with 19% saying they'd choose the digital currency over gold. 51% said they'd heard of it.
13% Of Americans Would Choose Bitcoin Over Gold
The gender gap in the states --- more like a chasm, really --- is the one big surprise here. Not that it exists. But that it is so large.
um, so you think NFC with pin is somehow less secure than... NFC with pin?
Don't complain about syntax, grammar, or spelling. There is no.hell like input on android.
"Oh sorry you'll have to send me more money, the value of this cryptocurrency dropped 20% in the 5 seconds it took to process the transaction."
That is a solved problem, some exchanges offer merchant services where the exchange does the conversion and bitcoin transfer and pays the merchant after coin transfer confirmation. The amount credited to the merchant is exactly the amount the merchant specified at the start of the process. At the end of the day the total credited to the merchant is transferred to the merchant's bank account. The merchant never touches a bitcoin, it bills, receives and does all of its accounting in dollars.
I get sick of joining a checkout queue with my purchase in one hand and the correct change in the other, then having to wait forever while people ahead of me shuffle stacks of credit cards, wait for a pathetically slow electronic transaction, then fumble their cards back into their wallets. Cash is best, and NFC is probably the best alternative, as the women and kids would only have to pull their phones from their ears, which is much quicker than fumbling stacks of plastic.
paleoflatus
You do know you can pay for all those things with credit cards and use that 'float' as well right?
Don't complain about syntax, grammar, or spelling. There is no.hell like input on android.
This is what is used in London (Oyster), at least for public transport. No change required, but no issue with battery life.
I'm pretty sure oyster is only for public transport.
Contactless debit has got very common this year.
Which brings us to one of the problems with contactless cards. When you are carrying exactly one contactless card that will work for a given system it's great, you can just slam your wallet on the reader and go.
But if you are carrying more than one that doesn't work so well. Sometimes it sees both and refuses to continue, sometimes it sees the wrong one first resulting in unexpected charges.
note: i'm known as plugwash most places but i screwd up registering that here somehow in the past and now can't register
You don't hang around here enough to know that logic and facts are not very appreciated around here. Calling people out on not providing them is, but unfortunately the trogs don't know how to digest facts.
Don't complain about syntax, grammar, or spelling. There is no.hell like input on android.
That still puts the cash in the hands of these providers in advance. Somebody has to pay for that line of credit. Even if you pay your card balance off every month, your bank still has to finance the loan. And that means you pay (fees, crappy savings account rates, etc.) for your float.
I want to park as little money as possible in stored value systems. Businesses and government agencies want me to park as much as possible in their own systems. Guess who appears to be winning?
Have gnu, will travel.
um, so you think NFC with pin is somehow less secure than... NFC with pin?
Yes. When NFC with PIN isn't on a device connected to cellular and/or WiFi networks. Or did you forget about that?
No, no, you're not thinking; you're just being logical. --Niels Bohr
I am unfortunately aware of this. Most of the time I just shrug it off, really. But most times the commenters don't mention me specifically by name. ;)
I think the problem is the USA has a fairly cheap and good credit card system. In the USA merchants, with a few exceptions pay 1.4-4% with most in the 1.8-2.5% range. The customer generally gets about 1% of that or more in incentives. Which means there is only about 1% to play with for the merchant to cut costs or raise services. That probably isn't enough of a margin. There are areas where credit card fees are very high (adult services, gambling) but the reason fees are high is that these are impulse purchases which people often regret buying after the fact. There are also areas where untraceability is desired (i.e. in place of cash), but most merchants just take cash for those customers.
I'm not sure how you make a wildly used system with margins so thin on credit cards. Something about the USA system has to get worse. I suspect if there is ever going to be a mobile pay system it is going to be brought out by AMEX, VISA, MasterCard, Discover... as a adjunct form of card and nothing more. Just a fast or secure way to use your card. Other than that I just don't see a niche that justifies it.
I guess we are stuck with immobile wallets then.
