Investing In Security & Convenience – Progress In The Mobile Revolution

Here is a “Fun Fact” that also hints at a telling reality:

“In which financial endeavor does Finland excel vis-à-vis the United States?”

Incorrect answers include:

1) Spending on expensive ski equipment;

2) Sales of anti-freeze;

3) Purchases of top quality winter wear, such as this item from the REI website:

The actual correct answer[1] is:

The volume of “Non-Cash Transactions per Inhabitant”

As the graph below illustrates, the Finns have “run away with the crown”! On average, Finns initiated almost 450 non-cash transactions per person in 2012… versus about 370 transactions per person in the U.S. – a difference of nearly 22%!!

Additionally, the growth of said transactions year over year was 10.6% in Finland versus just 2.6% in the U.S.!![2]

Now I do grant that the U.S. does top the rest of the world in this category (as the graph demonstrates). But among the economic strengths about which the U.S. boasts most vigorously has long been our (supposedly unparalleled) acumen regarding all things Financial!

At this point, if we were listening to an old broadcast of a Paul Harvey newscast, we’d hear Harvey say… “And now, for the REST OF THE STORY!”

The oversimplified explanation of this disparity between Finland and the United States with regard to “Non-Cash Transactions” is this:

As a rule, Europe is far ahead of the United States with regard to securing sensitive personal financial information!

I doubt that most of you are surprised by that fact. On a fairly regular basis, we hear at least oblique references to the United States’ inferior financial security infrastructure – particularly following the news of any new breach of customer financial data! As we all know, during the past few years we have read/heard about breaches within the operations of countless household names, including:

1) HOME DEPOT (HD): within the course of a few months, criminals gained access to the financial information of as many as 55 million folks.[3]

2) TARGET (TGT) servers were breached during the holiday shopping season of 2013. In less than three weeks, the “bad guys” stole data from 40 million cards.

3) ADOBE SYSTEMS (ADBE) had its systems breached in July of 2013. Hackers purportedly soaked up sensitive personal data related to approximately 38 million ADBE customers, including: names, encrypted credit or debit card numbers, expiration dates, etc. [4]

4) There have been smaller, less widely circulated, reports of breaches at such retailers as the MICHAELS COMPANIES (MIK) and NIEMAN MARCUS (privately owned)

Amplifying the magnitude and importance of these news stories, SafeNet, Inc.[5] published highlights from its SafeNet Breach Level Index (BLI) following the close of Q2 earlier this year.  Between just April and June of 2014, the BLI recorded 237 breaches worldwide – compromising the customer records of over 175 million folks. Further, an analysis of the entire first six months of this year indicates that Q1 was worse, since the metrics for that 6-month period was:  559 breaches of security on personal/financial information on over 375 million customers!!

Therefore, it is not surprising that respondents to a recent NBC/Wall Street Journal poll indicated that 45% of them had received at least one letter from a retailer (or some other credit vendor) reporting the hacking of customer payment information!! [6]

Hold this thought about the significant vulnerability of credit card financial data… and let’s move on to review those trends that illustrate what (in an “ideal” world) U.S. consumers want by way of a “Payments System”:

1) SECURITY:  No surprise here. Identity theft is a huge drain on emotional peace of mind, personal time (cleaning up your record), and consumer transactional confidence (as anyone who has experienced identity theft will attest!). So “Task #1” for any Vendor in the “Payment Transaction” space is the provision of “State of the Art” security for personal financial information!!

2) CONVENIENCE: As we all know, carrying credit/debit cards around in a bulky wallet or an already heavy purse is a huge hassle. And we know that store credit card transactions take too much time… including signing, waiting for the receipt, etc.

Numerous surveys of consumers indicate that they want more convenience from new payment solutions… including faster checkout and/or the ability to see a balance. [One survey shows that two-thirds of consumers want such convenience!]

3) The rapid migration from PC’s to Mobile (tablets and smartphones) have led to corresponding changes in consumer preferences and practices consumers.

The following graph incorporates all the countries with a “higher than average” share of consumers who are anxious to shift from E-Commerce (PC based transactions) to M-Commerce (transactions from smartphones/tablets). Note the preponderance of “Developing countries” within this list!! 

  Building on that theme, both E-Commerce and M-Commerce growth within “Developing” (emerging) markets is much greater than within “Mature” (developed) markets: 

 

In light of the above, it should not be a surprise that M-Commerce (60%) is growing at a much higher rate than E-Commerce:

Another big change in the “Financial Payments” space is the emergence and rapidly growing presence of “Non-Bank” Vendors … whose biggest contribution to the Evolution of Digital Payments has been continuing INNOVATION.  In fact, without the non-bank “disruptors” within this space, growth throughout the industry would be much slower. The reason for this is simple:  banks are (by heritage and culture) extremely conservative, operated through “silos”, and focused upon “current payback” rather than long-term growth.

