Amazon Eyes In-Store Payment

Written by Evan Schuman
November 4th, 2009

What do Amazon execs have in store for their company’s new PayPhrase payment system? Apparently, in-store itself.

The service today is an interesting means of allowing consumers to, in effect, subdivide their payment authorization so that a child or an employee can make purchases, but with specific dollar limits and related controls. It also allows consumers to have different addresses (home, work, the in-law residence where the holidays will be spent, etc.) associated with different phrases and potentially different payment methods (the corporate credit card for office deliveries, a personal card for home, etc.). But Amazon’s vision for PayPhrase goes beyond online; it includes mobile and, especially, in-store options, said Matt Williams, the general manager for Amazon PayPhrase.

“We want [PayPhrase] to be used anywhere they want to pay, anywhere a customer happens to be,” Williams said, although he declined to say whether it has been seriously discussed yet with any major brick-and-mortar retail chain.

As retailers struggle to explore payment alternatives, the idea of bringing such a third-party online service into the checkout aisle isn’t so far-fetched.

PayPhrase is part of Checkout By Amazon, a payment service that allows the various retailers to accept it rather than payment cards. Those retailers benefit because they never have to house any data-breach-inducing payment data. Among the retailers Amazon typically touts as using its Checkout By Amazon service are DKNY, Jockey, Patagonia,, J&R Electronics and Car Toys.

By allowing a customer to confidentially communicate his PayPhrase and password (presumably by keying it in, as even whispering the words would present a huge security risk), chains may get help dealing with both interchange issues (if, for example, PayPal or another alternative payment method was ultimately paying) and PCI concerns (with far less data housed, there are far fewer regulatory concerns. And if the chain ever went entirely Amazon, it could theoretically ditch PCI altogether).

But there may even be a simpler route. The very nature of PayPhrase is ideal for mobile payments, and Williams confirmed that it will soon be on Amazon’s iPhone app and then likely on its BlackBerry app. “We don’t have it available on the iPhone app, but we will certainly have it available on the iPhone app in the future,” he said. When asked about BlackBerry, he said, “We’re certainly looking at both.”

It’s not hard to envision consumers using PayPhrase to authenticate a purchase and then simply have their cell phone interact with the POS (either by the phone displaying a barcode that may be swiped or a direct POS communication).

PayPhrase itself operates on different security levels. When accessed remotely, it relies on the phrase and the PIN and can perform purchases. To access administrative options, such as reviewing all of the account’s PayPhrases, the system needs to see a cookie for a third authentication. That means consumers must be using their main computers.

Neel Grover, the CEO for, said he envisions a time when his E-tail firm may partner with a brick-and-mortar shop to give physical distribution points. Whether or not using PayPhrase in-store is a near-term possibility is a very different issue, he said. “There can be a big gap when crossing the chasm of in-store” from online, Grover said, adding that having consolidated payment methods will prove crucial. Still, he added, “you want to tackle what the stores are ready for.”


Comments are closed.


StorefrontBacktalk delivers the latest retail technology news & analysis. Join more than 60,000 retail IT leaders who subscribe to our free weekly email. Sign up today!

Most Recent Comments

Why Did Gonzales Hackers Like European Cards So Much Better?

I am still unclear about the core point here-- why higher value of European cards. Supply and demand, yes, makes sense. But the fact that the cards were chip and pin (EMV) should make them less valuable because that demonstrably reduces the ability to use them fraudulently. Did the author mean that the chip and pin cards could be used in a country where EMV is not implemented--the US--and this mis-match make it easier to us them since the issuing banks may not have as robust anti-fraud controls as non-EMV banks because they assumed EMV would do the fraud prevention for them Read more...
Two possible reasons that I can think of and have seen in the past - 1) Cards issued by European banks when used online cross border don't usually support AVS checks. So, when a European card is used with a billing address that's in the US, an ecom merchant wouldn't necessarily know that the shipping zip code doesn't match the billing code. 2) Also, in offline chip countries the card determines whether or not a transaction is approved, not the issuer. In my experience, European issuers haven't developed the same checks on authorization requests as US issuers. So, these cards might be more valuable because they are more likely to get approved. Read more...
A smart card slot in terminals doesn't mean there is a reader or that the reader is activated. Then, activated reader or not, the U.S. processors don't have apps certified or ready to load into those terminals to accept and process smart card transactions just yet. Don't get your card(t) before the terminal (horse). Read more...
The marketplace does speak. More fraud capacity translates to higher value for the stolen data. Because nearly 100% of all US transactions are authorized online in real time, we have less fraud regardless of whether the card is Magstripe only or chip and PIn. Hence, $10 prices for US cards vs $25 for the European counterparts. Read more...
@David True. The European cards have both an EMV chip AND a mag stripe. Europeans may generally use the chip for their transactions, but the insecure stripe remains vulnerable to skimming, whether it be from a false front on an ATM or a dishonest waiter with a handheld skimmer. If their stripe is skimmed, the track data can still be cloned and used fraudulently in the United States. If European banks only detect fraud from 9-5 GMT, that might explain why American criminals prefer them over American bank issued cards, who have fraud detection in place 24x7. Read more...

Our apologies. Due to legal and security copyright issues, we can't facilitate the printing of Premium Content. If you absolutely need a hard copy, please contact customer service.