If Square is going away, what else exists that allows a person to easily accept credit card transactions, anywhere, for all major types of cards?
File under 'M' for 'Manic ranting'
Technically this voids your credit card. Read the line above the signature panel, "Authorized signature - not valid unless signed."
The standard merchant agreement says that merchants are supposed to check the signature panel on the back of your card and compare it against the receipt. They are not allowed to ask for ID (or to impose minimum purchase amounts or fees for that matter) unless the signature does not match. If the card is not signed they're supposed to decline to use it.
Of course, very few merchants actually read the agreement they've signed, much less follow its rules. They do this at their own peril, for they're the ones on the hook for fraudulent transactions.
For a while, I used to ask store clerks which dead president's name they wanted me to use when signing the CC receipt. The saddest part was how many people said "Benjamin Franklin." Sigh.
No, no, you're not thinking; you're just being logical. --Niels Bohr
Also: TFA verbed 'onboard'.
Caveat Emptor is not a business model.
I think there are two main reasons why it does not work 1) because there's a duopoly on payments, Visa and Mastercard; add to that that everybody else wanted to control the mobile wallets, the operators, Google, the manufacturers, etc. so nobody did because they did not cooperate, they were greedy. 2) because it adds very little compared to what we have now, in other words, the added value is not enough to break the Visa/Mastercard duopoly. If there were hundreds of payment processors and card issuers, the system would not be entrenched as each POS would need flexibility to handle all that diversity. In the current situation, the POS only handle Visa and/or Mastercard, so only them can push for changes, like they are doing with the "tracker cards", the RFID insecure cards they force everybody to use now. They want everybody to use them not because they are better, but because they will be able to monetize them better by selling costumer tracking (those cards are beacons and you only need to slightly modify the "thief detectors" to track who enters and leaves a place, even if they pay with cash). They already sell your buying habits! Now they will also sell where you go and not buy!.
From a merchant perspective, it's not even a duopoly. In the US at least, Visa and Mastercard acceptance are jointly marketed to merchants.
No, no, you're not thinking; you're just being logical. --Niels Bohr
Assuming this is to "replace" my cards and/or cash, why would I want something where, if the batteries are dead, I can't buy anything?
A woman is usually carrying a purse, if it's a man he's typically carrying a wallet for other things anyway, so not much of a win there.
Why give hackers yet another way to steal my money?
Why give the feds/megacorps yet another way to track me and my spending?
WTF is wrong with cash? These days I'm a lot more likely to have my credit cards/bank account hacked than to be mugged for my bills, and money just doesn't weigh that much.
Risk management, cost benefit analysis means no way in hell would I sign up for this. I can't think of any possible improvements that would change this, short of a bona fide, anonymous, non-battery-powered credstick.
Love, Squeedle
Understood, I'm dealing with a non-competent-thinker/emotional-reactionist.
Don't complain about syntax, grammar, or spelling. There is no.hell like input on android.
You're a whining idiot. I don't pay a cent for any bank services. If you can't do the same, you're either moronic or live in a police state.
Don't complain about syntax, grammar, or spelling. There is no.hell like input on android.
So it has nothing to do with me not wanting to trust one lick of financial data to a device which is repeatedly proven to have massive and fundamental security holes? And nothing to do with the fact that 90% of the population would just as soon leave money in a nicely-ordered pile outside their door rather than give up their wallet in favor of something - anything - mobile.
The wallet isn't "ripe for disruption." That term refers to something which doesn't work, and can be done better with new technology. A digital wallet gives me zero net advantages.
No, but keep telling yourself your business failed because of "entrenched interests". I'm sure that feels better.
I trust the security of my phone over my card. So fuck you, bitch.
How sweet you are. Did your mother teach you that? Or hasn't she gotten to that part yet? What are you, 14?
No, no, you're not thinking; you're just being logical. --Niels Bohr
ah, so you don't know how it works so your first response is to bury your head in the sand.
Understood, I'm dealing with a non-competent-thinker/emotional-reactionist.
