Would You Go Shopping To Your Bank?

Would You Go Shopping To Your Bank?
This week I saw the news that Bank Zachodni WBK in Poland, part of the Santander Group, “embedded an extensive m‑commerce marketplace into its mobile banking & payment application.” The users can log into their mobile banking app, and from there shop at a variety of merchants embedded in the application. According to the announcement, “the purchase is made with one click only and all user’s financial data is protected by the bank. Customer does not have to trouble with attaching multiple credit cards, remembering shops’ logins or learning their functionalities (all shops and financial services share one unified UI); a delivery address is already stored.” Poland is a very innovative market in payments, from being one of the leading markets on contactless POS penetration to working on solutions for payments directly from a bank account (e.g. IKO). This is yet another example of creative thinking in payments and commerce, and the bank should be applauded for its innovation efforts. But is this the right model? I can understand the attraction to banks: the opportunity to earn additional revenue while giving more reasons for your customer to use your app. It might make sense for the merchants as well. If payment is processed directly from a bank account rather than a card, they are likely to have lower costs. And one-click purchasing might increase the conversion rates, a crucial metric for success for online merchants. The big question is whether customers are prepared to view their banks as online malls where they go shopping across a broad range of retailers. What can such a bank mall bring over and above individual merchant sites? O2 Wallet in the UK has tried to build a similar mall, by enabling shopping at selected merchants directly from the wallet, but has recently shut down to re-think its strategy. Nectar, a multi-merchant loyalty scheme, also has partnerships with many online sites, including leading brands, such as Apple, Argos, Currys, Debenhams, and, until recently, Amazon. If the customer goes to the participating retailer’s site via Nectar website, they would earn Nectar loyalty points for their shopping. As much as I like my Nectar points, I can never remember to go to their website first; I either go to the merchant website directly or Google to find what I am looking for… My view is that such a model may work for small local merchants, which need help to be discovered and lack ability to build an online/ mobile presence themselves. Combining with a single sign-on, unique offers and one-click checkout you get a viable proposition. It is much more difficult to imagine a customer going to Amazon or another leading brand via his bank. Understandably, banks want to play a bigger role in the broader commerce, not just payments, and will continue to experiment with different models. Ultimately, it will be consumers and merchants that will determine what works best for them. What do you think is the right model for banks?

The Networks’ Support for HCE Breathes Life Into NFC Payments

The Networks’ Support for HCE Breathes Life Into NFC Payments
In my report on Top Trends in Retail Payments published a few weeks ago, I wrote the following paragraph: “Of course, doubts remain over HCE. For example, the payment schemes are yet to clarify on whether they will deem the security and performance of the technology acceptable. However, we view it as a positive development. Inexplicably, HCE was being described by some as the “NFC killer.” Yes, if successful, it might indeed kill the SIM-based business model (and have a negative impact on Trusted Service Managers), but it might actually breathe life into NFC and contactless payments.” The developments this week removed some of those doubts. Both Visa and MasterCard announced their support for Host Card Emulation (HCE) technology, paving the way for banks to offer NFC-based secure payments without relying on the secure element inside the phone. HCE reduces the need for banks and telcos to cooperate, thus helping overcome the business model challenge. However, approval and recognition from the networks was a critical pre-requisite to the technology’s success. Networks executives stressed that it is not an “either/ or” situation and they will continue to support the “traditional” SIM-based secure element solutions. As such, it doesn’t immediately change any of the established ventures, such as Isis, but it certainly makes it easier for others to take an alternative path. I would expect HCE to be important in Europe, which already is further ahead than the US in terms of deploying contactless terminals. European banks have been issuing contactless cards, and HCE will make it easier for them to make use of that infrastructure for mobile payments as well. Having said that, HCE technology is only available on Android, so iOS devices continue to be excluded from these developments at least for now. It will be interesting to see what Apple does in payments. I plan to publish a short report soon speculating on how Apple might enter payments more aggressively – keep an eye on it!

