Blog article
See all stories »

Will we still be paying with online with cards in 10 years

Even back in the 1990s when ecommerce was in its infancy, there were always other ways to pay. It’s just that they were rubbish – inconvenient, fraud prone and slow. You could mail a cheque or cash, wait for days and risk being defrauded by an unscrupulous merchant. It was no real surprise that with its universal deployment and its established dispute resolution system, the card payment system dominated payments in ecommerce. They simply were the best available method and rapidly they became the way in which trade on the internet was performed.

But let’s not fool ourselves that card payments are well adapted to usage online. Devised originally to operate in a paper environment, they were upgraded to work with a magnetic stripe and subsequently squeezed via mail order and telephone order processing into an online environment. It was always a bit difficult to use a card online. Typing in a 16 digit account number, a 4 digit expiry date and a 3 digit card verification value, none of which the user can possibly remember is a fairly long winded process. Oh, and then you have to enter your billing address and make sure to distinguish it from your mother’s address if you’re sending her a present. We became acculturated to these processes, but they were never convenient.

And card payments were vulnerable to fraud: at first the fraud risk was due to criminals misusing card numbers during the transaction process and (and let’s not fool ourselves about this) it was also the exploitation of the generous chargeback rights granted to customers which, in effect, allowed then to deny participation and be believed – so-called first party fraud. To address this, the card schemes implemented better fraud prevention measures; Verified by Visa and MasterCard SecureCode have been broadly deployed. But there was a cost in further inconvenience for the cardholder. But still customers complied – they wanted to buy on line and there really was not a practical alternative.

The nature of the fraud changed, rather than trying to compromise the transaction, the criminals realised that they could harvest industrial quantities of data by hacking the databases where card details were stored. Attacks were launched on retailers and processors. Literally hundreds of millions of card numbers were stolen and misused in these attacks. The card schemes once more moved to address the issue and devoted significant resources to the implementation of PCI-DSS (the Payment Card Industry Data Security Standard). This has placed a massive burden on the merchant community. The costs of implementing PCI have been estimated to run into billions of dollars.

It was certainly possible to devise a payment scheme which doesn’t suffer from these systemic issues, which doesn’t leave traces of data valuable to a fraudster as a by-product of making a legitimate payment. And security doesn’t necessarily mean inconvenience either. Over the years lots of different systems were devised.

But the problem wasn’t building a better mousetrap, the problem was getting enough people to make a beaten path to your door. The thing about payments is that they are a networked good. Despite the inconvenience, the really valuable thing about a payment system is the number of users that it has. Without lots of consumers, there’s no point in a merchant deploying. And without lots of merchants there’s little incentive for a merchant to adopt.

But there are a couple of straws in the wind: In the Netherlands, cards are now a minority of ecommerce payments. There the payment system iDeal accounts for more than 50% of all ecommerce. How were they able to get ubiquity? For the Dutch, this was achieved since iDeal is a bank operated scheme and all the major banks in the Netherlands simply decided to participate and equip their consumers with the facility.

For PayPal it was a lot harder, they literally had to bribe consumers to come onto the platform. At first PayPal offered each user you adopted their product $20 every time they recruited a new user, later reduced to $10, then $5 and finally dropped. Crude, yet effective. And now PayPal has more than 230 million accounts and a survey by has found that “PayPal is a more preferred method of online payment than credit cards for consumers in Europe and the Middle East”. That’s something to put a shiver down the spines of Visa and MasterCard.

Whilst Visa and MasterCard are still the web’s favourite way to pay, without solving their convenience problem will they still be in 10 years time?


Comments: (12)

Nick Collin
Nick Collin - Collin Consulting Ltd - London 12 December, 2011, 10:07Be the first to give this comment the thumbs up 0 likes

Nice article Jon.  I agree that the card payments industry has been slow to establish a secure and convenient solution for e-commerce payments.  I think the answer lies in a combination of VbV/SecureCode with Remote Chip Authentication - "Chip and PIN Online" - perhaps made easier with Display Cards.  But whether that will prevail in 10 years time - who knows?


