"Your credit card may soon be worthless."
That's the notion being promoted by many in the investment
industry these days. They are referring to a new technology that is
supposedly Visa's (
) worst nightmare and a threat to the status quo of the credit card
industry that is worth billions. And they are positioning one small
company as the holder of the secret keys to cash in on what is
promised to be a multibillion-dollar shift in the way we pay for
everything from a candy bar to an oil change. But is it really
true? Will this technology really turn the credit card industry on
Doubtful. That's because all the popular analysis on the nascent
new technology ignores the fundamental underpinnings of all
successful technologies. In fact, it ignores basic economics.
The supposedly revolutionary technology involves a specialized
chip in your cellphone that communicates wirelessly with other
devices within very close proximity in order to pass data between
two devices. This "Near Field Communication" (or NFC) chip could
pass the equivalent of digital business cards between devices --
especially smartphones, where it makes the most sense to be
deployed -- by simply holding them up to each other. Your phone or
tablet could be used to identify you when entering a secure
business or even your home, as well as to connect to a rental car's
speakerphone or access the local Starbucks wi-fi, just by waving it
near a device that activates the link. Pass two devices within a
few centimeters of each other, and
, data is moved between them.
Thus, the theory goes, you can simply wave your phone by a
payment terminal at the gas station, grocery store, or other
location where credit cards are accepted.
This weekend, I encountered a situation where NFC would have
been useful. I was boarding a United Airlines (
) plane, and the passenger in front of me went to swipe her virtual
boarding pass across the bar-code reader, only to have it not work.
In the time she'd been waiting in line, her screen had timed out.
Thus, she was trying to swipe a blank screen over a bar-code
reader. Near Field Communication would have alleviated that problem
and made it so we were not all held up while the well-meaning woman
tried to type in her phone's passcode and bring the browser back up
(only to find she had to refresh the page and re-enter her ticket
number… leaving us all waiting while the gate agent assisted
So NFC could be a major improvement for the ticketing and access
control industry, given that it works wirelessly and can be
completely non-interactive when desired.
But does that make it a logical choice for contactless
, the promised multibillion-dollar opportunity? Many seem to think
so, and not just our fellow stock pickers. Germany, Austria,
Finland, and New Zealand are among the nations that have trialed
NFC ticketing for public transport, allowing users to swipe their
phones or NFC-enabled payment cards to grab a ride and get billed
later. It's basically E-ZPass without the car, and like E-ZPass, it
works well in some closely defined scenarios.
But outside of those circumstances, things get messier. Markets
dislike messy. So, in order for a new technology to hit the
mainstream, it is critically important that one of the players in
the value chain today has an overwhelming reason to support the
technology. Is that the case here?
Today, the overwhelming majority of electronic payments -- I'm
talking 99% plus -- are processed by the credit- and debit-card
providers of the world. That's Visa -- the 800-lb. gorilla of the
industry -- MasterCard (
), and American Express (
), along with lesser known names like Novus, Star, Maestro, and
others from the debit/ATM world.
These companies already have well-established networks of
equipment, merchants who accept their cards, and businesses and
consumers who use them.
NFC promises to bring two changes to the industry:
- Introduce new players into the ecosystem with an incentive
for adoption, in the form of whomever supplies the software
operating the NFC device the consumer carries.
- Help secure transactions by only submitting the credit-card
information over encrypted channels, allowing interactive
security controls, and limiting the range of the devices.
But the consequences of these changes may not be as
straightforward as they first seem.
Is NFC Another PayPal?
The first of those two changes is most unwelcome for the
industry's leaders. However, it's one that they've faced in the
past with PayPal and other direct-payment providers. When PayPal
began life, it was meant to facilitate direct consumer-to-consumer
transfers of money. I sell a trinket on eBay (
), you buy it, and PayPal moves the money from your bank account to
mine for a small fee. Essentially, that's the same business Visa is
Luckily for Visa, eBay soon experienced a large rise in fraud.
The credit-card companies saw a massive opportunity there to put
their considerable financial assets and longtime experience dealing
with fraudsters to use, and chose to increase the amount of
indemnity they provided customers against fraud. They marketed this
heavily and drove demand for users to use credit cards instead of
PayPal-type accounts online.
At the same time, PayPal's potential users also frequently
griped about not wanting to sign up for an account and provide a
bunch of banking info just to buy something. So PayPal caved to
pressure from sellers on eBay who were losing business to the
requirement and made it easy for buyers to just check out with a
credit card. While through their website checking accounts are
still the default, most of PayPal's business today is as a plain
old credit-card merchant-services provider, behind the scenes and
unseen, processing credit and debit cards.
It also meant that the fees to sellers included both credit-card
fees and PayPal fees on most transactions, a double dip that put a
serious dent into PayPal's attractiveness to merchants. Other than
on sites like eBay (which basically forced sellers to use PayPal),
there was little reason for broad adoption.
