Evan Schuman's StorefrontBacktalk

Put another way, Visa wants the core mobile transactions to be running over the Visa network, with the security under the control of the card brand. All mobile players—including Google, Apple, PayPal and ISIS—would then pay rent, if you will, to Visa. Hence, Visa is acting as landlord.

Google, however, has something else in mind. It wants the security and main data-crunching functionality to reside in—and be dependent upon—its Android phones. It controls the environment, and everyone has to work through Google to get access to those consumer transactions. Hence, Google will be the landlord.

“Google’s approach is to be the landlord and be the wallet and manage the secure element,” Vanderhoof said. “Google will set the rules for who is going to have access to the secure element.”

In that light, Visa’s move is quite clever. While improving payment security, it’s pushing retailers to upgrade hardware right away and to therefore make it that much easier for mobile transactions to run over the existing network. Indeed, Visa could argue its new EMV-enabled dynamic values approach will make Google’s secure element much less of a differentiator. Would it make it irrelevant? Probably not, but it would certainly blunt its value-add. And it’s all done while making a move that security advocates have begged for for years. Not bad.

Google spokesperson Nate Tyler wouldn’t comment on the Visa-Google interactions, other than to say, “We believe the variety of players in this market speaks to the promise of mobile wallets.”

Gartner Security Analyst Avivah Litan said she also sees the move as supporting a more Visa-friendly mobile reality.

“Rather than spend the money issuing new smart EMV chip cards to their customers, the issuers can rely to a large extent on consumer-owned mobile phones that are capable of transmitting NFC-based EMV payments. This will enable the card issuers and Visa to compete much more forcefully in the mobile-payments world and not necessarily have to concede market leadership to non-bank players like Google and Apple,” Litan said. “The latter companies can benefit from the merchant terminal hardware upgrades done for Visa EMV payments. But if they use different, non-EMV payment instruments and standards, they will have to figure out the complex logistics and incentives involved in activating merchant payment terminals with their own message formats and routing the payments to their own payment ecosystems.”

Getting back to the PCI changes from Visa, one drawback to the move is that removing responsibilities surrounding Visa transactions does little good unless MasterCard and, to a lesser extent, American Express and other card brands join in. As a practical matter, though, MasterCard and Amex have little reason to fight such a move and are almost certain to join before the Visa deadline.

MasterCard spokesperson Seth Eisen said the brand is considering its options. “To date, consumer demand and market economics have not justified a migration in the U.S. We are helping our customers understand what the implications of EMV and other technologies in the U.S. would be,” Eisen said. “Any migration must take into account all customer and consumer interests if a collective effort is to be successful. Obviously, Visa’s decision will impact market direction and we will continue to consider our actions accordingly.”

Eisen also added the obligatory mom-and-apple-pie comment: “MasterCard remains focused on working with issuers and merchants to drive electronic payments forward, maximizing investments in security and fraud prevention to enhance the value, integrity and the global interoperability of our network.” (No need at all to thank me for sharing.)