As non-bank vendors have captured increasing market share in this space through innovative “solutions”, the pace of change has accelerated. At that point, even the stodgy old banks are forced to move toward innovation!!

No matter how one slices and dices the “Payments” space data, it is incontrovertible that “M-Commerce” is the current hot thing within this space:

 

Bain & Company is among the best sources of helpful, empirical data on industry trends. During the past few years, Bain has discovered that banks that desire to please existing customers and attract new customers would find the greatest degree of success by developing ever more secure, more convenient mobile payment solutions.[7]

So which vendors are making the most progress in providing a secure, convenient “Payments” solution?

If one weighs the existing alternatives within the market… we quickly find that the “Payments Infrastructure” within the U.S. is still hopelessly mired in a complicated, disjointed (by which I mean “non-standardized”) process that involves multiple steps between card presentation at a retail location and the final authorization of payment into a retailer’s account (and a debit to the credit/debit card account).

When a Visa (V) or MasterCard Inc. (MA) (referred to as “universal” cards) is involved, that process involves at least four parties [the detail behind each “party” is beyond the scope of this article… our objective here is merely to offer a “big picture” view]:

1) Merchant;

2) Payment Processor

3) Merchant Acquirer

4) Issuer 

It is important to note that neither network (Visa or MasterCard) is explicitly counted within that four-party system. Instead, they facilitate the system's operation. Here is an explanation of their role by Sherri Haymond (SVP and Group Head for Digital Channel Engagement at MA):

“MasterCard sits in the middle: we have a franchise that financial institutions apply to join… acquirers bring merchants into the system, and issuers bring consumers into the system.”

Your next question could be… “Then exactly what is the ‘value added’ to the process by V or MA??”  The answer is that V and MA have created and sustained these networks; and the networks are managed/coordinated by rules and standards created and administered by V and MA.  And of course, these two networks facilitate the movement of money.

Of course, there has to be a profit motive behind this elaborate system; and the enticement which drives these payments process “players” is: 

 The Interchange Fee (Discount Rate and Transaction Fee)

The bottom line (as summarized by Forbes in a quote from a credit card industry executive) is as follows:

85% of the Interchange Fee (usually 2% of the transaction purchase amount) is paid to the card's issuing bank (such as Chase (JPM) or Bank of America (BAC)). Obviously, issuing banks have had to “eat” the growing costs incurred to combat the ballooning of card fraud; so one would expect these players to be driven by a strong incentive to be extremely cooperative in developing higher levels of security!!

 Alas, until now the “incentive” for U.S. banks has not been strong enough to appreciably transform the (obviously) vulnerable U.S. transaction infrastructure. The sad fact is that the typical U.S. transaction process stores an individual’s financial data on a credit card’s  magnetic strip – a technology that has (brace yourself for this) not undergone a significant upgrade since the 1970’s!! 

This primitive technology does not alter any information in between transactions… an incredible vulnerability that literally allows thieves (once they copy the strip) to edit the owner’s personal details in ways that allow the thieves to initiate illegal transactions!

In mega sharp contrast, the European card infrastructure is leagues more advanced! Each card contains a small, embedded microchip programmed to create a new, distinct transaction code whenever a card owner initiates an in-store transaction.  That is the first step in the security process!

The second step is a requirement that the consumer enters a PIN code at the register checkout. This “Chip and PIN” system has been required in Europe and certain other nations[8] for about a decade.

According to the U.S. Federal Reserve[9], the “Chip and PIN” system makes credit card transactions 700 times more secure than older methods (such as the one used in the U.S.).

Quite pointedly (and accurately) Julie Conroy (director of retail banking research at the AITE Group, a Boston consulting firm) offers this perspective upon the global payments environment:

“The U.S. is the weakest link in the payment chain. As card fraud has risen 30 percent annually in recent years, the business case to upgrade cards now makes sense.”

