Thursday, December 18, 2008

NFC / Contactless commerce startups surviving the downturn

Withering on the vine is among the most frustrating experiences for entrepreneurs and investors alike. With the economy in a swoon, a lot of startups are on the ropes. NFC-based / contactless commerce has been just around the corner for a while now. Related startups have participated in many a pilots and have been idling waiting for commercial deployments and resulting revenues. Banks have their own set of problems, and do not expect to participate in commercial deployments any time soon.

These startups should not wait anymore for phone vendors to offer NFC-based phones in volume or for merchants to deploy contactless infrastructure. The silver lining among these dark clouds is that merchants are willing to participate in programs that excites their customers and brings them in to their stores. An alternative way for a user to interact with the merchant infrastructure is to go through the cloud. It would seem like a round-about way to get something done while you are only a few inches apart. However, interacting via the internet will get the revenues right now.

SMS-based mobile commerce has been around for a while now. Instead of having the mobile wallet [ID] on the device, move this ID to the service provider's platform. You don't even need the telco to be actively involved in such an offering. Wallet-in-the-sky with SMS-based interactions can be retrofitted with existing NFC platforms with little effort. Some of the implementations I have seen get the messages across 'near' instantaneously. The user experience does not necessarily have to be clunky. The wow effect can still be delivered to the customer. The retailer's expectations can still be met.

This is but one example of what I am proposing. There are quite a few variants of the above architecture. Such an offering is not sexy. For folks who have been living in the magical world of contactless commerce, the above suggestion is a significant let-down. The consolation is that the dream might live on, and could survive to fight another day.

What are your thoughts? How are you improvising to survive this downturn? What are your suggestions on what the contactless commerce startups should do to become cash flow positive in the near-term.?

Monday, December 15, 2008

Role of FeliCa cards in mobile commerce

With ABI Research reporting that commercial NFC deployments expected by 2013, the question is what technologies would people use for mobile commerce until then?

If mobile in mobile commerce implies mobility and not necessarily a mobile phone, then the lowly card form factor comes to mind as a possible option. Coincidentally, I came across a news article about Sony releasing a new version of PaSoRi, their PC/VAIO smart card reader/writer.

PaSoRi, in conjunction with both phones and cards, are being used for online commerce, topping transit tickets, gaming... Having said that, FeliCa cards are still the dominant form factor while mobile FeliCa (phones) is gaining traction and momentum. FeliCa cards and mobile FeliCa have been doing very well in both brick and click commerce.

What are your thoughts of the dominant mobile commerce technology over the next 5 years? What interim role can FeliCa cards play in mobile commerce? On a related note, is PaSoRi and FeliCa cards helping Sony sell more VAIOs and differentiate themselves from the competition?

Thursday, December 4, 2008

Can independent Trusted Services Managers (TSMs) flourish?

The concept of Trusted Services Managers (TSMs) has always intrigued me. The need for industries, as diverse as, telecom, transit and payments, having to work together is a daunting prospect. A neutral third-party, aka TSM, seems like a natural fit to facilitate interactions between these industry players, each of whom have different approaches to the same problem.

As we extend the concept of TSMs to reality, some wrinkles appear.

An observation that is common across NFC trials is about the number of partners (last count there were 6-8 partners) that need to be coordinated with. The complexity resulting from the number of partners is a hurdle, especially as one goes past trials and plans for commercial deployments.

TSMs also provide OTA services. Traditionally, OTA services have been provided by the card issuer, among others. In the telecom world, the telecom service provider (telco) have provided OTA services themselves, using OTA platforms from third-parties, such as, SmartTrust.

Reading between the lines of what telcos are saying and doing (around NFC trials), it appears that in the brave new of world of NFC, the telco will continue to provide OTA services. From a telco's perspective, this reduces the number of interfaces/participants to work with. Additionally, as ETSI has adopted the Single-Wire Protocol (SWP) as the standard, the SIM has become the secure element of choice, and the telco the issuer of the secure element. At the least, the telco would like to paint such a picture. Against this backdrop, the telco has a vested interest and a supporting business model (managing the secure element real-estate) to manage the relationships with third-parties, including banks and transit operators.

Alternatively, the SIM card vendor (G&D, Gemalto...) are better positioned to work with telcos to manage the SIM/secure element real estate, and have good relationships (both business and operational) with payment card issuers.

While TSMs (Venyon, Cassis...) would continue to be in the news for the next 3-5 years as the NFC ecosystem ramps up, it is uncertain whether independent TSMs (TSMs that are not part of SIM card vendors, telcos, financial services providers [e.g., First Data] ) would be able to succeed thereafter.

A question to ponder: What kind of business and usage models would enable independent TSMs to flourish as the NFC ecosystem ramps up and consolidates?

Wednesday, December 3, 2008

Is Online PIN Debit for real this time around?

