Warning: Invalid argument supplied for foreach() in /home/paymentsjoural/public_html/wp-content/themes/jnews/class/ContentTag.php on line 47
Samsung announced the Galaxy S6 (and Galaxy S6 edge) and LoopPay payments on March 1st. The new Loop Pay solution uses MagneticSecure Transmission (MST) and represents a major improvement over the current LoopPay FOB which Mercator analyzed in the blog entitled “Several Challenges Confront Samsung in GainingMomentum with LoopPay.” The FOB was not only shrunk tofit inside the new Galaxy S6 and S6 edge it was also updated to support both tokenizationvia the mag head and full NFC support. Perhapsmost interesting is the fact the device will detect if NFC is available and usethat as the preferred payment mechanism and only default to the mag head if NFCis unavailable. As a result the Samsungdevice will be capable of supporting 90% of merchant locations including allmerchants that support NFC, a clear and large advantage over Google Wallet andApple Pay. But that may be insufficientfor market success. Continue ReadingFull Blog News Item by Tim Sloane, VP of Payment Innovation, Mercator AdvisoryGroup.
We begin this analysis by reviewing and updating the analysis that wasconducted in the earlier blog entitled “Several Challenges Confront Samsung in GainingMomentum with LoopPay” that was predicated on the LoopPay FOB feature set. In that blog we stated:
“Appleclearly achieved a marketing coup when banks all took out ads communicating thebenefits of Apple Pay, not only to their customers but to the larger market aswell. It is unclear what business arrangements Samsung will put in place (ifany) to encourage bank participation, much less banks’ advertising investment.In theory LoopPay enables Samsung to ignore the banks, but if Samsung doesthat, then it is likely to also lose banks’ marketing participation. Thisproblem is a Samsung business and contractual consideration that only Samsungcan answer, but failing to address it would be a major failure on Samsung’spart.”
Marketing and consumer attention indeed remain the key issues that mayprevent broad adoption of what is clearly a better payment product forconsumers. Google has achieved apartnership with mobile carriers through the acquisition of Softcard and thecarriers in turn have agreed to preload Google Wallet onto compatibledevices. It is rumored that Samsung hasannoyed the mobile carriers by deploying a solution that bypasses carriercontrol of the Secure Element and has failed to provide any incentives for bankparticipation. Marketing and gainingconsumer awareness of the LoopPay solution may be the largest stumbling blockto success. Mercator is also unaware ofany announced date for the initial provisioning of LoopPay. As will be discussed later the LoopPaysolution does not utilize the Secure Element and so may need to go through aprotracted certification process.
The second issue that was discussed was the question of how Samsungwould monetize LoopPay. It has beenrumored that banks have refused to offer any basis points on transactions backto Google or Samsung, so if a monetization plan is possible, it will likely bethrough consumer adoption of new features within the wallet, not from the banksor networks.
The third issue discussed was regarding comfort of usage at the POS:
“LoopPay, asit is currently implemented (not in the as yet unreleased Samsungimplementation), does not require the point of sale (POS) terminal to beupdated by the merchant. Most POS devices that accept magnetic-stripe cardswill accept the LoopPay device. But will consumers know how to use LoopPay in asmartphone? Will the clerk or the store be comfortable with customers pushingtheir phones against the POS? How will Samsung educate consumers and merchantson this new payment interaction at the POS?”
This will clearly remain a question that needs to be answered by Samsungand banks that adopt Loop Pay. Withinthe blog I then listed the following seven potential issues; those that areresolved with the new implementation of Loop Pay are indicated:
1. LoopPay today transmits the cardnumber to the POS magnetic head. The number is NOT tokenized and so lacks thesecurity feature of Apple Pay. ( FIXED)
2. LoopPay sends the card number usingan electromagnetic field that “rattles” the POS head from a distance. Dependingon the signal LoopPay projects, it may be an added security risk. (REMAINS POTENTIAL ISSUE)
3. LoopPay can be modified to send atoken (random alphanumeric character sequence) instead of a card number, butthis will preclude wide acceptance because POS devices must be updated with newsoftware to expect the token via the mag head of the POS device. ( FIXED) In addition, if a token is used, then thepayment networks and the issuing banks must be integrated into the provisioningprocess. (REMAINS POTENTIAL ISSUE)
4. LoopPay could use encrypted cardnumbers or even virtual card numbers to protect card data, but either approachlimits acceptance by necessitating upgrades of POS terminals and eitherrequires new card network and card issuer infrastructure, similar to, butdifferent from Apple Pay. (FIXED)
5. Training of consumer and clerks willbe needed to teach them that this method of payment is safe and acceptable. (REMAINS POTENTIAL ISSUE)
6. It is unclear if the LoopPay deviceunder development by Samsung will include its own SE or utilize the otherSamsung security model (Knox). If everything is not embedded in LoopPay, thenthis version of LoopPay does not represent a “de facto standard” that could beimplemented across all Android devices (should Samsung wish to sell the chipand should other device manufacturers be willing to accept a chip fromSamsung). (Samsung apparentlyestablished a new software secure element using the ARM Trustzone architecture. This approach enables deployment withoutmobile carrier participation and in theory suggests that other manufacturerscould do the same using this technology, but discussion with a Samsung partnersuggests it is unlikely Samsung will license technology to others) If Samsungembraces a tokenization model similar to that deployed by the payment networksto support Apple Pay, then it must find a way to partner with or circumventmobile carriers’ control of the Secure Element. Apple added an extra SE to theiPhone 6 that Apple controls directly.” (FIXED,but may have annoyed mobile carriers in the process)
So there remains a lack of clarity regarding how well Samsung’s Loop Paywill perform in the market, but still some clarity is starting to shine throughthe clouds. In the broad android marketit is likely Google Wallet will be the baseline function utilized by devicemanufacturers and mobile carriers. LoopPay, a better payment product, maysucceed on Samsung devices or be blocked by banks or mobile carriers, dependingon how Samsung manages all the partners within the value chain. It would be extremely interesting to see ifLoop Pay could achieve greater market penetration through licensingarrangements, but it does appear Samsung has decided against this course ofaction.
So the market will see at least some Loop Pay adoption and a lot ofGoogle Wallet adoption. This at leastmakes the decision for banks much easier for banks. The branded networks will control most of thepayments infrastructure unless some new organizations, such as the debitnetworks or NACHA, announce something extraordinary (Today PayPal acquiredPaydiant, which very well may also swing market share away from the brandednetworks, but we will have more on that in a separate blog perhaps as soon astomorrow). As a result, banks shouldprepare to integrate to the network tokenization process today. The primary component that this requires ismigration to EMV BINs and the creation of a new Identification and Verification(ID&V) process that will be used to validate the cardholder and assure thetoken is secured in the cardholders device (which is represented by the TokenAssurance Level value). Current reportsindicate that significant fraud has been seen in Apple Pay implementations dueto the failure to provide robust authentication of the user and the user’sdevice. Properly enrolling thecardholder is critical to avoid fraud loss in this area.
Based on the above, we may not be able to predict the handset paymentenvironment that will be most widely adopted in the market, but we do know thatthe backend issues are now coalescing around adoption of the Token ServiceProvider services that were introduced by MasterCard and Visa as new revenueopportunities.