In recent months, the “hit” to U.S. corporate pocketbooks has moved high enough to motivate these payment vendors to (finally) begin protecting U.S. cardholders as well as their European counterparts have done for ten years! We even have a “target date” in view—October of 2015, when those involved within the payments processing here in the U.S. will be expected to comply with the “E.M.V.” standard (E.M.V. stands for EuroPay, MasterCard, Visa… who designed a unified, universal standard for secure processing).  There will even be “teeth” incorporated into this massive transformative transition!  After October of 2015, the liability for any cost(s) incurred from fraudulent transactions will shift from banks to merchants, unless the merchant has upgraded its point-of-sale equipment (fully) to the new system (ie. equipment that is E.M.V. compliant!).  Even the bureaucracy-riddled federal government has promised the availability of a “Federal card” containing an encrypted microchip and requiring a PIN as “standard issue”.[10]

Moving from consumers’ insistence on improved SECURITY to consumers’ desire for greater CONVENIENCE, let’s explore some more graphs:

1) Awareness of “Mobile Payments” is growing:

2) Existing “adopters” of Mobile Payments exceed 20% of all U.S. consumers

 3) At this point in the evolution of the “Payments Space”, U.S. Mobile Payment Users are (for the most part) using Mobile to replace credit card transactions rather than cash.

So which players have proactively tried to enhance both the SECURITY and the CONVENIENCE of retail payment transactions? 

GOOGLE (GOOG, GOOGL) was the first to rollout and market an application for what has been seen as the current “Holy Grail” in Mobile Payments: a “touch to pay” system. GOOG introduced the “Google Wallet” in 2011.

Sounds great, doesn’t it?!

Unfortunately, execution of this Mobile Payment Service left much to be desired!

1) When this “tap to pay” app for Android phones was rolled out in 2011, it was only available for the Sprint Nexus S 4G.

2) The official “partners” of Google Wallet consisted of a total of two: MasterCard and CitiBank.

3) With regard to security, Wallet did store credit card information on a “Secure Element” (microchip) and required the user to enter a four-digit PIN (which triggers the transmission of card information through the system).

However, this initial version of the app could only interact with “Near Field Communication” (NFC) retail terminals[11] that accepted MasterCard’s PayPass.

4) In response to very slow adoption of Wallet, by 2012 GOOG endeavored to expand the universe of potential users through a retooling of the app that allowed it to accept “all credit and debit cards from Visa, MasterCard, American Express, and Discover”. 

Tellingly, GOOG did not bother to create a “partnership” with any of the additional card providers!  In response to learning about this development through public news reports (rather than GOOG), American Express (AXP) expressed its displeasure at the announcement. [GOOG didn’t exactly win any “points” by its unilateral action!].

5) Despite this response by AXP  … it would seem as though GOOG was making progress, correct?

Not so fast! By that point, even if the owner of a NFC capable Android phone tried to use Google Wallet at a retail location, she/he was very often unable to execute a mobile payment!!  WHY?  Because carriers like AT&T (T) and Verizon (VZ) only supported the SOFTCARD standard for NFC systems!![12] 

6) By 2014, GOOG retooled the Wallet app once again… replacing the “Secure Element” by the “Host Card Emulation” system. This retooling made it easier for third-party developers to maximize Android’s NFC potential. [Using Wallet still required the phone owner to enter a four-digit PIN to authorize transmission of financial data.]

7) The most intriguing dimension of this change (in my opinion) was the introduction into this Mobile Payments process of a “Virtual Card” [Google Wallet Virtual Card… issued by Bancorp Bank (TBBK)). 

This virtual card serves as an “intermediary” in the transaction process – preserving/protecting the account holder’s actual primary credit information from ever being compromised during a transaction.

This Google Wallet Virtual Card (a MA branded prepaid debit payment card) is the only financial data actually stored within the phone app or the phone. It adds an effective layer of protection vis-à-vis the owner’s primary financial data, but it also makes the payments process more complicated… expanding the “Four Party” process (described earlier) into one that involves additional steps.

According to GOOG, this does serve to expand the universe of retailers through which a consumer can initiate a Mobile Payment. GOOG has accomplished this by specifically designing their “Virtual Card” to be very widely accepted!  Here is GOOG’s own description: 

“When you place your mobile device near the merchant's NFC reader, your Google Wallet Virtual Card information will be transferred from your NFC mobile device to the merchant for use in processing the Payment Transaction.

“The Google Wallet Virtual Card is a prepaid debit card that can be used to make purchases when you use the Google Wallet Mobile Service at a merchant location that accepts contactless payments, even if the issuer of your registered debit or credit card is not a Google Wallet partner for NFC transactions.”

8) The positive side of this system is that the use of a “virtual card” is a fraud reduction solution that has already been time tested. The fact that GOOG has sponsored and helped to design the card has served to maximize the Wallet’s range for retail use. According to the American Banker, the bottom line result is that:

“Google sits in the middle of its Wallet transactions, rather than just passing through plastic credentials to an NFC enabled smartphone.”

