David Gyori - BANKING REPORTS, LONDON - London 23 July, 2019, 09:21 0 likes

For years I have been asking why additional hardware would be needed in the age of NFC phones to read a card.... 
Answers were 'regulation'. It is high time to change this. NO NEED FOR ADDITIONAL HARDWARE FOR CARD ACCEPTANCE....
And initially: no need for cards.... 

A Finextra member 23 July, 2019, 14:36 0 likes

Great news and I wholeheartedly support this innovation. Of course when the merchant wants to accept a transaction over the contactless level, at least from a card format,  they require PIN on Mobile. Something MYPINPAD can deliver. 

A Finextra member 24 July, 2019, 04:29 0 likes ’Beem_it’ is a payment app that is owned by three major Australian banks, CBA, WESTPAC, & NAB. The ANZ bank is not currently a partner but may join anytime in future. The app can be downloaded to any Apple iPhone or Android phone. The app naturally has bank-level encryption and a high level of identity security. Provided that two people have the app, it is very easy to pay money to each other, request money from each other, or split a restaurant bill between each other. It is completely free to use and can be used 24 hours a day, seven days a week. You do not have to have a bank account with the owners of the app, which are the CBA, WESTPAC, or NAB. All that you need is any Australian bank account, a Debit Visa or a Debit Mastercard, and either an Apple or Android mobile phone. Beem_it is completely free to use by any business. There are no surcharges for any merchant using it to sell anything from their business, and there are no surcharges for any consumer using the app to buy anything in any transaction. I am confident that Beem_it will be a game-changer providing the owners of the app spend funds on a national advertising campaign. Beem_it had a ’soft’ launch in 2018 and I suspect the app is not widely known throughout Australia. https://www.beemit.com.au

A Finextra member 24 July, 2019, 08:14 0 likes

🤔 Wondering whether the merchant acceptance fees will be lowered due to the fact POS, paper, delivery, POS extra SIM card, not required plus POS manufacturers either... 

A Finextra member 24 July, 2019, 09:26 0 likes Although the headline suggests otherwise, it seems to be the merchant’s device that this topic is about. And why would I, as a customer, trust the phone of somebody else - that I have absolutely no control over and cannot know what’s in it - with my money ? Such as opposed to a ‘regular’ (usually third party) POS device that both merchant and I have no control over and for that reason deserves more trust ?

A Finextra member 24 July, 2019, 11:18 0 likes

Thats a valid point and of course may be a concern is some circumstances. Two comments though, increasingly brands you do trust want to deploy standard off the shelve technogloy and take payment. Secondly if a merchant has delvered you goods and or services successfully the findings from piltos  is that the general, non payments "man/women in the street",  is that they will trust the merchant and quite happlily put their PIN into the device.  This is proven with Square and Ingenico pilots that are also live in several markets.

A Finextra member 24 July, 2019, 13:40 0 likes

I dove a little more into the subject: Obviously (https://www.youtube.com/watch?v=XRZ5hz3NjPk of July 3, 2018) the payment is done by means of 'tapping' a creditcard onto the mobile phone of the merchant. That explains also the mentioning of 'activated near-field communication' (NFC, https://www.ing.com/Newsroom/All-news/Turning-smartphones-into-mobile-points-of-sale.htm). The same article states 'there are 1.5 million small-medium enterprises and millions of other micro businesses owners such as taxi drivers, florists and electricians who can increase their sales and lower costs by adopting digital payments' and the quote “My customers who normally don’t have cash on them are able to pay by card now” This yields more questions than answers: obviously the mechanism is intended for those circumstances where the customer has no standing relation with the merchant (e.g. taxidriver) and uses a creditcard 'while on the move' rather than cash .... ? My reservations about the trust (relation) still stand. I look forward to any future reference to outcomes of the pilot(s - Mastercard mentions more locations than Finextra).

Food for thought: Money is the universal means mankind has accepted to be usable in barter ... now called 'purchases'. For all kinds of reasons money storage is nowadays by electronic means, also allowing for the transfer of money without the actual physical exchange of coins and over longer distance - without the owner of the money even being present. But this does not at all change the concept of the ownership of the money: while the money is in the bank account, it is still the money of its owner ... Of course a customer realises that a certain amount is due to a merchant after a purchase. But getting money from your account physically into your purse (and use it) is more difficult by the day ? Many still prefer cash, with its benefits (e.g. instantaneous view of what is left by looking into the purse), portioning over time, instantaneous settling of a debt caused by a purchase, etc. (not talking about web-purchases). Then why should the payer be bothered with the implications 'on the recipient side' of a payment (in terms of attempted migration to non-cash, trust / risks, handling costs, payment delay, ...) where the introduction of the non-physical money at the POS is beyond his control ? The pilot at hand seems yet another example of reasoning from the not-payer perspective and it would be interesting to learn how this 'money ownership dimension' is taken into account. This may certainly be assumed to be a critical factor in acceptance of this concept (and similar ones).

