Slashdot Mirror
Why Mobile Wallets Are Doomed
redletterdave writes: "The other shoe has dropped for Square. The once-hyped mobile payments company is killing off its Wallet payments app and replacing it with a new app called Order, which will allow users to order food and beverages ahead of time at their favorite cafes and restaurants. For entrepreneurs, the concept of a mobile wallet seems so logical that the payments industry looks like it's ripe for disruption. If everybody is always carrying around a powerful computer in their pockets, it's natural to consider loading payment information onto that secure device as an alternative to cash or plastic cards. The problem comes when this logical entrepreneurial spirit merges with an industry segment that is classically illogical. The payments system in the United States is a mess of entrenched interests, fragmented business opportunities, old infrastructure (like point-of-sale systems), back room handshakes and cut throat competition. This behavior is not going to change any time soon, which means mobile wallets like Square are going to continue to struggle — at least until a more legitimate, easy-to-use and cost-effective solution comes along."
why is paying by phone so much better than with plastic?
i do it starbucks for the rewards
only other reason is if a food truck took cards instead of cash. why do it anywhere else?
for the retailers its more money to spend with no return on investment
Cryptocoins are a solved problem. It's being able to store them securely that is the problem. They draw hackers like moths to a flame.
If I have to carry something around in order to pay for shit, a regular wallet works just fine. With actual cash in it.
I barely trust using my phone to log into a social network, let alone anything that might cost me money. With every app attempting to spy on each other, I would never trust my phone for financial transactions. Not for many years to come.
is carrying around ALL their DEBITS and ALL their CREDITS in their pockets. i diversify with a mattress.
Just let these innovations arise in other countries if the USA has such a backwards infrastructure. Even credit cards are more secure in other countries (chip and pin may be flawed, but it is still better than the magnetic strip and signature of the USA).
It's not like swiping your credit card in the 'traditional' manner is much better.
I'd be very interested to see how they approach that. Well, any internet payment mechanism is going to struggle with chip and pin, I suppose.
Make sure everyone's vote counts: Verified Voting
Cryptocoins are a solved problem. It's being able to store them securely that is the problem.
IOW, the cryptocoin problem isn't solved.
So I need to go back to lugging my safe around?
"Oh sorry you'll have to send me more money, the value of this cryptocurrency dropped 20% in the 5 seconds it took to process the transaction."
"When information is power, privacy is freedom" - Jah-Wren Ryel
Is that I have to plug them in to charge for 3 hours before I can use them to buy a coffee...
The first time I get stuck somewhere because my phone died and I was unable to pay for a bus or taxi is also the last time I rely on mobile payments.
Sure it is. If a hacker gets my CC info and makes charges, my loss is limited to hassle and frustration. If a hacker gets my BTC info, I lose my BTC forever. That makes BTC like cash, which sure can be stolen, but to steal my cash you have to walk up to me and get my wallet away from me. A wallet thief can only rob a handful of people per day, whereas a BTC thief can take a hundred million dollars from ten thousand people in one night.
There are lots of tradeoffs for all these different systems. None of them are exactly perfect but none of them are worse than all the others in every way. Each has different strengths.
Please. This is a "solution" in search of a problem. And not even a good solution. All the CC companies in the US are (finally) being forced to implement chip-and-pin. Do you really think they're going to switch off of that for something even less secure than a standard CC? Not that they really care about security.
Besides, There are so many entities (not counting the malicious ones) tracking what goes on your smartphone, do you really want to trust your money to an app on one of these? If so, please use my app. It's complicated to set up, so please send me all your financial information and I'll get things going for you. You may notice some charges or emptying your bank accounts, but that just me making sure everything is working properly.
No, no, you're not thinking; you're just being logical. --Niels Bohr
There are specific examples the implementation fails. For instance Starbucks has a good implementation, but many Starbucks does not accept the card. Why am I going to have something that is useless. It also by default wants to annoy you every time you go by a Starbucks. We see the same thing with CVS. It is nontrivial to pull up the card, and easier just to type in a phone number.