This cut seriously into the account growth at PayPal, and
reduced its threat as an end run around Visa.
Instead, PayPal's success outside of eBay came from making it
simple for someone to become a merchant. Signing up for a PayPal
account was faster and easier than getting set up with a
traditional merchant account. For Visa and company, that was a win,
as they had a firm that would get paid to reach a market filled
with merchants too small to be reached individually. PayPal
transformed from an end run around the payment providers into the
world's most popular payment gateway, funneling the overwhelming
majority of that traffic right through to the credit-card
providers. Threat averted.
But providers of NFC-equipped phones, such as Google (GOOG), are
gearing up to provide services similar to PayPal. Google's Wallet
software lets a user store multiple cards in a single account and
choose the appropriate one to use when checking out. One of the
potential options for payment is Google's own Checkout service,
which works just like PayPal and does it for less than typical
charge-card fees -- something merchants could get excited about,
much the way they did with cheaper debit-card payments. Just swipe
your phone and choose the card on your screen (or vice versa), and
you are using Google's services to pay and get paid, whether that
service is from Visa or directly through Google.
This sudden entry into the space by big, powerful, connected
companies like Google or Apple (AAPL) (which has yet to load NFC
into any of its phones, but has long been rumored to be looking at
such an option) -- with their preexisting relationships with
hundreds of millions of global consumers -- into the payment chain
is a far more pressing threat than PayPal ever was. These companies
don't face the "cold start" problem on registrations, have rabidly
loyal fan bases, and reach into nearly every home and business in
the industrialized world.
On the other hand, they also don't have the expertise to combat
fraud, putting them into a potentially risky situation if they fail
to do their job effectively.
The phone companies -- the other potential middlemen which could
support putting NFC in the hands of millions of consumers if they
thought they could get value out of it -- have seen this movie
- Long-distance "bumping"
- 900 numbers
- TXT subscription services
Many times in the past, telephone network operators have tried
to insert themselves into the billing relationships of their
clients and other parties, and nearly every time, it has ended in
disaster. Fraud was rampant. Client complaints skyrocketed,
boosting costs of keeping customers happy and problem-free.
Overall, it was a series of giant headaches, and one would assume
that not only did they learn their lesson, but that maybe Apple and
Google would learn it from them as well.
Payment-card providers have every incentive in the world to
prevent adding another middleman -- especially one with big
influence on consumers -- into the equation. They'll do that with a
combination of marketing, lobbying, and threatening behind the
scenes, doing everything in their power to stop the technology from
taking off, unless they control its use and dictate its terms. And
those middlemen may just find themselves treading over treacherous
paths that their business models have not prepared them for.
The other argument for NFC is a technical one. Proponents of the
technology say that NFC will be far more secure than the
traditional magnetic-stripe card. They point to examples of
widespread adoption of "chip + pin" technology in Canada, Europe,
and Latin America as evidence that magnetic-stripe cards are faced
with fraud problems, and that technology can overcome them.
NFC is pitched as something far more convenient than the
traditional credit card, without the security holes associated with
previous wireless payment technologies. Thanks to the interaction
between the NFC device and its host (a phone in most cases), layers
of security can be added to require passwords, PIN codes, and other
protections prior to the credit-card data being sent across to the
merchant's payment terminal.
Unlike previous wireless technology, the data stream between the
merchant and the consumer is encrypted for extra security.
However, all this security becomes moot when a device simply
transmits that data to an unsecured machine or network. Over the
past few years, the overwhelming majority of credit-card theft has
happened at the system level. Hackers have done everything from
cloning cards -- something NFC theoretically could prevent, but
more on that below -- to hacking hundreds of readers that broadcast
card info wirelessly; to breaking into websites, telephone
networks, and corporate intranets to steal cards; and even to
hacking the networks of large credit-card-transaction aggregators
to steal thousands or millions of cards at a time. NFC does nothing
to deal with the latter, a far more pressing and larger-ticket
fraud than consumer-level security issues today.
With consumers educated to protect their cards and indemnified
from damages, and lower-level credit-card fraud a well-understood
and easily policed threat, Visa and company have little reason to
get behind NFC, even if it does offer some minor security
This is why only a single bank, CitiBank (C), and a single card
company, the distant third-place MasterCard, have signed on for
using the technology. And even they are hedging their bets. "NFC
may become really important in the future," says Ed Olebe, head of
PayPass Wallet services for MasterCard. But "we are waiting to see
how the industry works out its issues."
Enter The Merchants
Even if credit card companies don't want to see that middleman,
won't their direct customers -- the merchants who accept their
cards -- be willing to jump on the bandwagon and push the card
providers to support it?