News of online PIN debit payment products popping up in the news often. ATM Direct/Acculynk and NYCE's SafeDebit are the but the latest examples.

Persistence over the past ten years to make online PIN debit a success is admirable. In an effort to overcome prior industry missteps, Acculynk and SafeDebit are offering software-based solutions. As noted by others as well, a hardware-based module needs to be involved to secure online commerce comprehensively. Additionally, the usual suspects standing in the path of success include lack of ubiquity and changes to the user experience that make users uneasy.

The current interest in online debit payment options are driven by the credit squeeze being felt by consumers. If the current online PIN debit offerings can go commercial in the next 3-6 months with a broad array of merchants offering this payment option, there is a good chance of success.

Saturday, November 22, 2008

Merchants may get real-time access to funds at lower rates

Typically, if a merchants wants to pay low fees, they get access to their funds later (e.g., ACH payments received after 3 days). If the merchant wants to get access to their fund immediately, they would have to pay a higher rate (e.g., credit/debit cards payments are received overnight).

This seemed to be an immutable reality that merchants had come to expect. Lower rates/fees and 'immediate' access to funds seemed to be a contradiction.

There is light at the end of the tunnel. Digital Transactions reports that PayPal is piloting a payment method where the merchants can have access to fund immediately (overnight). The rails are different from ACH and payment card rails. The disruptions keep on coming.

It will be interesting to see how this innovation plays out. All the best to PayPal for continuing to move the ball forward. Innovations that reduce online merchant's cost of accepting payments cannot come fast enough, especially in the current economic conditions.

Monday, November 17, 2008

Innovation 2.0 & the Obama Presidency

I ran into my friend Christian Sarkar's blog about Obama's Innovation Strategy. Felt that the topic was appropriate for this blog. Christian's blog has the video clip of Obama unveiling his innovation agenda at Google. Obama's speech was, as expected, very inspiring.

The dark economic cloud that has been hanging over the economy has been stifling. Startups are withering on the vine. Access to venture capital has literally dried up. IPOs have ceased being an option for startups for over a year. Revenues will surely dwindle or be delayed. I know of many a startups, some started by friends, that are barely surviving. The next 12-18 months of recession look insurmountable. The few choices left for startups include M&A. Not quite the Innovation 2.0 that we were expecting...

Having said that, the changes being proposed by Obama are indeed different. His vision and agenda will accelerate innovation in a variety of areas. Experienced and prudent nurturing/management of radical ideas could spur the blossoming of the Obama Googles. One could then argue that the true Innovation 2.0 was what the Obama presidency ushered in.

Wednesday, November 12, 2008

Innovations, such as EMUE's card, can get us going again

Very rarely do you see so much buzz about a new payment technology as EMUE's display cards. This is indeed an exciting innovation. This card has the thickness of a traditional credit card, while it has a 8-digit display, 12 digit keyboard and a battery that last 3 years! Wow, this is truly amazing.

This product has the potential of being applicable in a variety of markets, including the US.

The ability to leverage the above product features to support MFA (multi-factor authentication) using a single device is what makes this product exciting. To appreciate this innovation, compare against the Gemalto CAP (Chip And PIN) reader being tailor-made for Barclays (PINsentry) to support MFA for online commerce. Who would want an add-on device if your payment card can do it all? The additional cost of the EMUE card (costs 5 times as much as an ordinary card to manufacture) looks inexpensive when compared to shipping CAP readers to customers.

I see an immediate opportunity to use this card for MOTO (Mail Order Telephone Order) transactions. Visa is piloting this card with bank(s) to complement VbV (Verified by Visa). I am not sure that the problems that merchants and consumers have with VbV will be addressed by using EMUE's card.

You get so excited when you read about such innovations that you forget that the economy is supposed to comatose.

Saturday, November 8, 2008

Obama effect on payments innovations?!

At a personal level, Obama's victory provides hope and optimism of a new tomorrow. Given the prevailing mood, hope and optimism are the engines that will get the US back on its feet again and restore its place as the leader of the free world. However, the expectations on President-elect Obama and his administration might be a little too much for any mortal to bear, even though that mortal might be Barack Obama

I was keeping this post for the new year. As all of us are being carried away by the developments of this week, I figured it is appropriate to gaze into the crystal ball (and again in the New Year).

Positive Trends
  • More use of debit cards, resulting in a cheaper tender for merchants (PIN Debit).
  • Alternative payment systems to reduce cost of accepting payment cards
  • Consolidation among players in the P2P and alternative payments space
  • Government use of payment cards to distribute social security and other benefits to citizens
  • Initial usage models of Android phones-based applications to bridge online and retail
  • Commercial deployments of NFC will be delayed
  • Delay in deployment of contactless readers at retailers
  • Mass transit, the beneficiary of high gasoline prices, might be collateral damage as cities struggle to invest over the next couple of years. The reason this aspect shows up here is because Mass Transit payments have led the deployment of contactless acceptance infrastructure
Initial indicators suggest that markets, such as, India have not been affected very badly. It will be interesting to watch for any innovations in the payments space from emerging markets.