It is vital to note that, although a consumer’s sensitive financial data does not reside within an Android phone itself in any way, it is still stored within servers owned and overseen by GOOG!  Here is a descriptive section offered by the online Google Wallet FAQ:

“Your actual credit card number is not stored. Only the virtual prepaid card is stored and Android's native access policies prevent malicious applications from obtaining the data. In the unlikely event that the data is compromised, Wallet also uses dynamically rotating credentials that change with each transaction and are usable for a single payment only. Finally, all transactions are monitored in real-time with Google’s risk and fraud detection systems.”

GOOG has also promised to bear full liability for any unauthorized Wallet transactions reported to GOOG within 120 days. 

9) Potentially negative aspects of this system (depending completely upon one’s own philosophical and personal biases) include (at least) the following:

a) I have no empirical basis upon which to base this, but my hunch is that a majority of users are not fully aware that the Wallet has created an additional “financial card” in their name.  [That’s just a thought for us our consideration!] 

b) Because the Wallet system incorporates two “card issuers”… an Interchange Fee (at least in theory) should be charged twice.  The merchant (of course) covers the first Interchange Fee.

But according to the UniBull Credit Card Blog, GOOG pays the second fee:

        “This time Google will have to pay for it, and it doesn’t seem like the search giant can offload the interchange to anyone else.” 

c) So this service that is “free” to the consumer actually costs GOOG money. [GOOG does garner advertising revenue through the Wallet… but one can safely assume that said revenue does not (at least not yet) cover the full cost of the service!]

Does this mean that GOOG has turned into an altruistic organization… helping the poor, vulnerable consumer to gain free access to a more secure Mobile Payments platform??

I beg you to forgive my cynicism at this point, but altruism is hardly what is on the mind of those who manage GOOG these days!  Instead, the best and most likely explanation is simply this:

As has been the case with all of GOOG’s other free services, the goal of Google Wallet is simply to collect as much data as possible from its customers. 

INVESTOR TAKEAWAY: 

True Confession time for me! I admit that this article is much more helpful to you as a CONSUMER than as an INVESTOR!  However, that being confessed, here are points that I trust you have already gleaned from the above:

1) One of the fastest growing services offered today is MOBILE PAYMENT:

a) If you accept the short-hand of E-Commerce for transactions initiated from a laptop or desktop computer and M-Commerce for transactions initiated via a smartphone or tablet.

b) Amplifying this point is a graph that shows E-Commerce folks from countless countries who would prefer to go “Mobile”!!  It also demonstrates that Mobile Payments are “hot” around the world.

2) With regard to INVESTING… no matter how exciting you might find the Mobile Payments Space (and its incredible growth prospects) … I could not find any investing publicly traded “pure play” within this space.

a) If you take a look at the top 10-12 “Payments Vendors” … you’ll find that the most appealing investment possibilities are either not publicly traded or are only a subsidiary within a huge “parent” company.

b) With just one exception, if an investor purchased stock in one of these “parent” companies – the impending growth in Mobile Payments would only account for a small portion of the parent’s financial success.

c) That “exception” is PayPal, whose explosive revenue growth has led to PayPal now providing its parent (EBay (EBAY)) with almost as much revenue as the remaining segments within EBAY do!

i) EBAY will spin off PayPal during 2015 (at this point, during the second half of the year).

ii) An investor interested in the “Payments” industry will need to decide if buying EBAY before the spin off is more appealing (later receiving their share of the spun off shares)… or waiting until after the spinoff has been executed!

3) However difficult it may be for us to accept it, the truth iss that Europe has enjoyed a much more secure E-Commerce and M-Commerce experience than the U.S. for some ten years now!

a) Finally, U.S. payments vendors are losing enough money to motivate them to “bite the bullet” and transition to the global standard: E.M.V.!!

4) Currently, we have a U.S. market with consumers crying out for a more secure system through which they can utilize a quicker, more convenient, seamless Mobile Payments process with confidence!!

a) Google Wallet was introduced in 2011 and retooled twice along the way.

b) There have been some significant pluses introduced into the market by GOOG through the Wallet… and some “hiccups” along the way, as well.

c) After three years of existence… Wallet has captured 4% of all the digital payment transactions during the month of November (a month that always reports elevated digital activity because of holiday shopping).

d) You can consider 4% a good showing… or a weak showing (especially considering that it is in its 4^th year).

e) Interestingly, Payment Space metrics show that the newest Mobile Payments service (just two months old) captured 1.7% of all November digital payment transactions!!

5) It is that newest Mobile Payments Service that we will examine in some detail within our next article!!

DISCLOSURE:                           

The author does not own GOOG, EBAY, or any of the other stocks directly addressed in this article. Nothing in this article is intended as a recommendation to buy or sell anything. Always consult with your financial advisor regarding changes in your portfolio – either subtractions or additions.

FOOTNOTES:

---

Related Posts