Google has partnered with MasterCard, FirstData, Citi, and Sprint to demonstrate a new payment technology that could — in theory — change consumer payment behavior, payment security, and even PCI compliance. If this new technology or something similar becomes popular, it could have significant implications for ecommerce, too.
“Today, we’ve joined with leaders in the industry to build the next generation of mobile commerce,” said Stephanie Tilenius, vice president of commerce and payments for Google and a former PayPal executive. “With Citi, MasterCard, First Data, and Sprint we’re building an open commerce ecosystem that for the first time will make it possible for you to pay with a [near field communication (NFC)] wallet and redeem consumer promotions all in one tap, while shopping offline.”
Google Wallet will allow shoppers at brick-and-mortar stores to pay using a payment card stored on an Android phone. The shopper will simply place the smartphone with the Google Wallet application near a NFC-equipped pin pad and accept the transaction. The service will also include coupons and deal offers so that shoppers already enamored with Living Social and Groupon can instantly find and redeem similar kinds of deals and discounts.
Although Google Wallet or similar technologies are clearly aimed to retailers and service providers with physical locations, the technology’s effect on how consumers shop, what payment methods they choose, and — most importantly — how transaction data is handled will impact ecommerce if, in fact, Google Wallet catches on.
New Consumer Expectations
First, Google Wallet will almost certainly change customer-shopping expectations. Although some naysayers have said that using a mobile phone is no more convenient than using a credit card, it can, in fact, be argued that it could be much more convenient and that it could save money.
For example, Google Wallet will only offer two payment solutions when it launches later this year, but it is quite feasible that Wallet or a similar competitive solution will eventually be able to replace several credit and debit cards. A study from the U.S. Federal Reserve Bank of Boston —available as a PDF — found that the average American cardholder had a total of 7.3 payment cards, including an average of 1.3 debit cards, 3.7 credit cards, and 2.3 prepaid cards. Google Wallet could make it unnecessary to carry any of these, which is arguably much more convenient. What’s more, it would not seem a stretch for the solution to divide payments across more than one payment method.
Next, Google intends to integrate its Google Offers service, which is a competitor to Groupon and Living Social, directly into Google Wallet. This means that shoppers will be able to easily redeem deals directly from Google Wallet.
“Google has also been testing a variety of consumer deals that can range from a 20-percent discount on a new pair of boots discovered on a Google search advertisement, to a $5 off check-in offer received upon entering a store, to a “deal of the day” offering a $20 lunch for $10 at a local restaurant,” the company said in an official announcement. “Whenever you buy or save an offer, you will be able to automatically sync it to Google Wallet.”
Finally, as Google has already pointed out, Wallet is a mobile application, which means that there is no reason it cannot do much more than a traditional Wallet or credit card. Specifically, it might store loyalty card information, keep track of gift card purchases, or even integrate with personal finance software to warn shoppers when a purchase will put them over budget. All of these features should make it far more convenient than credit cards.
All of these conveniences and deal makings will likely change consumer expectations online too. If shopping in a store just requires a quick wave of a phone and a tap, why should ecommerce purchases require a customer to fill out a long checkout form? Shouldn’t an online shopper be able to store a Google Wallet on a desktop, laptop, or tablet too? Shouldn’t online purchase just be one click away? These are the sorts of questions that consumers may start to ask in the age of phone payments, and how these questions are answered may impact online retailing.
Card Present Transactions
Ecommerce merchants will want to ask some questions of their own. For example, brick-and-mortar stores generally play less in payment card processing fees than online merchants pay, since the former’s transactions are said to be “card present.” But Google Wallet, which clearly does not require customers to carry around a piece of plastic, produces “card present” transactions that enjoy better rates and better protection of charge backs than what online purveyors pay for their “card-not-present” transactions.
The implication here is that there will be a clear inequity. Ecommerce merchants will — at least for the time being — continue to pay higher rates for a transaction that is essentially the same as Google Wallet.
