Time for something a little different. The other week I had the pleasure of attending one of the ongoing Westminister e-Forums. These are a series of events in London where the various regulatory bodies that keep things working properly in the UK convene to discuss a wide variety of matters, in this case including Digital Payments and the risks associated with them. Although this is not wholly related to phones per se, it’s something that is worth keeping an eye on, particularly with the advent of Apple Pay in the UK.
Why should you be taking note of this subject, though? Well, with the recent massive uplift of purchasing being done online – either on laptops, tablets or smartphones, we need to make sure that the banks and regulators are all singing from the same hymn sheet.
As you can see in the above image, 59% of those surveyed were making purchases via their phone or tablet in the UK alone, with an additional 80% saying that they would also use a personal PC. So we are using the internet to buy stuff here in the UK quite a lot. I have never really had a bad experience with doing mobile payments as I normally use PayPal where it is possible, but there are certain retailers that don’t use PayPal – a prime example of this is Amazon. If you were like me, and you indulged in some Black Friday spending, then you can see the benefits of buying online. I mean, who wants to have a fight over a Blaupunkt TV in their local Tesco? Not me, for one. I would say that over 70% of my purchases are done via online payments.
So what happens when it goes wrong? Well, that is a tough one to explain, as at the moment we don’t really have a process in place of who we can get advice from, and trying to find the responsible party is like finding a needle in a haystack. Is it the vendor? Is it the banks that provide the funds, or is it the bank taking the funds? Nobody really knows, and for me that fact is now quite unsettling (I’ll be honest. It’s not disturbing enough to stop me from buying stuff online).
.
Well, the good news is that a system is going be implemented very soon that will hopefully solve this issue, amongst many others. It is called PSD2, which stands for Payments Service Directive version 2, and it will come into full effect in 2018 as it is a staged rollout. This will assign culpability to the companies using digital payments and has been designed to protect the consumer as well as the vendor.
The PSD2 will also be rolling out in similar forms across Europe too, meaning that regardless of wherever you buy the item in Europe, you are being protected.
The other major area that is becoming mainstream is the use of online banking apps, particularly for those people in the “millennials” age range. I, for example, have four online accounts. I don’t really go into the bank anymore, as I can see what is happening through the app on my phone. This is all brilliant, but there are loads of potential security risks associated with doing this. People’s phones can be very secure, but regrettably a lot of people don’t implement even the most basic of security options, meaning that it would be quite easy to bypass the banks current security settings if a person was so inclined. Once again, this is something that PSD2 will be addressing by changing how these apps use your credentials. The most likely change will be in the form of using biometrics for authentication.
There was a lot of discussion about the use of universal API’s to develop the apps that involve payments for services or goods. As you can imagine, this covers a very wide gamut of apps so the API needs to be very simple to implement, and as such it will require a considerable amount of development to make sure it is suitable for the use cases that we can currently imagine.
So all of the above is very cool, but what about this being used in the real world? We know that there are some very real issues that need to be overcome in order for a new method of payment to become established. This is something that we have only really started to see happen with our bank cards via the near ubiquitous “contactless payment”. The biggest issue I have found that is a lot of people either don’t know that they can use contactless or they have an inherent lack of trust that it is working correctly. Don’t get me wrong, we are now starting to see a lot more people using their contactless card in stores up and down the UK, however there is a massive difference in attitudes towards it.
Let me try and explain using a daily scenario I go through.
Almost every day, I travel to work on public transport into Glasgow. Now in order to do this, I buy a season ticket once a month. This ticket allows me to gain access to not just the train but also the subway system. A few months ago, I started to see that there was some strange yellow topped posts appearing near the entrance and exit of each of the stations. I was always wondering what it was that these were for, but I didn’t want to ask for risk of embarrassment. Because of this I just carried on and forgot about the yellow posts. I hadn’t given them a second thought for some time until I was in London and I was seeing them here as well.
Now for me to get around London for the covering of this event, I had to get the Tube a few times. This is a thing that fills me with dread, as I never know what ticket I need due to the zoning etc. (that, and the maze that is the London Underground). I queued with the masses of commuters to get my ticket from the machine and I must have added about 20 minutes onto each journey time. This was fine, as I had accommodated for this in my planning. However later on that day, I was enlightened as to what these “yellow posts” are actually for. You see, these are contactless payment points as well as being the place to scan your Oyster Card/paper ticket. On my return journey, I used these “posts” to scan on and off the Tube with my bank card, thereby paying for my ticket without the hassle of having to queue. Brilliant.