Monday, November 3, 2008

Online Fraud Double Whammy

I am sure that you have heard about the startling discovery that a malware (Sinowal Trojan) has been harvesting financial data, including credit card numbers for nearly three years. The cache of stolen data exceeds half million records reports RSA FraudAction Research Lab.

On a related note, The New York Times reports
Microsoft plans to report on Monday that the security of its Windows operating system has significantly improved, while at the same time the threat of computer viruses, frauds and other online scourges has become much more serious.
News like the above are bad news for the online commerce industry. Especially, given the current mood of the consumer and economic environment. Improvements in technology can be leveraged to minimize the ability of fraudsters to profit from data collected by crimeware/malware.

A variety of participants, including CyberSource, Iovation, 41st Parameter have been working on combating this kind of fraud. However, what is becoming clear is that the fraudsters are a lot savvier and that we need to approach this problem very differently.

Call to action: Support the below technologies (some of which are already deployed for offline transactions) for online commerce transactions:
  1. Support one-time credit card number, such as those offered by MasterCard in association with Orbiscom
  2. Support use of dynamic CVx (CVV / CVC...)
  3. Support multi-factor authentication, including utilizing CVM (Card holder verification) methods that are part of the current MasterCard and Visa specifications
The above advances will make the stolen information unusable. As credit card issue cycle is on average three years, the higher security cards will make it to the hands of the consumer over the course of the normal card replacement cycle. The cost differential of the higher security card will be made up by issuers if the consumer makes one additional transaction because of the higher security card.

Would love to hear about innovations that you are working on or are aware of that would remove the profitability from stolen data.

Saturday, October 4, 2008

ITSO mobile phones

It was heartening to read about the field trials of ITSO compliant phones (Consult Hyperion) in UK. ITSO is an industry organization to promote interoperability between UK Passenger Transport Authorities / Operators and related organizations.

ITSO was formed to build and maintain a specification for secure 'end to end' inter-operable ticketing transactions, utilising relevant ISO and emerging CEN standards.
[From ITSO - About Us ]
In the contactless space, UK seems to be speeding ahead of the traditional smart card leader, France. The payments cards deployment and now a standardized inter-operable transit solution, UK is putting in place the basic building blocks

It is interesting to note that both the payments space and ITSO provide support for loyalty. However, there is no standard, that I am aware of, for loyalty on smart cards (at least for applet interaction between 'card' and 'reader'). Support for loyalty by both standards recognizes the valuable grease for the wheel. However, lack of standards in the loyalty space might indicate a choke point for commercial scalability.

O2 is the operator who is the common thread for both the payments field trials in London, and the ITSO trials with the NoWcard. It would be interesting if Venyon, the OTA service provider for the London payments field trials, is also involved in the ITSO field trials (though not mentioned in the CHYP website). Finally, it would not be surprising to find out that the O2 SWP phones (SIM as a secure element) used in the payments field trials is being used in the ITSO trials as well.

Friday, September 19, 2008

Could banks take the lead in ushering in NFC phones?

Innovative and aggressive banks are trying different approaches in the marketplace to break the deadlock that has stalled NFC mobile devices getting to market. Banks with strong acquiring/merchant and card issuing business have an incentive to deploy NFC mobile devices, while not waiting for the MNOs to show up. These approaches include:
  1. Bank sets up MVNO. e.g., Rabo Mobiel
  2. Bank issues / distributes NFC phones, might start off this journey by distributing NFC tags. E.g., Garanti Bank, Turkey. The user retains their MNO
  3. Bank subsidizes phones with separate secure element
Bank sets up MVNO and offers cutting edge financial services, including NFC phones. Example: Rabo Mobiel. Rabo Bank is a Dutch-based bank. Rabo Mobiel is a MVNO which offers value-added retail and financial products and services, in addition, to traditional telco services

  • Bank can offer subsidized phone with optimized features (e.g., SIM but no separate secure element)
  • To keep costs down, the phones offered by the MVNO would be basic no-frill devices. This may not appeal to early adopters or to niche audience
  • Bank may not have core competence in being a MVNO
Where could this work: Europe

  • MVNOs have been more successful in Europe
  • Smaller markets with reasonably homogeneous demographics
  • Aggressive banks could use this tactic to challenge incumbents
  • MVNOs have had a tough record in the US, as it is difficult to appeal to a broad enough range of audience to reach critical mass. After the events of this week, I do not see any US bank having an appetite for such risk