I understand the difference between Near-Field Communications (NFC), cellular and IEEE 802.11 protocols. I guess you're being deliberately obtuse here? Whatever. You can disagree with me if you like. It's no skin off my nose. Good luck with that.
No, no, you're not thinking; you're just being logical. --Niels Bohr
Why can't you just admit you don't know how it's implemented and that the wifi in this case is inconsequential?
Don't complain about syntax, grammar, or spelling. There is no.hell like input on android.
And what do protocols have to do with implementations???
Why can't you just admit you don't know how it's implemented and that the wifi in this case is inconsequential?
Specifics as to the software implementation of one or more minimally used or tested e-wallet apps? You're right, I don't know the specifics, nor have I reviewed any code.
However, any network connectivity opens vectors to hack the device. Regardless of any secure storage (on the SIM or elsewhere) or OS restrictions on access, network connectivity opens the possibility that the phone can be pwned. Once the phone is compromised, all bets are off and it's possible that an e-wallet can be compromised.
I know. Smartphones have no vulnerabilities. Nor will there ever be any vulnerabilities. Please. You keep telling yourself that.
Since you know so much about this (clearly much more than someone you've never met and whose knowledge and experience you have no information about), please explain how you *know* that there are no vulnerabilities or malware on *any* smartphones that might compromise the data in one of many different e-wallet apps. Also, please explain how you *know* that there will *never* be such vulnerabilities or malware. I'm an empiricist. I have an open mind. Convince me. Better yet, show me where, when and by whom all e-wallet app code, APIs, and general security of smartphones have been evaluated and certified.
If you want my money, you'll have to reach into my pocket to take it. If you want my CC info, you could, presumably, use a device to read the NFC chip on a card in my pocket, but you'd need to be in close proximity to do so. That negates any remote exploit.
So. I'll say it again. I guess you're being deliberately obtuse.
Or perhaps I'm overly paranoid. Then again, I know there are folks out there that want to steal my (and anyone else's they can) financial information. Sigh.
No, no, you're not thinking; you're just being logical. --Niels Bohr
And I'm not kidding, either.
Look, Android 4.3 and later and Windows Phone 7 and later support NFC, and many Android and Windows Phone-based cellphones built since 2011 have NFC built in.
The lone--but significant--holdout is Apple. Apple thinks it has a better solution using Bluetooth 4.0 (LE), but there are two problems: 1) nobody has built a point-of-sale terminal that uses Bluetooth 4.0 for mobile payment systems, and 2) the range of Bluetooth 4.0 makes it a potential security risk compared to the circa 30 to 40 mm range of NFC.
I believe at the prodding of NTT DoCoMo and South Korean cellphone carriers, there is a chance we may see the iPhone 6 models finally offer NFC, since NFC point-of-sale terminals are common in Japan and South Korea. If Apple were to include NFC for the first time on the iPhone 6, it would clean up the Japanese and South Korean markets literally in a blink of an eye.
And what do protocols have to do with implementations???
You know, I just went back and read your post again. Are you serious? Do you even know what a protocol is? As I said, I'm not intimately familiar with payment systems technology, but I know enough to say that there are at least two protocols which must be adhered to by any implementation of a contactless payment processing system for the elements to communicate: some sort of communication protocol so that payment information can be transmitted/received, and the format of the payment information itself. It wouldn't surprise me if there were others that were required as well.
Sigh. I guess you took that plunge from remaining silent to removing all doubt, friend.
No, no, you're not thinking; you're just being logical. --Niels Bohr
btw, I know you don't know anything because of the stupidity you are spouting. It's the general way any knowledgable person can spot the ignorant. I don't like to hand out information because babies with silver spoons in their mouths...
Don't complain about syntax, grammar, or spelling. There is no.hell like input on android.
And in the future, if you're going to link to a definition, link to a definition that is specific to what you're talking about.
Don't complain about syntax, grammar, or spelling. There is no.hell like input on android.
I gotta carry my regular wallet anyway.
