Blog article
See all stories »

Let's do the timewarp again

It’s time to sign up for another lot of self-improvement or to be precise adult education class. This time, in my ongoing quest to embarrass myself in as many different environments as possible, it’s ballet for adult beginners. What was really shocking about this though wasn’t the idea of me in a tutu, it’s what happened when, after queuing in person to pay for the course, I brought out my credit card.

No PIN.

The learning centre, which will remain nameless, has just installed a brand new payment system to improve its particular payments problem – huge queues to pay three days a year and nothing much else the rest of the time. It’s magstripe based.

No signature or cvv either.

“That’s rather retro,” I said to the person taking the booking. “Didn’t I have to put my PIN in last time I booked for something?”

She shrugged. “We just check the card address against the address you give us,” she said.

I wonder how much fraud they get. You can’t flog a basket weaving course down the pub. If you do fraudulently book a ballet class on someone else’s card, massively thighed men in tights will be waiting for you when you turn up for the first class.

All of which reminded me of something one of our principal consultants, Anthony Pickup, wrote about recently on the Consult Hyperion blog about how payments are like broadcasting – sometimes you want a camera man and a dedicated transmission link (EMV), other times Skype and an iPad will do just fine (QR codes and mobile apps).

There are other metaphors available – articulated lorries when you need a moped, nuclear weapons when a catapult will do, a full corps de ballet at the office party. Different systems for different needs, in other words. It sounds like the local adult education centre has figured that out – now perhaps we can apply that to the question of whether we need EMV in the secure element for low value mobile payments.

3603

Comments: (3)

Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune 03 April, 2013, 19:13Be the first to give this comment the thumbs up 0 likes

Kudos to your adult education center for striking the right balance between security and convenience. I've long held that security levels, cash v. card and other issues related to payments should be left to the discretion of the customer and the merchant, who're the two most interested parties to any payment transaction. Regulators, security solutions providers and other middlemen imposing their own views - if not products and services - often turn out to be 'meddle'men providing little value addition.

Jane Adams
Jane Adams - Currently looking for a job - Edinburgh 04 April, 2013, 09:08Be the first to give this comment the thumbs up 0 likes

Security versus usability is the big tension in all systems, not just payments. Maybe one day we'll come up with something that makes payments both more secure and more usable. I'd like to say biometrics but given that I have a biometric log in on my pc and it only lets me in about 2% of the time (the rest of the time I fall back to a password) I'm yet to be convinced.

Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune 04 April, 2013, 16:09Be the first to give this comment the thumbs up 0 likes

GenY Mobile / Direct Carrier Billing Payment (e.g. Boku, Zong) have cracked the Holy Grail of Security Versus Convenience, although they're still too expensive to gain mainstream adoption. To me, biometrics belongs to a broader category of technologies - which also includes AI, voice recognition and OCR among others - that are adequately reliable only at price points that put them out of reach of all but a few usage scenarios. In a test I was associated with around six years ago, one model of a fingerprint scanner costing $25 delivered <10% accuracy whereas another one that delivered >99% accuracy cost $500. The former was affordable-but-inaccurate and the latter, accurate-but-unaffordable, for a classical PC login use case. Apart from that, even when it's affordable and reliable in the one-odd use case, biometrics triggers privacy concerns that hamper onboarding, as the flameout of PayByTouch illustrates.