Most of the digital wallet is just gather information on consumers without providing value in return. Like a grocery store loyalty card. Sure, some are going to use it. Some are going to shop at the store because of perceived value. But many are going to the store that just provides simple service. Walmart does not have a loyalty card.
"She's a scientist and a lesbian. She's not going to let it slide." Orphan Black
(Note: This comment is US-centric. I'll let others do the analysis for the rest of the world, but the case is actually easier there.)
NFC is still coming, and soon. Now that any Android 4.4+ device can use Google Wallet and with ISIS deployed to AT&T, Verizon & T-mobile customers who want it, one half of the secure mobile payments infrastructure problem is all but solved. Android 4.4 includes open APIs so that anyone else can implement NFC payment apps, also, and there are rumors of many coming. There are hints that Apple is also doing something with NFC.
The other half of the infrastructure problem is merchant acceptance. Visa and MasterCard announced in 2012 (IIRC) that the liability shift will be implemented end of 2015. What that means is that after the shift takes place, any merchant will be able to completely stop paying for any credit card fraud simply by deploying chip (including NFC) payment terminals. Given that merchants pay for nearly all fraud, and that it costs many billions annually, you'll see them moving fast. Already in some parts of the country I can go through a whole day using nothing but my phone for payment, and it's improving rapidly.
It's about a decade later than when the industry thought it would be but contactless smart card / NFC payment is in full rollout mode now.
Square is wise to drop their custom, proprietary solution to a problem that has an industry-standard solution in deployment.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
E-wallets have been popular in Japan for years. They are extremely convenient, especially if you use public transport a lot (and Japan has good public transport). No more messing about with change at the convenience store either. Vending machines take them too. As an added bonus there is no receipt to throw away, that gets stored on your phone/online account automatically as well.
Business users love them because they can easily import the receipts into Excel and file an expenses claim. Everyone else just finds it easier to pay for stuff at the end of the month via their mobile bill, instead of loading up a stored value card or fishing for change every time.
I hate coming back to the UK and having to deal with all this crap just to buy stuff. Some places can just about cope with contactless debit cards now, but if you have more than one in your wallet you have to get it out or a random one will be charged. My phone is nice and separate.
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
Rapid Price Changes are part of a infantile system. As the system matures, and becomes wider spread, pricing will stabilize. The problem is what to do in the meantime. Right now, people with patience will make a minor fortune, provided that the market exists in the future. In the mean time, it is not for the faint of heart.
If I were a merchant, I would be accepting BitCoins as fast as I could, as the opportunity is there right now, with enough patience.
Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
I am the senior writer and mobile editor of ReadWrite and have been writing about mobile payments for years now. Thank you. And actually, I didn't add that link to the coffee shop, one of my editors must have put it in. What would you like to discuss, Mr. Mopps? I have discussed mobile payments solutions with just about every company that is in the game and many of the analysts firms that follow payments. The harsh reality of the mobile wallet is not something that I pulled out of thin air. My conclusion is based on evidence of consumer usage (both empirical and data driven), the performance of these apps, talking to merchants and other various field research and the actions of the companies for almost five years. Google Wallet? Isis? Square? LevelUp? All have issues affecting adoption ranging from merchant adoption to conflicting industry interests to consumer behavior, privacy and security. What do merchants want? Low interchange rates. What do consumers want? The ability to use a payment method wherever they go while deriving value from it. What do big tech and payment processors want? A slice of the pie and will cut the other company's hamstring to do it. Payments are hard ... for so many different reasons and every single hyped mobile wallet that has been released to the consumer market has, in one form or another, failed.
Thank you.
You could manage the same thing with a prepaid card with contactless payment. This is what is used in London (Oyster), at least for public transport. No change required, but no issue with battery life.
Contactless debit has got very common this year.