This e-wallet stuff is not their main source of revenue.
Square is advertising on TV about how one pays with a credit card, using the plain old magnetic strip, using a card reader that plugs into the mic socket of a mobile phone.
Here is how it works.
Also, they are opening an office in Kitchener, Ontario, within the Kitchener Waterloo technology hub.
2bits.com, Inc: Drupal, WordPress, and LAMP performance tuning.
Yeah, you're just overly paranoid. Go take a look at how it works.
btw, I know you don't know anything because of the stupidity you are spouting. It's the general way any knowledgable person can spot the ignorant. I don't like to hand out information because babies with silver spoons in their mouths...
Really? Rather than engage, you resort to ad hominem and ad ignorantium attacks? Smooth. I'm so impressed.
Have a great day!
No, no, you're not thinking; you're just being logical. --Niels Bohr
Put your ego aside so you can realize your stupidity.
Don't complain about syntax, grammar, or spelling. There is no.hell like input on android.
That's how they started in Japan and are still available that way. The basic system is Sony's Felica
http://www.sony.net/Products/felica/
The chips were added to phones around 2006 so you could just swipe your phone instead of your card. The advantage to the phone version (1) no separate card needed (2) can add funds on the phone, no need to go to a machine. Now-a-days tyhey're integrated into Japanese made Android handsets but of course not the non-Japanese made ones nor the iPhone.
Many Japanese laptops have readers. My 2006 Vaio has a reader. I can also add funds through it.
Oh, and there is no issue with battery life. The chip in the phones in Japan is the same chip that's in the card. A dead battery doesn't affect your ability to use the phone to pay.
I've always been curious if they can reproduce the NFC style wallets in Japan (Asia?) in the USA.
Here in Japan the train companies have NFC cards. The cards act mostly as cash. You put money on the card itself. I don't know exactly how the accounting works but AFAIK there's no server being contacted when you make a purchase. The system some how instantly deducts the money from your card and updates your history on the card.
This makes them super convenient unlike stuff like Square Wallet or even Google Wallet. You tap the card/phone on the machine and you've paid in under 1 second. No need to press anything, type any passwords, nothing.
The chips were later added to feature cell phones around 2006 so you could tap your phone instead of a card. You can also add more cash on them from your phone. Some Japan only Android phones also have them. Of course iPhone does not.
Trains, busses, many taxis, vending machines, convenience stores, some restaurants have the readers next to their registers.
Transactions are stored on the card and many laptops in Japan have built-in readers. My 2006 Vaio did. Touch your card to some spot on the surface of the laptop and get instant expense report for work/taxes. You can add credit to the cards on your laptop as well.
I have no idea how they prevent fraud given they can be updated locally (filling them with money without going through the proper channels). As for theft, scanning people as they walk by, they do seem to need to be within 1cm or so to read/update. I haven't looked into it though. On the other hand they aren't tied to any other money meaning they're basically like carrying cash. If you lose it all you lost is your money on the card and your purchase history. There's no "account" and it's not connected to any bank or credit card so the damage is minimized.
I have no idea if those would go over anywhere in the USA except maybe NYC, Chicago, SF. They arguably work in Japan because so many people commute so even if you never purchase anything they're super convenient for commuting (no need to buy tickets). Once you have one they end up being convenient for other things.
At the same time, I don't see anything less ever taking off in the USA. Google Wallet etc aren't more convenient than credit cards. Felica cards are.
http://www.sony.net/Products/felica/
I realize I think in SF the Clipper card and in London the Oyster cards are the same tech? But I don't think either can be used for anything other than trains/busses.
Also the chips don't need batteries so even if your phone battery dies you can still pay with the chip in your phone.
The EU is currently working on regulating payment systems, and there is still an option that they will force easy (well easier) access to new players to the market.
As for purchasing anonymously, you can't do that with your credit card either. Yet credit cards remain pretty popular.