Changes in Security
A second potential implication for online sales has to do with credit card security and Payment Card Industry (PCI) compliance and is, at this point, hypothetical and speculative, but it does make good sense for merchants and consumers while creating a possible challenge for online competitiveness, which is why it is discussed here.
Although it seems that Google Wallet is still sharing consumer credit card data with merchants via NFC, it does not need to. Rather, instead of carrying out the transaction on the merchant’s network, it is at least feasible that Wallet or similar mobile applications could use the phone to complete the transaction in a fashion somewhat similar to how Square or PayPal Bump manages them.
In fact, as mobile phone payments evolve, it is conceivable that actual credit card numbers or bank account information could be stored on a secure network. Every few minutes the secure network would exchange encrypted keys with the mobile device over the air or via WiFi. When a shopper made a purchase this hypothetical mobile payment solution (1) would use the most current keys, information received from the merchant’s point of sale, and, perhaps, a form of biometric authentication to process the transaction; (2) the payment gateway would transfer funds (or prepare them for transfer); (3) return a token that the mobile payment application would (4) share with the merchant via NFC.
While it is important to point out that this is not how Google Wallet works now, if consumers become comfortable with mobile payment systems in general, it could be easily produced.
Such a payment system would have at least three huge effects. First, it should — in theory — be more secure since the actual credit card and bank account information is not in the phone or shared with the merchant. What’s more, since the encrypted keys could be updated regularly, even if the phone was stolen it might only have access to the accounts for a very short amount of time, and biometric authentication — such as a fingerprint or face print — would add yet another layer of security.
Second, this sort of payment system would completely remove merchants from PCI compliance scope. The merchant would never see the consumer’s payment card data, and in fact, the merchant would not even need a merchant account, since it would be the payment application that was processing orders not the seller.
This second point is significant because even the U.S. Federal government has recognized that the PCI standards are designed to favor credit card companies at the merchants’ expense. I previously addressed this favored treatment, at “Radical Ideas to Make Credit Card Payments Secure.”
Third, if the mobile application was managing the transaction and if merchants were able to dump their payment card processing services, those merchants would not have to pay to process cards, dropping something like 2 to 3 percent of additional margin directly to the bottom line.
Brick-and-mortar retailers that did not have to pay for PCI certification and did not have to pay a discount rate — as payment-processing fees are often called — would potentially gain a significant advantage for online sellers in terms of margin.
Currently, ecommerce sellers can greatly reduce their PCI compliance scope — or even remove it completely — using hosted payment services, such as those offered from PayPal and Braintree Payment solutions. The latter can be implemented using a technique called transparent redirection, which prevents the merchant, including all of the merchant’s servers, from coming into contact with customer credit card data.
PayPal, Apple, Microsoft, and Serve
Finally, Google Wallet is almost certainly only the beginning of phone-as-payment-method services.
For example, PayPal is believed to have its own service nearly ready to be released. Last week, just a day after Google Wallet was announced, PayPal, and its corporate parent, eBay, filed suit — a PDF of the suite is here — against Google and at least two Google executives, who both are former PayPal employees, for allegedly stealing trade secrets.
Specifically, PayPal argues that Google’s Stephanie Tilenius violated a contract when she recruited PayPal’s Osama Bedier earlier this year and that Bedier, who was heading up PayPal’s phone-as-payment-method development, allegedly provided Google with PayPal trade secrets that materially improved Google Wallet. However the case is resolved, it is a clear indication that PayPal will launch a competitor to Wallet.
Apple has also been rumored to have a similar application in the works for its popular iPhone and iPad products, and some believe that Microsoft will have to offer something similar for its Windows Mobile operating system.
The Google Wallet announcement was, perhaps, the first example of an entirely new way to manage payment accounts and interactions with merchants. As phone-as-payment-method solutions like Wallet become popular, they have the potential to change consumer expectations regarding the checkout process and change who and how payment transactions are conducted.