MasterCard Pursues No-Touch Retail

Written by Evan Schuman
October 9th, 2005

MasterCard International Inc. Vice President Oliver Steeley is working to make contactless payment available to millions of Americans. Contactless payment is where a customer authorizes a charge to a credit card without the credit card being touched, often by using a key fob, a smart credit card or a chip embedded in something else (such as a cell phone or wristwatch).

The authorization is sent to a reader wirelessly, from which it is then communicated to a POS (Point of Sale) unit, which might be a significant distance away.

The major card companies?including MasterCard, Visa International Service Assoc., American Express Co. and Discover Card?are embracing contactless payment for its convenience.

Credit card firms are also working to make it easier for retailers to use contactless payment in all kinds of purchases, including small purchases where cash would typically be preferred.

But the initial credit card contactless offerings still require customers to present the card to make the purchase.

Steeley, MasterCard International’s vice president of wireless payment devices, said he envisions a much more convenient world in which almost anything can become a virtual POS and MasterCard can play a major role.

A customer walking up to a display for a new movie, for example, could point a payment-enabled cell phone at one part of the display and instantly order movie tickets; another part of the display might download movie-themed ring tones for immediate use.

These ideas are just drawing board concepts and are years away from deployment, but they allow a sneak peek into the thinking of one of the world’s largest credit card firms as it envisions a very different future.

Another scenario from Steeley would allow a consumer to take a picture on a cell phone, then tap the phone against a television to have it display the picture.

A video could be played through a home surround system. A phone conversation could continue while the consumer walks around the house, where a series of microphones turns a suburban colonial into the world’s largest speaker phone.

Developments like these are the next logical step for the contactless technology already in use, such as key fobs that automate a customer’s payment for cash at the pump (ExxonMobil’s SpeedPass) and a visor-based chip that can speed cars through a tollbooth without ever stopping (EZPass).

MasterCard said it wants to take a central role in expanding contactless payment. But, Steeley said, the first step might very well be ditching the credit card itself and giving that payment power to some other device, most likely a cell phone.

“People think of MasterCard as a credit card company. But the truth is that we’re about a payment brand and, in the future, we’ll be less about the card itself,” Steeley said. “The form factor issue is a crucial and critical one for the payments industry. Payments will be less about the cards and more about how devices communicate with one another.”

David Robertson, publisher of credit card analysis firm The Nilson Report, said he agrees that contactless payments are leading the credit card companies in the next logical change.

“This is confirming the evolution of this industry. Mastercard and Visa were the first U.S. credit card companies. Then they were international credit card companies. Then they were international credit and debit card companies,” Robertson said.

“At Visa, there are more debit card transactions than anything else. But people still think of them as a credit card company. With Mastercard, they still have more credit card transactions.”

There has been lots of talk about the security of contactless payments, raising questions about the actual distance required to read the devices and how much of that might be useful to thieves intending to steal either money or identities.

Steeley sides with those who argue that contactless payments are neither safer nor riskier than the magstripes on which current cards depend. Contactless cards are safer in some ways and riskier in others, but overall, the new model appears to be a security wash, he said.

The most frequently cited argument for the safety of contactless devices is that they never leave the customer’s possession. The counter argument is that thieves could theoretically read the data on a contactless card without the customer’s knowledge, which is quite hard to do with a magstripe card.

Streeley agreed with these arguments, but added that the MasterCard devices are set to be accessed from “zero to four centimeters maximum. You have to be pretty friendly to me to get that close to my phone,” he said.

Some laboratory tests have shown that some contactless devices can indeed be accessed from far greater distances than vendors claim. Steeley conceded that, but questioned how practical such data intercepts would be.

“These things are powered by the reader. According to the laws of physics, if somebody has an antennae four feet in diameter, that could [grab data] across the room,” Steeley said.

He added, though, that MasterCard is working with merchants and vendors to get as much of the data encrypted as possible.

Much of the purchase information is coded for one-time use, but cardholder identity data also needs to be protected.

One approach is making passwords required for transactions. “This way, I can lend you my cell phone so you can make calls, but you can’t buy coffee with it,” he said.

Another aspect of security that could be changed by these devices is physical security in places such as banks, taxicabs and high-security merchants.

Currently, for example, some will erect bulletproof glass to protect employees from thieves, but be forced to leave large spaces for the exchange of money or credit cards, punching a literal hole in the protection.