Weve and MasterCard Collaborate on UK Mobile Payments

Weve and MasterCard Collaborate on UK Mobile Payments
I’ve been following today various news reports about the announcement that Weve and MasterCard have partnered to drive forward contactless mobile payments in the UK. I am still hoping to speak to my contacts at the companies involved, but wanted to share some of my early thoughts. It is not surprising to see Weve, the JV between three leading UK mobile network operators (MNOs), pushing into payments. After getting approvals from the European authorities, Weve started with building out a “single point of contact” infrastructure for retailers and other parties to deliver marketing messages to consumers. However, it always had the ambition in payments, and after hiring David Sears, a seasoned payments executive, as a CEO, it was always only a matter of time before we would hear more about it. This seems like a significant win for MasterCard, although the devil will be in the details. All the indications are that this will be a “traditional” SIM-based NFC payments solution, but the announcements so far have been a little vague about the set-up and the role of various partners. The Financial Times and other sources reported that “under the terms of their agreement, MasterCard will provide technology and integration services to banks and financial institutions that use Weve’s payments platform.” What kind of “technology and integration services” will MasterCard be providing to banks? Who are the other parties involved, e.g. TSM services? Another question crucial to the success of any NFC initiative is how the business model issues will be solved, i.e. the commercial terms between banks and Weve acting on behalf of MNOs. Mobile Marketing reported Weve CEO saying that they now have a “‘commercial agreement’ with banks, via the MasterCard partnership. Banks will be able to plug in their existing payments infrastructure and pay for the service on a general usage rather than a percentage of transaction model.” This could potentially represent a breakthrough and fresh thinking in how banks and MNOs can work together. Weve is reportedly in discussions with many banks, although at this stage, no bank has yet announced its support or participation. Finally, most of the UK’s card spending is on debit rather than credit cards. Debit card spending is also growing at nearly twice the rate of spending on credit cards. According to the UK Cards Association, spending on debit cards in 2013 was £31.8bn which grew by 7.2% since 2012 compared to £13.7bn and 3.7% respectively for credit cards. MasterCard’s strength in the UK is in credit cards, whereas Visa leads in debit. To succeed, Weve needs to ensure all major networks, including Visa and American Express, are eventually part of its ecosystem. At this stage, there are still perhaps more questions than answers to the outsiders, but it is certainly a welcome development in the UK mobile payments market.

Of Apples and Banks

Of Apples and Banks
Zil’s most excellent post about his recent experience with a new payment type highlights one of the challenges that all new systems face – they’ve got to work “out of the box”. Few people (including Mrs Zil!) would have been so patient. That reminded me of a recent conversation Zil & I had around iPhones, and more generally Apple. Last year Zil swapped his iPhone for another leading brand of smartphone, for a variety of reasons. But he’s almost certainly going to be swapping back, primarily because the iPhone works “out of the box” with other things he has. That phrase again. The Apple ecosystem works well together, and, for most people, life is far more straight forward by sticking to just Apple products. I think we forget sometimes that this is perhaps the single biggest differentiator for Apple. The total picture is more thought through and designed than most others. For example, many people don’t realise that Apple weren’t the first to market with the mp3 player. They were 3 years behind the first, and still after Intel (yes, that Intel!), Sony, Creative, and Bang and Olufsen. Nor was it the best (and arguably still not) in terms of features and functions. But it came with iTunes which consumerised the process of managing music – and more importantly, the buying of music, seamlessly. iTunes, for the advanced user such as me, is a real pain. Not only does it not provide the functionality I require, but it struggles with the (atypical) size of my music collection. But I still use it, because it works with my ecosystem more broadly and that offsets the deficiencies. So what’s the point of this post? I think a couple of things stand out for me. Apple are rumoured to be moving into mobile payments. The issues Zil faced will almost certainly be overcome by Apple, because of their approach to things. Equally, we can expect that it’ll be far broader and better thought through service than many offerings. And as a result, whilst it may not be the best service, it’ll probably get traction quicker. Secondly, the other take-away for banks for me is not to rush innovation, but to get it right, and to seek to how to make it a more seamless service. One positive thing as a result of being an analyst is that my bank has now provided me with a relationship manager, who can highlight to me a range of services, and is “just a phone call away”. Amazon and Apple are remarkably accurate in suggesting things I might like to buy. Not only does my bank not do it, (and I think they must have a “lucky dip” approach to the mailshots they send me!) but rarely is my relationship manager or bank manager empowered to do even start the sales process, even for something as simple as getting a credit card. This isn’t about omni-channel in terms of technology, but omni-channel in terms of customer. As a customer, I don’t care whether it’s a different part of the bank that the product is coming from – if has the same bank logo on, then too me it’s the same people. Some banks have lost sight of the old adage – it should be easy to buy, not easy to sell.