For an interesting discussion about this topic, see 

Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune 12 December, 2011, 10:15Be the first to give this comment the thumbs up 0 likes

Credit cards surely involve the friction of the payer having to enter 80+ characters to complete a transaction. However, some of their benefits to the buyer - ubiquity, realtime authorization, no-questions-asked-revocation-rights, rewards and fraud protection - still remain unmatched by most alternative payment methods.

TapBuy, PayPal, Zong, Google Wallet and others are what I'd call "alternative frontend payment methods" that eliminate credit card friction by asking the shopper to enter PIN, password and other far more convenient surrogates of card details but still use credit card rails to process transactions. 

In 10 years, I predict that credit card rails will continue to power a majority of online transactions on the backend but the plastic form factor of credit cards might give way to such alternative payment methods on the frontend. In other words, credit card accounts will continue to be around, banks and Visa / MasterCard will continue to make money from their credit card lines of business, but payers might reach out for their mobile phones more often than plastic cards to make online payments.

A Finextra member
A Finextra member 12 December, 2011, 10:24Be the first to give this comment the thumbs up 0 likes

The convenience problem has been around for over a decade. If Visa and MasterCard don't improve their approach significantly, they will no longer be a favourite way to pay on the web in 10 years time.

Along with iDeal and PayPal, innovation in the mobile space should begin to provide the ubiquitous internet payments mechanism that consumers seek.

A Finextra member
A Finextra member 12 December, 2011, 14:06Be the first to give this comment the thumbs up 0 likes

Paying with my mobile phone ? No thank you, not for me, not within the next decade ...

IT security on mobile phones is crap, malware for smartphones currently experiences explosive growth, Android is already called the "new Windows" in that regard. But make no mistake, iPhones are vulnerable too ...

My good old credit/debit cards are much smaller and much more convenient than my smartphone, and they do not need a charged battery to function. Also, some nice tricks (like chip and PIN) have been implemented in recent years to make those cards more secure. 

On the server side, security is pretty easy to achieve when using those platforms that served the payments industry very well for decades. Those servers have never been hacked. The hacking examples given are from companies that were penny-pinching on their payments platform and did settle for vulnerable IT gear ... 

John Dring
John Dring - Intel Network Services - Swindon 12 December, 2011, 16:57Be the first to give this comment the thumbs up 0 likes

Nice Blog.  On the money, so to speak.

The incumbents have had 50-100 years to refine their processes, and as a result have economies of scale and knowledge and understanding of risk management. But they need disruptive changes to shift 'the old ways' and become more convenient.

I agree that Chip+Pin is pretty good, for retail transactions. Quick and ubiquitous. NFC transaction capture will have to be special to make it better (the 2way capabilities must be used well). But online is still clumsy and that's what we're talking about here.  I think there is every possibility that 'paying by phone' is going to evolve and mushroom, and that paying with some online 'wallet' will be the norm.  The rails may remain the same, but the wagons are changing.  And then there is Direct Carrier Billing - for those relatively few online sites that account for 80% of online commerce with smaller transaction sizes (Android Market, Ovi, AppStore, Amazon, FB etc).  They link direct to your mobile provider and you 'pay by phone' that way - now you have replaced the wagons and the rails (but the banks still get the settlements to do).

Find a trusted brand that can run your wallet for you (storing your cards, loyalty details and digital cash) and a much better online experience can be had.  That brand might be Google, PayPal, Apple, your bank or your mobile operator... with or without DCB - all capable of being much more secure and convenient than plastic.

John Dring
John Dring - Intel Network Services - Swindon 12 December, 2011, 17:30Be the first to give this comment the thumbs up 0 likes

Here's a Finextra News items saying the same!

John Dring
John Dring - Intel Network Services - Swindon 12 December, 2011, 17:54Be the first to give this comment the thumbs up 0 likes

And this is relevant too, and a good interview from Finextra/Liz. In fact there's loads of Finextra video comment that I missed and worth a view.