Bank offers bank-branded NFC phone (separate secure element), with the user retaining their existing MNO/service provider. An early variation of such an offering could be Garanti Bank, Turkey providing NFC tags to its customers

  • Bank has access to secure element on phone to provision cards...
  • Bank does not have to get into a MVNO business, which typically is not the bank's core competency
  • Bank can optimize the mobile device to suit its requirements
  • Phones offered by the bank could be basic no-frill devices, which may be rejected by the larger audience
  • Users not anxious to give up their existing phone as this is a personal device /statement
  • Bank issued phone may not be a good enough phone (neither fish nor fowl)
Where could this work: Asia

  • Users in Asia typically buy their own phones. This offering might appeal to the burgeoning value-conscious middle-class in China and India
  • A weak MNO in the US could work with a strong Bank and an open phone (did somebody say Android) to help MNO's sales and perception in the marketplace.
Bank works with device vendor (e.g., Nokia) to offer co-branded phone: Bank partners with device vendor to subsidize NFC phones (with separate secure element)

  • Consumers get choice of phone. No compromise in device features
  • Cost of separate secure element not passed on to the consumer
  • Would not work where consumers typically get their phones from their MNO (tied to a contract) as the MNO controls the BOM/configuration of the phone. E.g., US
Where could this work: Asia

  • Consumers buy their own phones.
  • Device vendor has better brand presence and distribution channels

Sunday, September 14, 2008

Trusted Services Manager (TSM): Does somebody have an edge

Gridlock in the NFC ecosystem is about the telco/MNO (e.g., Verizon) and the issuer/bank (e.g., BofA) jostling for control over 'their' customer. On the mobile device, the two verticals (telco and banks) clash. Until the control issue is resolved, NFC deployments will not make progress past the many well-publicized trials. Trusted Service Managers (TSMs) are seen as a way past this impasse. Much has already been written about this issue.

The usual suspects in any TSM discussion are Cassis, Venyon and Vivotech (in alphabetical order). There are others in this space as well. The question for today is, is there any one vendor or approach that has an obvious edge, and why?

Cassis comes from a SIM / OTA background, with a lot of their management coming from Gemalto and the like. Venyon is a JV between Nokia and G&D. Vivotech seems to have a more POS / retail merchant proclivity given their presence in the contactless reader space. From this 50K foot view of the landscape, there seem to be at least two approaches to address this space. One is to approach this from the mobile operator space. Given Cassis's and Venyon's background, they seem to be establishing the telcos as their beachhead. Given Vivotech's background and investors, acquiring banks (POS vendors) and retail merchants seems to be Vivotech's beachhead. It appears that the above divide seems to be extending into the TSM space as well.

In deployments where the telco drives the business case, folks like Venyon and Cassis might win the day. In deployments where the acquirers/merchants are pushing the business case, folks like Vivotech might win the day.

Not withstanding a simplistic two variable view of the world, what are your thoughts? Are there any other factors that will influence the TSM space? Which other vendor/industry might enter the TSM space?

Related Post: When selling shovels is more lucrative: Another look at TSMs 1 year later

Thursday, September 11, 2008

Ike in Houston and 9/11

I lived in Houston for about a dozen years, and have many friends there. My thoughts and prayers are with them and others, as Ike threatens the Greater Houston area. The news of Ike heading to Houston, and today being 9/11, was a sobering reminder that there are bigger and more important things in life than work and mobile commerce thoughts. My pardners in Texas, hope you stay safe and dry.

Tuesday, September 9, 2008

NFC POS Terminal deployments in the US

You can find a list of NFC/Contactless readers:

List of MasterCard Paypass readers near you
List of Visa PayWave readers near you

This will be a good resource for all of us to refer to.

PS: I have edited this blog as MasterCard and Visa are maintaining a comprehensive list of merchants accepting contactless cards.

Sunday, September 7, 2008

Merchant deployment of Contactless POS terminals in the US

What is the merchant motivation to deploy contactless payments in the US?

The oft cited reasons for merchants to deploy contactless payments are speed and convenience associated with total transaction time. Cash replacement is also cited as a reason.

Consequently, QSR (Quick Serve Restaurants) space, gas stations, convenience stores... seem to be the obvious targets.

What is the motivation for Office Depot, Best Buy... to deploy contactless POS terminals? What would the reasons be for grocery stores to upgrade their infrastructure to contactless? Is the standard equipment (POS terminal) upgrade cycle is sufficient reason for merchant to swap out for the new terminals?

Look forward to hearing your thoughts.

Monday, September 1, 2008

Books I am reading

  • Security Engineering by Ross Anderson, Wiley
  • Millionaire by Janet Gleeson, Simon & Schuster

Quote from Warren Buffett

If history books were keys to riches, the Forbes 400 would consist of librarians (excerpt from the Millionaire, Janet Gleeson, Simon & Schuster