Nokia has launched a new website promoting Near Field Communications without any mention of the pay-by-wave systems that have got everyone else so excited. The site lists all the things one might want to do with an NFC handset, such as sharing pictures, pairing devices and reading passive tags to get local information, but …
"Nokia's current NFC phones can't do proximity payments, which may explain the company's reluctance to push that particular application"
No sh*t sherlock!
My phone, my credit card, and 5 cents worth of duct tape, and I have wireless payment for gas, grocies, and dozens of other things on my phone. Why is this hard to put in a phone? It's about half a cent worth of copper, and plastic.
I'm not sure, but...
I'm not sure, but I think the phones actually interact with the cards, so that they can alert you to a payment, be enabled, disabled etc. Maybe this development takes a while, it's also possible that they've got to be approved by the relevant card issuing authorities.
Just cos a few companies are trying to promote it, does not mean it's gonna be the way forward. Has anyone here used it yet? Does anyone care? I'm happy with cash and cards still. I don't think that makes me a dinosaur.
Pretty much the entire population of London are using it to pay for public transport ;)
Bill Ray's Nokia meme in action
When Nokia started putting NFC on its phones Bill Ray opined: "NFC just isn't desirable", and "[t]he idea is to make a mobile phone operate as a electronic wallet, despite the fact that no one seems to want this."
Now "[Nokia] are going to have to support those payment systems eventually if it isn't going to be left behind entirely".
A pattern in Bill's reporting?
Re: Bill Ray's Nokia meme in action
You're right - I've changed my mind over the last 18 months.
I used to think NFC was cool, but pointless. Now I think NFC is cool, pointless and being pushed really hard by some of the largest and most powerful companies in the world.
I still don't think many people today want mobile payments, but I now think they're going to get them if they want them or not, and Nokia risks getting left behind on that score.
Hope that clarifies things.
Nokia could be playing it safe here. Let the others stick their heads over the parapet and wait to see which way the lawsuit dust settles when the inevitable happens.
Now it would seem to be obvious that, when the contents of some punter's bank account mysteriously disappears, the handset manufacturer can't be held liable. However, we are talking about a process in which lawyers will probably be involved.......
 Then again, "we didn't design NFC payments, we only implemented it" does have a touch of the "Nuremburg defence" about it........
RE: NFC payments.
Yes and no. I suspect this is more about Nokia having to pay someone a licence (such as VISA) to use the relevant technology. They may also be waiting to see who wins - Google Wallet seeming to be everyone's favourite, though PayPal may crash the party.
"....when the contents of some punter's bank account mysteriously disappears...." Since NFC is only used for small payments, the scammer would have to make thousands of very small payments in a very short time in order to empty an account before the owner realised. What is much more likley is the use of high-powered scanners at chokepoints in cities, such as the exits to underground stations. Then the crook can scan thousands of cards in a day and charge a small amount from each, and if the owners are in the habit of making NFC payments for other items (morning newspaper, coffee on the way into work, underground fares, a can of Coke at the Olympics, etc) then the crook is probably going to get away with it. At least with phone NFC systems you can build in an "OK to buy?" query before the transaction completes, but the depends on the software coder bothering. With RFID-enabled credit cards there is no such security.
Personally, I'm annoyed at the gradual erosion of security in credit cards, having gone from a mag strip and signature to just the PIN (easily observed at the cashpoint or till, making life easy for muggers), and now the mugger/pickpocket can just steal your card and enjoy several hours free vending if nothing else. I'm not sure I want NFC on my phone as well, it simply makes my phone even more attractive to muggers.
I've lost count of the amount of times I've said this, but here we go again:
A criminal can't use a scanner to read people's cards, due to the end to-end encryption. If the encryption is broken (end the relevant cards haven't been canceled / replaced) the criminal would need to be 10-20cm away from the card - this is the greatest distance an NFC card can be pushed to in the lab.
Crucially, though the kicker is: If you want to make a charge to a card, you have to have a merchant account. You can't just scan a card and charge it to something, if there isn't an account to put the money into. In order to have a merchant account you need a bank account and thus a bank who know your name and address.
RE: Lost count...
"....A criminal can't use a scanner to read people's cards....you have to have a merchant account....." Really? So what happens during a purchase then? There is no need to scan the card, just make it think it's taking part in a real purchase. All the crim has to do is set up a front company, create a bank account using some other individual's details (go look up ID theft, then read how money launderers use fake businesses with real bank and VISA accounts to "wash" cash), get a merchant account, then they can have a legit means to charge RFID-enabled cards or phones. You could even clone a real merchants setup, create a bank account in the real businesses name but under your control (with fake ID), then the police and VISA will end up chasing after an innocent party whilst the crim goes happilly on their way.
".....the criminal would need to be 10-20cm away from the card - this is the greatest distance an NFC card can be pushed to in the lab...." Sorry, but that lab must have been set up by the NFC lobby. The typical RFID device in credit cards and phones does not have a power-source of its own, they work by taking the power from the scanner's signal and then using that to send a reply. If you boost the scanner signal high enough you will boost the reply, and if your scanner has a highly sensitive receiver then it will pick up the reply from further away. That's simple radio wave physics, your only worry is the signal-to-noise ratio. I remember a DEFCON article where they managed to read one at fifty-plus feet several years ago, so pedestrian chokepoints like underground exits (usually about ten to twelve feet wide) would be perfect.