Of course, those in the industry always preach a more optimistic adoption!

A Finextra member
A Finextra member 12 December, 2011, 18:19Be the first to give this comment the thumbs up 0 likes

Great enthusiasm everywhere about new technologies, new business models ...

But how about real world customer adoption ? For instance when thinking about near field communication for payments, it instantly springs to mind that this could be a nice way for modern pickpockets to steal money from you - without having to grab into your pocket.

How about practical usage issues ? Will I still be able to take a train or bus when my smartphone's battery is depleted ? This is not too uncommon these days ...

Personally, I would not want my phone to hold my money. What's wrong with a traditional wallet ? What's wrong with a credit or debit card, they can also be used for offline payments ? And what's wrong about inserting that card into a smartphone, at times when I decide that I want to do an online payment ? 

We don't need Google et al for this. They are already collecting way too much information about us ...


Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune 13 December, 2011, 08:15Be the first to give this comment the thumbs up 0 likes

I've referred to Zong as a representative of MNO or GenY Mobile Payments (GYMPs). While they started off as Direct Carrier Billing, the high margins charged by MNOs made GYMPS unviable for anything other than niche segments viz. virtual goods having virtually 100% margins. To scale up and garner a sizeable share of the mainstream payments market, a few GYMPs have launched variants of their products in which payers can link their mobile phones to, ahem, good old credit cards, thus keeping the MNOs out of the loop. So, what started with the potential of disintermediating banks and credit cards has now morphed into merely another form factor to replace the plastic of credit cards at the frontend but not the credit card rails at the backend.   

Salil Ravindran
Salil Ravindran - MEDICI Global - Bangalore 13 December, 2011, 09:35Be the first to give this comment the thumbs up 0 likes

Guess a lot of the convenience issue will be resolved by wallets which are not just available on smartphones but also over the web. Mastercard and Visa entering into staretegic partnerships with Google. Monitise etc...are clear developments in this area.

E-commerce portals have a big role to play in their success. If they move ahead with embedding wallets into their portals as payment options, I guess we have a different dimension to payment altogether.

If I could use an e-wallet which has multiple credit cards, prepaid cards and debit cards, right at the point of purchase on the e-commerce portal, I guess it solves the convenience issue for ever.


John Dring
John Dring - Intel Network Services - Swindon 13 December, 2011, 13:12Be the first to give this comment the thumbs up 0 likes

Salil - Server side wallets, like Amex Express, are not so convenient when you have no online connection.  The concept of NFC is that there is enough induced current in the chipset to 'run it' without power from the host device... though of course you would still lose the value add and control that the associated payment app offers in that case - so you really do need some juice in the NFC enabled device to use it properly, but not necessarily a net connection and the latency that comes with that.

A hybrid of server side and client side is an option, but requires syncing.

In the same way that banks defend their monopolies and legacy, so do MNOs by defending their high DCB margins. When premium SMS was the only way, this was just about defensible based on inability to process credits, no txn itemisation and high dispute levels.  But now with 'wap' billing and basically online-DCB, the MNOs are only slowly giving up their 25-40% margin for processing payments.  They will maybe never compete at the 2-5% levels (don't have the experience, infrastructure or volume to do so), but if they can agree something close, then they become an option for merchants for more than just digital goods.

Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune 16 December, 2011, 17:49Be the first to give this comment the thumbs up 0 likes

A parallel discussion thread suggests that Klarna, a bill me later service, could play a dominant role in online payments. Klarna does not use the credit card form factor or rails.

So could Cash on Delivery (COD) that has given a shot in the arm to e-commerce in India.

Both Klarna and COD involve transaction fees that are similar to credit card and much lower than GenY Mobile Payments. 

Having said this, I realize that Klarna and COD are popular in markets where credit cards are not the dominant method of payment. How well they would fare in markets like USA where credit card has been the #1 incumbent method of payment remains to be seen.