Now whilst I am aware that this is old news for Londoners, and may be dismissed out of mind by them quite easily, that is down to the fact that TfL used some very careful marketing via educational posters all over their network of stations, buses, etc. to show the travelling public how to use it. It’s implemented across all modes of transport and has become one of the more popular ways to pay in the Greater London area. It has achieved what the regulators refer to as ‘critical mass’ with regards to adoption. If you go to Glasgow, and were to try and use one of the “yellow posts” then although I am sure it would work, you will get some people looking at you with sideways glances. This is due to the fact that it is not known about up here at all.
Now let me try and circle back around to my point. How can something gain “critical mass” as a service, when it is unknown? Obviously the answer is that it can’t, so the first potential tripping point for any new payment method, be it digital or not, is getting the knowledge of its existence out to the user. Whilst this is important, there is the other side of the equation to consider, that of the vendor. I work in a retail environment (when I am not writing on this site), so I’m able to see the implementation of contactless payments from the vendor’s side as well.
Now would it surprise you to know that only about 1 in 10 of all our transactions are currently done via contactless?
Depending on which end of the country you are from, then this may be shocking or seem to be about right. Admittedly part of the issue is the maximum spend limit placed on contactless, but the other part is that we don’t talk about it very much and we have only recently implemented it on our terminals. The look of complete surprise tends to make me chuckle when you show a customer how to use it for the first time. Again, this is a common-day occurrence in London, especially in areas of commerce where the value of the commodity is low – think Starbucks, etc.
So we can conclude that the spread of a payment system is down to two things; the user knowing it exists, and the vendor suitably implementing it. But what about the elephant in the room… Trust.
I’m comfortable in doing online shopping and being able to do that from whatever device I have to hand. I cant quite place my finger on why, but I just am. My wife on the other hand, is not, even though she’s a prime candidate for using online shopping (she doesn’t drive, and we live in the sticks). She just won’t do it, due to distrust on the payment issue. It is quite simple: she does not trust it. So this is obviously an area that needs to be addressed. How does the industry build trust for the non “digital natives” out there? This was something else that was discussed in great depth at the event in Westminister. I believe that a two pronged strategy will be the best way of doing this, and I am going to draw on some examples that were provided by VISA of all people.
The first prong makes it worthwhile for the customer. Let’s be honest. We all like to get rewarded for doing things, especially when it comes to money Just look at the number of loyalty cards in your purse/wallet. So if you were to use a rewards scheme for using a digital payment solution via phone, tablet or laptop, etc. then you would be ‘gifted’ with either money off, or points in a loyalty scheme. I would wager that more people would use it.
The other thing is to make it easy and safe. So many of us may have tried to buy something online on our connected device to then stop at the point of checkout when you will be asked to “sign up” and provide passwords, bank details, stool samples and God knows whatever else. Why does it have to be so hard? Well, it comes down to how PSD is used to authenticate you, currently via two-factor authentication (either known as 2FA, or MFA for multi-factor authentication). Essentially, this involves two distinct things from the user, and is traditionally broken down into something you have, and something you know, or something you are. An example is when you take money from a ATM. You need to have your card, and also know a PIN. However in the “online” space it isnt that simple, so two-factor authentication becomes harder. Hence we’re now in the current situation of multiple bits of information being requested. PSD2 hopes to address this and make it easier by allowing the use of biometrics (this is the something you are bit) and similar technologies.
That wraps up what can be done to make things better with digital payments and how to help spread adoption. We still don’t necessarily know what the future may hold. Well, I want to leave you with an example of something being developed in collaboration of the IOT (internet of things) revolution. This example is a collaboration between Shell, Volkswagen and SAP to make it possible for you to pay for your fuel without having to leave your car. It is using IOT in the car, the pump’s geolocation via the car and pump, and secure digital payments solutions between the connected device and the petrol station. This may seem far-fetched, but I assure you that this is being tested right now in Hannover.
https://youtu.be/pXOz0b7cogU
Pretty cool, I’m sure you agree.
Thanks for reading this, and feel free to sound off, by leaving your own thoughts below.
This day was made possible by Dell, Find out more about Dell’s virtual desktop solutions.