"Wave-to-pay" is not a technology problem..
... as Google will discover. (I suspect Nokia already know this, as they've been trialling NFC payment systems since 2008, and have been reluctant to press ahead with it). The exchange at the payment terminal is the easy bit; after that, any operator will need to provide the same trust, accountability and security that an existing card-payment processor does, or, as Google have done, farm it out to such a company (Citi in Google's case). But now, Google are just another middleman in an industry with too many middlemen. If I were a bank, why wouldn't I just commission the software myself, and keep the margins? And I think this is what will happen.
The banks have another advantage here too: In most jurisdictions, the cashless payment systems used by merchants are owned by the banks, and provided to merchants as part of their payment service contract, so it's the banks who decide which standards are adopted, not the software companies.
In the meantime, the payment tokens that customers already hold (credit and debit cards) can be easily augmented with NFC functionality. With a transaction value cap and a rate limit, it's quite possible that banks can allow transactions without PIN (as a precedent, there are "electronic wallet" Chip cards widely used in Belgium that operate without a PIN). If this happens there is suddenly no market for a phone-based NFC system, except as an application from an existing card issuer, and even then there's a public trust battle to be won.
In surveys, people are most worried about losing their phone when asked why they don't like the technology, and this has some sense in it. Right now, if you lose your wallet, you can at least phone your bank and cancel the cards; with everything rolled into one device, that option is no longer open to you.
[ On a final point, there seems to be some misunderstanding about what Nokia's NFC phones can and can't do. Just because the current OS release does not allow payment applications, it does not mean that the hardware is incapable of this feature. The software to enable payments will be in place next year, and will work for all current phones, according to Nokia ( http://www.nfcworld.com/2011/08/29/39462/nokia-symbian-nfc-phones-to-support-mobile-payments-in-2012/ ). ]
"If this happens there is suddenly no market for a phone-based NFC system"
It already has happened. Contactless payment cards exist in the USA, France and many people unknowingly have them in the UK. I suspect that when the contactless cards and NFC phone systems are up and running it is the contactless cards that find themselves suddenly without a market.
Why will people interested in the convenience that paying instantly by phone will give them? The same reason as why people buy grated cheese. When someone first started selling grated cheese it was ridiculed in the news, how could people be so lazy to pay someone to pre-grate cheese for them. Once it is there people will use it. Once NFC is in phones you will be surprised by the number of applications people will invent for it.
If I lose my phone...
... I can lock, and wipe it with Blackberry protect in less time than it would take me to sit on hold with my bank, and credit card companies trying to cancal my cards.
"Once NFC is in phones you will be surprised by the number of applications people will invent for it."
That's my own opinion too, and Nokia in particular have done some cool stuff using NFC to automate Bluetooth pairing, streaming and sharing. To me, as a user, that's worth something now, and it's a reason to look for an NFC phone next time I change. Only when there is a critical mass of handsets with NFC will it be any way practical to consider using them for payments - and that includes low-end devices too.
But the "instant" part of "instant payment" can be done today with chip cards. The Belgian Proton or Dutch Chipknip cards allow small-value instant payments right now, today, and don't require an online merchant terminal. Change the comms interface to use NFC, and it's tap to pay. And, unlike a high-cost smartphone, everyone with a suitable bank account can have this facility included on their credit/debit card. However, the poor take-up of these systems may be a warning of a fundamental flaw of instant payments: no authentication; and I don't see how any of the proposed phone-based systems would improve this without becoming some kind of ersatz Chip+PIN terminals.
- not that they'd be recognised as that. It's worth remembering that a lot of the hype over NFC payments comes from within the USA - the one developed economy that hasn't moved to some kind of Chip+PIN credit card payment systems. Yes, compared to the magswipe (or even zip-zap) that persists in the US, NFC is a lot faster and easy and secure; compared to chip+PIN, though, it's less secure, and only a little faster.
Is there any improvement on the NFC process since this reg article http://www.theregister.co.uk/2011/06/01/quick_tap/ , which, as I remember it, showed the whole set-up part to be very clunky indeed but did have the bonus feature of not deducting purchases from your balance? On the basis of that maybe Nokia have got the right idea at present.
Pay by Wave?
I've had a Barclaycard that does PayWave for 2 or 3 years now and I've never seen a shop that takes it in the UK. The only place I've seen a terminal is abroad, but It doesn't work outside the UK. Maybe Nokia are waiting for retailers to decide on a technology and rolling it out before wasting their money on it.
They're all over London and the South East, I fairly regularly use a paywave card. AFAIK the banks are rolling out to population centres, what with the cost of replacing all the PEDs (PIN entry devices) in country.
What scares me on any device if it has a user interface eventually it can be hacked. Why would I link a CC to my account and risk it? If I had this enabled on my phone I would feel like there was a huge target painted on my wallet.
- Analysis BlackBerry Messenger unleashed: Look out Twitter and Facebook
- Nine-year-old Opportunity Mars rover sets NASA distance record
- IT bloke publishes comprehensive maps of CALL CENTRE menu HELL
- Prankster 'Superhero' takes on robot traffic warden AND WINS
- British LulzSec hackers hear jail doors slam shut for years