Mastercard has started trials of online payments using the secure element in an NFC handset in France, and it looks like it could quickly become the standard way to buy stuff on the internet. The trial involves 160 staff at ING Bank in Paris, who've been given Galaxy SIII handsets and a PayPass account to play with. When …
What part of this actually uses the NFC/rfid/wave-your-phone-like-you-just-don't-care part? You know the bit I mean, Bill, it's your favourite. Why does this need that "secure element" that NFC introduces as opposed, to, say, the SIM, which was intended to do much the same thing for phone network authentication?
Leaving aside for the moment that most of the phone network's perceived security stems from its obscurity, and that if you start to seriously poke at it it's less secure than the internet was in 1993. Also leaving aside that the problem with paying with CCs over the internet is mostly with the CCs, not with the internet as a transport. Leaving thus aside that this is yet another bit of technology thrown at a problem the bankers doing the throwing are evidently misunderstanding... again.
Do tell. How does this make NFC less of a solution looking for a problem to solve? Is it the free handsets?
Re: Please explain
My guess is that NFC "secure element" is at least partially under the control of the bank or MasterCard. Problem with paying with CC over the Internet is transmission of "means of payment data" instead of "transaction authorization data". The application of secure element on client side is meant to provide authorization of payment, much the same way as typing PIN at POS. Which of course may leak your data too, but is still more secure than handing your CC to waiter who walks away with it "for a second" (which is what happens when you fill CC details on seller's website).
"The critical question now is...
"...if handset-secured payments will incur the lower "card present" charge, which would certainly result in very rapid adoption by retailers."
And reduce the Card Handling Companies' profits. So somehow I doubt this will happen...
In what way is this different from the (literally hundreds) of One Time Password apps already available for smartphones? Yes, of course most OTP systems don't currently use a challenge from the bank, but the OATH standard (www.openauthentication.org) already allows for this and it would be easy to add. To echo the AC comment above, where does the NFC Secure Element come in? We need a lot more technical detail to know if this is significant or not.
Not only is NFC "pay by bonk" a solution looking for a problem
It will never see widespread use in phones because there are too many people interested in making sure that they take a piece of the transaction (plus the payee's desire to get rewards as is often the case with credit/debit purchases today)
1) the phone OEM
2) the maker of the phone's software when different from hardware (i.e. Google for Android, Microsoft for WP)
3) the carrier
4) the payment processor
5) the account holder's bank
Phone OEMs want a solution dependent on the hardware in the phone so they collect the fee, the maker of the phone's software wants it as part of the OS so they collect the fee, the payment process and bank want things just the way they are today and won't willingly give up anything to the phone OEM/OS vendor/carrier unless things start looking like they'll get cut out of it entirely.
The carriers in particular used to view this as a huge future revenue stream, seeing it much like how people billed ringtones and the few apps that primitive smartphones used to have to their phone bill, except now they'd have thousands of dollars a month passing through them each month. Not only could they take a cut, they'd gain access to all that valuable market intel.
They're probably really pissed a few of them made a deal with Steve Jobs and let the phone OEMs eventually take back the ironclad control carriers used to have over all the phones on their network, so now that future revenue stream has vanished in a puff of smoke. But they're going to fight like hell to prevent someone else from taking what they viewed as "their" future. Even the biggest Apple haters ought to thank them for that, because say what you will about Steve Jobs, he was good as getting companies to do things that were against their long term interest for short term gain (i.e. breaking the "album" concept and selling almost all music as singles today)
The biggest problem is giving consumers a reason to want to pay via NFC, beyond "hey look what my phone can do". Unless they bribe them with bigger rewards than they can otherwise get, without alienating shop owners by demanding higher interchange fees, I don't see why this will ever be anything but a niche market for geeks who care more about technology than practicality.
- Geek's Guide to Britain INSIDE GCHQ: Welcome to Cheltenham's cottage industry
- 'Catastrophic failure' of 3D-printed gun in Oz Police test
- Game Theory Is the next-gen console war already One?
- BBC suspends CTO after it wastes £100m on doomed IT system
- Peak Facebook: British users lose their Liking for Zuck's ad empire