Probably not. In order to add NFC, they would need to upgrade
their payment terminals. For small businesses leasing the
terminals, the account provider would have to foot the bill for the
new technology. And with that, they would have to take on more
technical support calls for any issues that creep up from adopting
NFC, a far more complex technology stack than a magnetic-card
reader, or even than a traditional radio-frequency card. That
dynamic has always ensured slow adoption of new payment technology
for small retailers.
For larger vendors -- like market-leading retailers and
restaurants -- the ultimate decision point is checkout time. A busy
Starbucks (SBUX) or crowded Target (TGT) will quickly lose money
from frustrated customers who walk away from long lines. So they do
whatever they can to optimize the checkout process. Checks are
discouraged heavily, as they are the slowest. Cash isn't too bad.
But cards -- especially now that they have lobbied card companies
to do away with signatures on small purchases -- are king.
NFC potentially complicates the payment chain -- especially if
advanced security features are used.
The point is that the payment providers and most merchants have
little real incentive to support this new technology. Their
businesses are less complicated and quite secure enough
Nor are mobile phone companies in the United States apt to jump
into this space. Visa and company will firmly protect their turf,
squeezing margins from any attempt by mobile providers to insert
themselves into the existing payment chain. The AT&Ts (T) and
Verizons (VZ), with their teams of lawyers, accountants, and
economists, will recognize the magnitude of the challenge and are
likely to take a pass.
All of this leaves only consumer demand to drive adoption. If
there is enough of that, carriers will have no choice but to accept
the technology, and payment-services providers to support it. Sure,
carriers will drag their feet. And payment providers may even
attempt to fight it, by making it less convenient still than the
current system. But if the technology is well designed, widely
implemented, and serves a need for the consumer, no matter the
business model behind it, it will prevail in the market.
Is there any reason why consumers would demand the use of NFC?
We are adopting smartphones at an astounding rate, after all. More
than 50% of all phones sold in the U.S. are smartphones now, up
from low single-digit percentages just five years ago. That's a
clear sign that a simple fear of technology is not holding back
And we sure picked up on other convenient technologies quickly
as well... like wi-fi.
The reason, of course, for our adoption of these new devices,
and these new wireless capabilities, is that they directly
eliminated a pain point or provided an entirely new
Before wi-fi, laptops were mostly tethered to a wall. You had to
wire your laptop to an Ethernet port to get access, rendering your
portable computer a digital ball and chain. No sitting out on the
porch to work from home on a sunny day.
Before the smartphone or tablet, if you wanted to get an email,
to see what your friends were up to online, or just to find some
news or videos to pass the time, you were stuck flipping open a
five-pound laptop. Now it's all in the palm of our hands.
Consumers are quick to embrace any technology that makes their
lives easier. Credit and debit cards do, and they now comprise
nearly 50% of all transactions per person per month, as this pie
chart from the Consumer Payments Research Center shows:
(click to enlarge)
Does NFC similarly provide a benefit or solve a problem?
Maybe taking a look at its failed predecessor -- RFID -- will
give us some insight into how high the bar to supplant the credit
card actually is. These small Radio-Frequency ID chips -- which can
transmit a signal from an otherwise inert little device (like a
plastic card) when passed near enough to a reader -- were the last
hot new invention that was supposed to end the supremacy of the
magnetic-stripe credit card.
You would be freed from the terrible, awful, painful hassle of
removing a credit card from your wallet, thanks to RFID. Heck, they
didn't even have to be cards. Instead, companies like Mobil gas
stations created keychain versions of the same and gave them useful
sounding names like "SpeedPass."
However, there was a simple logistical problem: most people
carry more than one card. If you wanted to simply swipe your wallet
or purse by a machine, or even walk through an
E-ZPass-for-people-style gateway, how would it tell which card to
use? Interference problems from multiple cards notwithstanding, if
a reader could get a clear list of all the cards, then it would
still have to prompt a customer for their choice of cards...
Quick, which of your cards is AMEX ... 6057 versus AMEX ...
Again, you have customers reaching into their wallets to avoid
confusion and adding to checkout delays. Visit any Target or
Starbucks during prime hours, and tell me if you think another 30
seconds per transaction would be no big deal.
Then pile on the security problems. In theory, anyone with a
relatively cheap reader could pass by you on a sidewalk and read
your card(s) from the outside. RFID would have all but put
pickpockets out of business... at least, the less technically savvy
In either event, the answer was to make the devices so low-power
that they had to be held up next to the reader to work (still not
alleviating the wallet issue, meaning you have to get out a
Needless to say, after one simple look at the problems,
merchants weren't exactly beating down the door to install costly
new RFID readers in place of their current equipment. It was no
better at speeding customers through checkout during busy times,
and it was no more convenient. Customers weren't exactly
complaining about the failures of their credit cards, and with all
the potential problems coming from RFID, the bandwagon for
consumers, for merchants, or for payment providers never really
So let's tally up the scorecard for RFID:
- New equipment for merchants
- Less secure than the magnetic stripe
Enter NFC to save the day!