David Gyori - BANKING REPORTS, LONDON - London 24 July, 2019, 13:53 0 likes

This is a VERY EXCITING discussion here. Very very exciting and meaningful. It is a great community. 

A Finextra member 24 July, 2019, 17:07 0 likes

Replying to the anonimous comment: "that I have absolutely no control over and cannot know what’s in it - with my money ? Such as opposed to a ‘regular’ (usually third party) POS device that both merchant and I have no control over and for that reason deserves more trust ?"

What makes you, as a customer think that the POS device has not been hacked? In fact, how many credit card holders know about the brand/company behind the POS? Currently you can find hundreds of different POS providers out there beyond Ingenico, which by any mean, are trustable by default. 

In fact, if you follow Apple approach with Apple Pay controlling/restricting the enablement of the NFC, you make sure that anyone can use the phone as a POS in a fraudly maner.

A Finextra member 24 July, 2019, 19:55 0 likes

I am afraid that - as a spin-off from the original topic - the direction the discussion is taking underpins my 'food-for thought' for a number of reasons:

In "... for that reason deserves more trust ?" the words have been chosen carefully by me. I did not intend to express absolute trust in the POS device, but (simply by inserting the word 'more') that amongst the fraud mechanisms in payments (from fake paper invoices up to skimming devices attached to ATM's) hacked POS terminals are pretty unknown. So "What makes you, as a customer think that the POS device has not been hacked?" is NOT what I meant: an unfamiliar POS terminal from a statistical point of view can be trusted more than an unfamiliar phone especially if I have not seen both of them before. And knowledge about the brand/company behind the POS is not necessary as it is not relevant for the payer using the POS terminal. Note that a regular POS terminal provides a tangible proof of the transaction carried out, issuing a piece of paper with a timestamp, an amount and a transaction reference. So in case a POS terminal would be hacked and transfers ten times the amount it shows to the payer from the payer's account to the merchant, the payer has a proof to be used in court while disputing the transaction. The article does not mention any such proof being given to the payer in the pilot described (and I necessarily base myself on the information available). So, and that is what I meant, if the app has been hacked and transfers more than it shows to the payer, it is the payer who has a problem proving his right. And NOT the merchant or the payment service provider ..... while all the payer wanted to do is settle his debt. This is one risk-related element in the 'money ownership dimension' that I referred to.

Note that the original ING article says 'Any Android-based smartphone or tablet can be transformed into a mobile POS with the ‘Tap on Phone’ app and an activated near-field communication' . Where it is very difficult for a hacker to insert modified software into a POS terminal, it is (relatively) simpler for a hacker to upload an app to the app-store, convincing members of the public to download and install that one instead of the original one and there you go. Analogous to the well known 'phishing' by e-mail. This app-based mechanism (as opposed to POS based mechanism) exposes a (technically) ignorant merchant/payer to a risk that he did not ask for. Why should a payer want that ? I am afraid this is indeed 'another example of reasoning from the not-payer perspective' as mentioned above, but I gladly see myself proven wrong and I am still very interested in further information detailing which preemptive measures have been taken to take away the risks from the payer.

Jacob Koch - Nets A/S - Copenhagen 29 July, 2019, 08:42 0 likes

Here in the Nordic has mobil based apps’s (mobilpay, Swish, Vipps) taken over much of the payments at flea markets, coffee-carts and other pop-up stores. Because “merchants” gets an instant terminal just by downloading an app. There has been no good alternative from the Card world towards this, because the dependency on hardware.

If an app and  a tap with the card, could solve this hardware dependency problem  – it could help increasing the number of card based payments even more – both in the very advanced payments marked as here in the Nordics – but also in marked where card payments is not as well distributed - any street vendor anyware in the world could be a receiver of card payments.

 As mentioned in other comments there could be problems – but it would be very narrow minded not to explore this opportunity, because there is some risk connected to this, thinking about the upsides of solving the hardware dependency for smaller merchants. The payment industry is very dynamic and with a high amount of resources – I am sure we can find a way to solve those issues. It will be very interesting to follow this ING's test.

 

Andrew Smith - RTGS & ClearBank - London 05 August, 2019, 10:00 0 likes

So this isnt anything new. Back in 2012 I run a lab that built exactly this. We then moved it to a phone to phone closed loop payment system. 

However, there are some issues with the card being used like this on the POS. The first is the transaction limit since there is no PIN option really (and there shouldnt be unless the mobile device is completely locked down, which we all know it wont be). The second is, is the phone completely locked down and can it be trusted. After all, NFC is broadcasting valuable card based data at this stage, so capturing it is rather easy and if your device has malware on it, who knows where that could go.... This may have changed since 2012, but the challenges regarding security are usually why you end up with specialist / locked down devices and not an option simply to download an app....

A Finextra member 05 August, 2019, 10:24 0 likes

Hi @Andrew, regarding the PIN on the glass/phone. Shouldn't be needed if (cardholders) use tokenized card numbers from their native wallets (Android Pay/ Apple Pay). The whole point is to release this alternative card acceptance technology together with larger adoption of tokenized cards.