The Challenge of Making Mobile Payments Work at the POS

The Challenge of Making Mobile Payments Work at the POS
This weekend I paid with PayPal in the physical store. There are a handful of stores in the UK that now accept PayPal payments, and while I’ve seen the demos, this was my first time to actually go through the process myself. And I have to say, it’s not something I will be looking to experience in a hurry again… The good news: the payment worked, first time. Which is more than what I can say about my NFC experiment with QuickTap wallet from Orange (EE) and Barclaycard. There, my experience has been very inconsistent – sometimes it works like a dream, other times it doesn’t work at all. The worst is when it’s not even clear if it worked, and at least one of us, either me or the merchant, is left scratching our heads if we ended up short-changed, either by paying cash or card or by assuming the payment did go through. None such problems with PayPal – the payment went through and I got instant acknowledgement of the transaction. The bad news: it took forever, and required perseverance and patience on all parties. Luckily, there was not a queue behind, I was determined to do it and the cashier was curious and willing to go along with me. I was prompted to pay by a sign “Pay here with PayPal” (or something to that effect), which is how it should be – clear signage at the till that a particular payment method is welcome here. Frankly, I am getting tired having to ask if the merchant would take my Amex card, as often there is no sign of what types of cards are accepted anywhere near the till, which is where it is most useful. My cashier had no idea what either of us should do for me to pay with PayPal. Luckily, her manager was around and he was able to direct both of us. That is something I highlighted in my report on NFC lessons learned equally applicable here – merchants should train their front-end staff, not just managers. The first step was to fire up the app and log in. Now, this is my fault – I haven’t set up a PIN on my PayPal account, so had to type in my full email and password, which seemed a very cumbersome thing to do on the phone. PayPal supports an easier option, and even “Remember me” feature, which would bypass the requirement to log in altogether, although I am not convinced I would want to do that for security reasons. Then I had to find the shop to “check-in” for payment. The shop was called Blacks, an outdoors retailer, but did not seem to be on the list of local retailers. I saw in the app corner “an ad” that “PayPal is now accepted at Blacks” and clicked on that. However, according to the list the nearest shop was miles away. At this point, the manager said, “Oh, we used to be called Millets, so we are probably still under that name.” He gave me the specific address, and sure enough, I found that particular Millets store on the list in the app. Strangely though, according to the app, the store was apparently 1.6 miles away, even though I was standing right in it… Another lesson: if you are providing a list of retailers accepting your solution – certainly a good thing to do – make sure it is up-to-date and the geolocation works properly. Having found the store, I was ready to “check-in” and having waited for the app to process the request, I received a bar code and a long number. The cashier said I had to type in the number into their terminal. I thought they would just scan the bar code, but apparently they couldn’t, so I ended up typing in a long (if I recall correctly, 10-digit) number into the POS terminal. After another long delay (the cashier: “wait, wait, it’s doing something!”), the payment went through and I was done. Much of the delay was down to general slowness – every step seemed to take ages to move to the next level. I can only assume it was because I was on a 3G connection; presumably, a Wi-Fi or a 4G would have solved much of that problem. Throughout all this, my wife was patiently standing by my side with a puzzled expression on her face. Finally, she asked a very sensible question: “Why?” Indeed, why go through everything I just went through – a painful log-in to the app, finding the store you are already in, waiting for the app to respond, typing a long code into the POS terminal, and more waiting when I could have just inserted my chip and PIN card into the same terminal slot and be done in seconds? After all, my payment ultimately will come out of the same card I would have used anyway. To be honest, I didn’t have a good answer to my wife’s question. The most obvious and immediate benefit is that I didn’t have to use my card at the merchant, which after Target and other data breaches would be a legitimate, although probably still not strong enough argument in the US. Because of EMV, here in the UK, that argument is even weaker. I know the vision is that I will be getting local and unique offers, etc., but again, there are and will be other ways for me to receive those offers, including linking them directly to a card. Digital receipts? Definitely not worth the extra hassle, at least for me personally. Now, I have to make one thing clear – I have a lot of respect and admiration for PayPal. As I discuss in my recently published report on Top Trends in Retail Payments, in my view, they have made probably the most progress of all the open digital wallets. They get what it takes, and they have most of the ingredients to be successful. The fact that even they struggle to deliver a superior customer experience is not a slight on PayPal, but simply demonstrates the scale of the challenge for the industry. Despite all the challenges in delivering it consistently, when and where it works, contactless “tap and go” experience is at least as good as a regular card transaction. Contextual payments, which are seamlessly integrated directly into retailers’ or service providers’ mobile apps, with which I can meaningfully engage to receive a service (e.g. hail a taxi), definitely make life easier. And “push” payments directly from a bank account (e.g. Zapp) at least give me something different (e.g. increased control over the transaction – view the balance before paying, etc.) Mobile payments certainly have a future, but they have to do much more than add a complex front-end to a card transaction. Otherwise, my wife won’t be alone in asking “why?”