First, let's tackle those pesky duplicate reads. Few people
carry more than one cellphone. Even if they did, chances are they
are not going to turn on the NFC features of both and load them up
with payment details. A problem affecting 99% of customers just
became one affecting less than 1%.
Then there is security. Unlike RFID, NFC transmissions can be
encrypted. The two devices that talk -- up to a maximum of 20
centimeters apart from each other (a nominal distance intended to
limit the chance of accidental cross signals and make spying
harder), establish their connection in a few milliseconds, and then
set up an encrypted channel to talk through before exchanging any
sensitive information, like your credit card number -- further
reducing the likelihood of that data being intercepted.
In addition, NFC Forum, the industry trade group pushing the
technology (similar to the wi-fi alliance and the Bluetooth working
group, each of which helped popularize their respective protocols
and create huge businesses in the process), made sure NFC was fully
compatible with old RFID tags and reading infrastructure, to
accommodate that small number of merchants already invested in RFID
readers, like McDonald's.
Thanks to the fact that the NFC hardware can store multiple
potential payment methods in its secure vault, choice in payment to
match the good old-fashioned wallet is restored. And it can do this
trick with just one device, prompting you on screen to choose your
account of choice (or simply defaulting to a standard payment
method until you choose differently).
So what's not to like about NFC, then? Well, let me ask you a
quick question: Has your cellphone battery ever died? Yeah, that's
what I thought.
After I was done waiting in that United line, I was greeted on
the plane by another interesting situation courtesy of the
cellphone boarding passes. Once seated, I noted a man being asked
again and again by the people around me to leave his seat. He'd sit
down, the next person on would tell him it was their seat, and he'd
move back a row. Again and again. After some discussion, it turned
out that his cellphone battery had gotten him only as far as the
door to the plane and then died. He had no idea what seat he was
supposed to be in. Upon asking the flight attendant for help, she
told him that he would have to wait until everyone was boarded and
she could get a copy of the manifest. In the meantime, he was to
sit down "anywhere" until everyone else was on board.
NFC is intended to address this problem, of course. The
electronics in the phone for the NFC are activated not by the
phone's battery but by the actual reader, wirelessly. In this
regard it works much like RFID. In fact, any NFC reader can read a
standards-compliant RFID tag too. Problem solved, right?
For the ticketing industry, maybe. But for payments, not so
much. More than just transmitting a device ID, the NFC system has
to transmit credit-card data. If a phone is dead, that means the
NFC system will have to make a choice: transmit the data RFID-style
to any application that requests it without prompting the user, or
stop functioning. That's either a pretty big security hole or a
Further, have you ever had a hard time getting a program on your
computer or phone to work reliably? Or just fumbled trying to find
the notification or popup for an application that needs your
attention? Now imagine the kind, older woman in front of you in
line at Kohl's (KSS) selecting her payment method on the
touchscreen of her iPhone, tapping in the specific PIN code for
that card, then swiping her phone across the reader in the time
provided. Sure, the workflow can be altered a little. Enter that
PIN after swiping, maybe. Or have the PIN entry on the payment
terminal like they do today with debit cards -- just don't move the
phone out of range when you do.
The practical implementation of NFC leaves a lot of open
questions about security, about complexity, about who ultimately
controls the experience -- credit-card provider, hardware maker,
mobile-network operator, or merchant -- and about who handles all
the support calls that will result.
After all of that, the result is no faster or more convenient
than a simple magnetic-stripe card reader. And you introduce the
complexities of battery life and other mobile-phone-specific issues
to a process that otherwise works great as is.
Credit cards took off because they were infinitely safer, more
convenient, and faster than cash -- all valuable benefits in these
harried lives we lead. The debit card made small leaps from there,
in cost for merchants, and in convenience for the many Americans
who have no credit or prefer to use it more cautiously.
But NFC -- just like RFID before it -- provides no real
improvement in any part of the credit/debit card value chain.
Almost no one is demonstrably better off for adopting NFC, and thus
chances are very low that it will find wide success in the payments
industry. There may be other reasons it comes into massive scale
adoption -- another "killer app" as they say -- and that will
change the equation down the line. But until then, Visa has little
to nothing to fear from NFC. And those other investors hopping on
the supposedly multibillion-dollar bandwagon should think long and
hard about whether their investment is likely to succeed in the
I have no positions in any stocks mentioned, and no plans to
initiate any positions within the next 72 hours. I wrote this
article myself, and it expresses my own opinions. I am not
receiving compensation for it. I have no business relationship with
any company whose stock is mentioned in this article.
Oculus Innovative Sciences Management Discusses Q3
2013 Results - Earnings Call Transcript