Did you read the article? There are five links on the bottom to sources other than me. There are three or so links in the post itself leading to other stories I have written recently on the subject. Also, to note, my original head was "It's Time To Face The Reality For Mobile Wallets." It was changed by editorial team consensus so that more people would read it. I wouldn't call it a troll headline, but it does invoke some thought. Also, to note, The Platform is my opinion and analysis based column for ReadWrite. So yes, it is opinion, as stated in the header for the series on top of the article ("The Platform is a regular column by ReadWrite mobile editor Dan Rowinski and so forth). The column we are referencing was discussing a specific point of news (Square Wallet) and noting an empirical observation on the state of an industry segment that, really, has gone nowhere after years of hype. And yes, typing and spelling are quality attributes in a writer, I have always found. Also, I am not the one that submitted to Slashdot. I saw traffic coming in from our Chartbeat and decided to check it out. I lurk Slashdot like I lurk Hacker News, Reddit or Techmeme to see what people are saying and what is being read and discussed. I tend not to submit myself because I think that is a little self serving and the boards tend to frown on that practice. Doesn't mean I won't come in and say a good ole How Do You Do and respond to a commenter that is sure (in their own mind), that I will never see the attack on me.
I agree that it's a solution in search of a problem. But the CC companies don't need to switch off of chip-and-pin to support mobile wallets. Have you noticed that you can tap a chipped credit card against the new generation of POS devices to pay? If you can do that, you can tap an NFC phone as well. Ever noticed how the chip in your credit card looks a lot like a SIM? Not a coincidence, it's the same underlying Smart Card tech.
And about the malicious entities, this really isn't as big a problem as what your picturing. A wallet app is really just a UI. All the meat goes into your Secure Element. Your card info gets put in remotely by a trusted authority, and is read directly off the chip by a POS. Apps on your phone don't have access to it.
Very good. And when my phone is remotely hacked, all my info is in the hands of thieves and I won't even know it. If you want my cash, you'll have to take it out of my pocket. Also, when I want to purchase things anonymously, how exactly do I do that with my phone?
No, no, you're not thinking; you're just being logical. --Niels Bohr
And what do protocols have to do with implementations???
Why can't you just admit you don't know how it's implemented and that the wifi in this case is inconsequential?
Specifics as to the software implementation of one or more minimally used or tested e-wallet apps? You're right, I don't know the specifics, nor have I reviewed any code.
However, any network connectivity opens vectors to hack the device. Regardless of any secure storage (on the SIM or elsewhere) or OS restrictions on access, network connectivity opens the possibility that the phone can be pwned. Once the phone is compromised, all bets are off and it's possible that an e-wallet can be compromised.
I know. Smartphones have no vulnerabilities. Nor will there ever be any vulnerabilities. Please. You keep telling yourself that.
Since you know so much about this (clearly much more than someone you've never met and whose knowledge and experience you have no information about), please explain how you *know* that there are no vulnerabilities or malware on *any* smartphones that might compromise the data in one of many different e-wallet apps. Also, please explain how you *know* that there will *never* be such vulnerabilities or malware. I'm an empiricist. I have an open mind. Convince me. Better yet, show me where, when and by whom all e-wallet app code, APIs, and general security of smartphones have been evaluated and certified.
If you want my money, you'll have to reach into my pocket to take it. If you want my CC info, you could, presumably, use a device to read the NFC chip on a card in my pocket, but you'd need to be in close proximity to do so. That negates any remote exploit.
So. I'll say it again. I guess you're being deliberately obtuse.
Or perhaps I'm overly paranoid. Then again, I know there are folks out there that want to steal my (and anyone else's they can) financial information. Sigh.
No, no, you're not thinking; you're just being logical. --Niels Bohr
Oops. Accidentally posted that too soon and before logging in.
Anyways, had those people had bitcoin wallets on their computers, those assuredly would be emptied.
Third party wallet hosting services aren't an answer - while there may be some trust worthy operators out there, there's far too many people that aren't. People who would never ben entrusted to hold $10 throw up a pretty website and see $10 million transferred to their control. Even if they resist the temptation, just the knowledge of how many coins those services become huge targets for criminals.
So, no... as cool of a concept as bitcoin might be, an electronic currency that allows for irreversible transactions is not a good thing for the average user.
that's simply not true. the BTC market is heavily manipulated by relatively few massive holders with algorithmized buys and sells. the average investors doesn't have a chance in hell.
So it's modeled on the US stock market then.
The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.