Top Trends in Retail Payments: A New Celent Report Is Out

Top Trends in Retail Payments: A New Celent Report Is Out
Last week we published our annual report on Top Trends in Retail Payments, which looks back at 2013 and calls out the main themes to watch for in 2014. In 2013 we observed interesting developments in each of the four dimensions defining the battleground for mobile payments – see the chart below. Starting with customer interface, we are seeing the rise of mobile apps from retailers and service providers. These apps focus on adding a digital layer over service provision with seamlessly integrated payments capability. We call this trend “contextual payments” – recognising that customers engage in a broad set of activities and ensuring they are able to pay in any context, while acknowledging that the actual service provider is likely to offer a richer digital experience and customer interface than a generic open payments wallet. Trends chart One of the effects of contextual payments is the increased willingness of banks to consider enabling all types of payments directly from the bank accounts rather than cards, either by building “push” solutions or deploying APIs to expose banking services and enable account access from retailer and other apps. While there has been no breakthrough in the adoption of NFC-based contactless payments in 2013, the emergence of host card emulation (HCE), might just breathe life into NFC and contactless payments by enabling banks and other providers to host credentials in the cloud while making use of the phone’s NFC interface but bypassing secure element owners. However, in our view BLE and Beacons will play a much more important role in marketing than they will in payments. Celent clients can download the report here. If you are interested in hearing me discuss these and other trends in more detail, please join me for a webinar on February 13th – more details here.

Trusting a Retailer with your Payment Credentials

Trusting a Retailer with your Payment Credentials
For some time now I have been talking about importance of payment acceptance in the digital world. I have been arguing that, by implication, in the war of digital wallets, there can be no single winner; the contexts in which consumers need to pay have become so diverse, that no single solution can hope to cover all bases. As a result, we are seeing the proliferation of open digital wallets. We are also observing the emergence of apps developed by retailers, restaurants and other service companies which focus on adding a digital layer to their primary service (i.e. shopping, serving food, hailing a taxi, etc.) with payment capabilities embedded within the app. I call this “contextual payments”; the concept is discussed in more detail in my upcoming annual report on Top Trends in Retail Payments. There are different ways how a service app (e.g. retailer’s app) can call on payments capabilities. One of the simplest ways is to ask the customer to provide and store their payment credentials (e.g. card, bank account, etc.) at the time of registration – think of Amazon and their “one-click” purchasing. In this case, a customer has to trust the service provider that their payment credentials will be stored safely and securely. That trust has just had a few big knocks. In December, Target, a large retailer in the US announced a data breach, and the latest estimates are that over 100 million customers have been affected. This was followed by a smaller-scale data breach announcement from Neiman Marcus, and apparently, there are a few other retailers that haven’t gone public yet. Debates are going on now about the impact on the industry and the effectiveness and relevance of EMV, PCI and other measures in reducing the risk of such attacks. These debates are obviously important, but another issue fundamental to the success of mobile payments is the trust that customers have (or don’t) in various third parties asking for their payment credentials. I know people who refuse to open a PayPal account, as they are not willing to trust the company with their cards details, let alone bank account numbers. News from Target, Neiman Marcus and others can only do further damage to that level of trust. No wonder banks and schemes have started work on tokenization standards; tokenization by itself won’t be the answer to all the problems, but it’s a step in the right direction. The big question is what it will take to convince customers to trust mobile payments and companies that enable them.