With contactless payments, those holes may no longer be needed. “Our contactless units can be read through inch-thick bulletproof glass,” Steeley said.

MasterCard is also experimenting with ways to enable and deactivate payment capabilities “in the same way that a mobile GSM [Global System for Mobile Communications] carrier can now update your SIMS setting,” Steeley said. “You lose the phone, you want the bank to be able to switch off the capabilities. I can switch the phone off for payments over the air the instant it gets lost.”

A survey MasterCard conducted earlier this year found that consumers would be comfortable making contactless payments using a wide range of devices in addition to cell phones, including wristwatches, normal cards, key fobs, half-sized cards and small cards that hang off key chains.

Cell phones were ranked the most popular and wristwatches the least popular, he said, but he stressed that all scored favorable comments from more than half of participants, in an area where MasterCard marketers said 33 percent was the break point for a form factor being considered viable.

Demographics played a strong role. Cell phone popularity “was skewed toward the male and the youth market” and watches were popular with “more men than women,” he said. The key fobs played well with the slightly older consumer and the traditional card was the favorite of even older consumers.

“This is all about consumer convenience, and that means picking form factors that are relevant to consumers’ lives,” Steeley said. “No one is going to buy a cell phone just because they can pay that way.”

Will contactless payments make a difference for companies like MasterCard? The Nilson Reports’ Robertson said he thinks so.

“Financial issuers and debit issuers today are swapping customers. Contactless could have a buzz or sexiness attached to it. That could make a user have a better feel for a Chase card versus an American Express or Bank of America car they have. And everyone in America who’s credit-worthy has more than one card,” he said.

“Contactless could be the differentiator. Debit cards started offering reward programs because they know the value of retaining their deposit customer. Contactless chips might be the differentiator between card A and card B. Then there are key fobs or watches?any form that creates a buzz. That’s where we are today. And Mastercard is right about cell phones being down the road.”

MasterCard sees 2006 having some limited public and market trials for cell phone payment units, with proximity payments going “mainstream in two to three years,” Steeley said. “Don’t cut up your credit card yet. You’re still going to need it for some time.”


Comments are closed.


StorefrontBacktalk delivers the latest retail technology news & analysis. Join more than 60,000 retail IT leaders who subscribe to our free weekly email. Sign up today!

Most Recent Comments

Why Did Gonzales Hackers Like European Cards So Much Better?

I am still unclear about the core point here-- why higher value of European cards. Supply and demand, yes, makes sense. But the fact that the cards were chip and pin (EMV) should make them less valuable because that demonstrably reduces the ability to use them fraudulently. Did the author mean that the chip and pin cards could be used in a country where EMV is not implemented--the US--and this mis-match make it easier to us them since the issuing banks may not have as robust anti-fraud controls as non-EMV banks because they assumed EMV would do the fraud prevention for them Read more...
Two possible reasons that I can think of and have seen in the past - 1) Cards issued by European banks when used online cross border don't usually support AVS checks. So, when a European card is used with a billing address that's in the US, an ecom merchant wouldn't necessarily know that the shipping zip code doesn't match the billing code. 2) Also, in offline chip countries the card determines whether or not a transaction is approved, not the issuer. In my experience, European issuers haven't developed the same checks on authorization requests as US issuers. So, these cards might be more valuable because they are more likely to get approved. Read more...
A smart card slot in terminals doesn't mean there is a reader or that the reader is activated. Then, activated reader or not, the U.S. processors don't have apps certified or ready to load into those terminals to accept and process smart card transactions just yet. Don't get your card(t) before the terminal (horse). Read more...
The marketplace does speak. More fraud capacity translates to higher value for the stolen data. Because nearly 100% of all US transactions are authorized online in real time, we have less fraud regardless of whether the card is Magstripe only or chip and PIn. Hence, $10 prices for US cards vs $25 for the European counterparts. Read more...
@David True. The European cards have both an EMV chip AND a mag stripe. Europeans may generally use the chip for their transactions, but the insecure stripe remains vulnerable to skimming, whether it be from a false front on an ATM or a dishonest waiter with a handheld skimmer. If their stripe is skimmed, the track data can still be cloned and used fraudulently in the United States. If European banks only detect fraud from 9-5 GMT, that might explain why American criminals prefer them over American bank issued cards, who have fraud detection in place 24x7. Read more...

Our apologies. Due to legal and security copyright issues, we can't facilitate the printing of Premium Content. If you absolutely need a hard copy, please contact customer service.