With the upcoming switch to chip+PIN credit cards we're finally going to have widespread deployment of NFC readers. That may give us the necessary critical mass for mobile wallets to take off.in the US - phone+PIN should be an appealing alternative to card+PIN since the phone is usually closer at hand.
Since you know so much about this (clearly much more than someone you've never met and whose knowledge and experience you have no information about), please explain how you *know* that there are no vulnerabilities or malware on *any* smartphones that might compromise the data in one of many different e-wallet apps. Also, please explain how you *know* that there will *never* be such vulnerabilities or malware. I'm an empiricist. I have an open mind. Convince me. Better yet, show me where, when and by whom all e-wallet app code, APIs, and general security of smartphones have been evaluated and certified [wikipedia.org].
In principle, I agree with you, but I would probably agree with you a lot more if you were weighing a secure system against a semi-secure system. As we have seen, however, the CC system is -extremely- insecure, and it is very, very easy for your credit card info to find its ways into the wrong hand. Unscrupulous store employees who install skimmers on CC swipers, online retailers who store CC information in an insecure manner (and you'll never know if they do until they get hacked). Maybe you just used your credit card at Target last year. I just got a free year's worth of credit card monitoring because of all the hacks and exploited flaws last year.
I don't see how the phone wallet would be worse.
Since you know so much about this (clearly much more than someone you've never met and whose knowledge and experience you have no information about), please explain how you *know* that there are no vulnerabilities or malware on *any* smartphones that might compromise the data in one of many different e-wallet apps. Also, please explain how you *know* that there will *never* be such vulnerabilities or malware. I'm an empiricist. I have an open mind. Convince me. Better yet, show me where, when and by whom all e-wallet app code, APIs, and general security of smartphones have been evaluated and certified [wikipedia.org].
In principle, I agree with you, but I would probably agree with you a lot more if you were weighing a secure system against a semi-secure system. As we have seen, however, the CC system is -extremely- insecure, and it is very, very easy for your credit card info to find its ways into the wrong hand. Unscrupulous store employees who install skimmers on CC swipers, online retailers who store CC information in an insecure manner (and you'll never know if they do until they get hacked). Maybe you just used your credit card at Target last year. I just got a free year's worth of credit card monitoring because of all the hacks and exploited flaws last year.
I don't see how the phone wallet would be worse.
You're absolutely correct. I never said that the current CC system was secure.
I was merely pointing out that, as is good infosec practice, if you expose something to the internet (as most smartphones are), you should expect it to get hacked at some point (e.g., the probability is non-zero). One poster pointed out that secure certificates protect your data, which is stored in a "secure" storage area on your phone. That may well be true. And since no certificate authority has ever been hacked (Oh wait, that's happened multiple times), there's nothing to worry about.
Also, it's interesting to me that some folks might think and assert that something is secure, without any objective analysis -- especially since there are well-defined and standardized mechanisms for such analysis. IMHO, claims that something is secure, if unsupported by independent analysis, are ill-informed opinions.
I don't question the potential convenience, or even the (relative) security offered by e-wallets, I'm just skeptical of the security claims and the (unstated) motives of those who champion e-wallets.
No, no, you're not thinking; you're just being logical. --Niels Bohr
The US population has resisted electronic wallets. I think there's a few reasons: Loosing the damn phone, or having it stolen. Getting hacked. (Shall we have another interesting Win XP SP2 era about passwords?) And a reason I haven't heard mentioned, but applies to any credit transaction: It's too damn easy to spend your way into debt. Especially at 28% interest, I think more and more people have learned (the hard way) to cut it off, or scale it back. Even debit transactions (and cryptocurrencies would fall in this category) are something people have found are a way of blowing money way to easily. Paper checks are on the way out...or are they? (Haven't seen any numbers on this.) But writing a paper check is more involved (writing involves muscles and takes longer), especially if you enter the amount into a register where you have your balance staring at you. None of the mobile payment methods I've seen instantly shows you how much your assets have decreased, or your liabilities have increased. I probably just gave someone the beginnings of a billion-dollar idea. Remember me when the IPO comes time. :)