Improving Security of Mobile Payments

Improving Security of Mobile Payments
A couple of weeks ago the European Central Bank (ECB) published a draft document for public consultation on Recommendations for Security on Mobile Payments. These recommendations were developed by the European Forum on the Security of Retail Payments, SecuRe Pay. This document follows similar recommendations for internet payments, and for payment account access services. Creation of standards and guidelines around payments is always a good thing, and that applies to security in mobile payments. However, the ECB is careful not to “set specific security of technical solutions. Nor does it redefine, or suggest amendments to, existing industry technical standards.” In my view, this is absolutely correct – mobile payments remains an incredibly diverse and rapidly developing landscape, and to attempt to impose specific security requirements on all of them would be a mistake. Instead, ECB focuses on five guiding principles for mobile payment service providers:
  1. Identifying, assessing and mitigating the specific risks associated with providing mobile payment services.
  2. Using strong customer authentication and registration controls.
  3. Implementing a robust data protection mechanism to protect sensitive data wherever it is transmitted, processed or stored.
  4. Implementing secure processes for authorising transactions, as well as robust processes for monitoring transactions and systems
  5. Engaging in enhancing customer understanding and providing information on security issues related to the use of mobile payment services with a view to enabling customers to use such services in a safe and secure manner.
Most banks already have policies and processes to manage operational risk, conduct risk assessments, monitor and report incidents, etc., so for most it shouldn’t too challenging to incorporate these requirements into existing practices. The biggest challenge for them is likely to be ensuring that their partners also follow these guidelines and take appropriate security measures. However, again, banks are already responsible for managing risk emanating from third party relationships. On the other hand, the risk management framework and requirements set out in these recommendations is likely to require investment from start-ups and other new PSPs over and above what they might be doing today around security. At least on the surface, one of the potentially more onerous provisions appears to be the requirement that PSPs and mobile payment services providers implement a notification procedure in the event of security incidents. In reality, it will depend how this will be implemented. Somebody needs to be aware of all security incidents, but most providers have or will develop escalation mechanisms and reporting structures to determine who needs to get what information when. So, could these measures be the key to widespread uptake of mobile payments? I don’t think so – security is a must have rather than a positive incentive. In other words, lack of security would be a significant barrier to customer adoption, but security alone will not lead to an increased adoption – you need more tangible elements of customer and merchant value proposition and a workable business model across providers for that. To the extent that these proposals will help educate consumers and address their concerns around security, they will be useful. And if they are effective, they will play an “invisible role” by helping to prevent and manage security incidents, thus minimizing the barriers for customer adoption. I think most mobile payments providers are already taking security seriously. However, as we at Celent always say, there is usually a tradeoff between security and usability. And even the best security will not be able to prevent incidents entirely. Hence, the ECB is absolutely correct to focus not just on ensuring that incidents are minimized, but also on risk management framework and on what needs to be done when bad things do happen, as they inevitably will.

Isis Launches Nationally In the US

Isis Launches Nationally In the US
Today Isis, the NFC-based mobile wallet, has announced its availability across the US. After all the setbacks, Isis must feel very proud today being able to launch nationally. However, it doesn’t mean that the road ahead is going to be without challenges. The launch really means a national availability of handsets at the operators; it does not mean national acceptance, which is going to remain the biggest stumbling block, largely outside of the operators’ control. And while EMV will help drive change in the acceptance infrastructure, the process is going to take time. With PayPal also making its new wallet much more widely available as a result of its partnership with Discover, the competition for mobile payments at the POS is heating up. And I am sure, MCX will want to have a say in what wallets will be accepted at their participating merchants, as it seeks to provide a consistent payment experience to their customers and merchant employees. Participation of issuers and ability for consumers to add their cards to the Isis wallet is another challenge. Capital One is no longer taking part in the rollout, so Isis is left with only two issuers, American Express and Chase. The new wallet features a re-designed user interface, which highlights the importance of the user experience. Even if the product is functionally rich, it won’t succeed in the market if the user experience is cumbersome. Perhaps the biggest coup for Isis lately has been its partnership arrangement with Amex Serve. Not only it enables those that do not have Amex or Chase credit cards to make use of an Isis wallet, it also gives the wallet more versatility. Through Serve account, customers can send money to their friends (P2P) or pay bills online; they are no longer limited to only physical POS transactions via NFC. Integration of offers, such as with Coca Cola, Jumba Juice and others, into the wallet experience is another important feature. After all the hard work, the Isis team deserves congratulations for reaching such an important milestone. Getting the customers to adopt and use the wallet and transactions flowing through the system must be the next goal.

Recapping Future of the Bank Account Roundtable

Recapping Future of the Bank Account Roundtable
We just assembled a group of UK retail bankers for a discussion on The Future of the Bank Account. Against the backdrop of the month-old implementation of the directive that bank switching be seamlessly completed in seven days , banks were keen to understand the implications of changing consumer needs and behaviors, evolving regulations, and new competitors. Celent see a consumer’s bank account serving three main purposes:
  • Receiving funds (money in)
  • Storing and Managing funds
  • Paying funds (money out)
We were interested in exploring how these key functions might evolve and what banks need to do to respond. The group crystallized three key notions central to making tomorrow’s bank account a success:
  1. Trust
  2. Perceived fairness
  3. Value added services
Customers must trust their primary account provider to keep their money safe and to do right by them.  The opportunity lies, though, in not avoiding breaches of trust, but in seizing the opportunity to do the unexpected right thing – going above and beyond to earn customer loyalty.  Trust also implies transparency: being upfront with your customers about how you’re going to deal with them, and demonstrating the value that you provide. It’s all too easy for customers to take for granted something marketed as “free.” Banks need to do a better job demonstrating that there is actually a lot of value in a “free” banking account (which is admittedly much easier said than done). The psychology of retail consumers generated a good discussion, particularly around the notion of fairness, which in the end comes down to perceived fairness.  Tied closely to trust, fairness means that consumers have to feel that they are being treated the way they deserve, not in a series of one-off transactions, but in the context of a continuing relationship. Finally, because bank accounts (and payments, the most salient feature) are, by and large, commoditized, the opportunity for differentiation comes from value added services.  Still nascent, most of these services will revolve around relationships and data (in one form or another). Banks will need to determine what their portfolio of value added services will be. In conversation there was a clear belief that proponents of the seamless switching scheme, and the potential idea that bank account numbers be make portable if not enough people start to switch banks, may fundamentally misunderstand people’s relationship with their bank. In mandating that everyone have access to a free account, regulators may have inadvertently made it harder to compare accounts on an apples-to-apples basis.  Additionally, banks face the challenge of serving these accounts in a cost-effective way, no small task. Inertia is an extraordinarily powerful force in personal financial services; getting people to change banks or the way they do things with their bank is hard.  However, the right value added services might be enough to persuade consumers to switch banks, although the jury is still out.  The challenge that many new payments schemes face is, “why is this different than simply tapping your card.” There was some belief that success and failure will be determined at the bricks and mortar side of the bank, rather than through digital channels. Many would dispute that notion; they next few quarters will give us an indication of whether that’s true. Clients who’d like to explore this further can read Zil Bareisis’ report, The Rise of the New Bank Account?