During my travels through Vietnam and Sri Lanka as an Eisenhower Fellow, I saw and met with amazing innovators and change agents looking to build on their nation’s respective digital and technological economies. These high-tech entrepreneurs are working to ease and enable democratization of information and resources for those off-line and online in emerging economies.
As technology becomes even more central to our lives, innovation is spilling over into everything on a global scale, including retail. And when small and great sums of money are on the line, you can be sure all parties involved will work tirelessly to protect themselves.
Consumers are faced with more payment options at the check-out counter and online than in any other period in history: cash, credit, debit, mobile payments, biometrics — the list goes on. The embrace of advances in fintech inspires a notion of security and reduction in fraudulent activity. However, it’s necessary to examine what requirements should be prescribed given the digital divide that still exists in both developed and emerging economies.
Let me preface this by saying this piece is not intended to be hostile toward innovation. In fact, I’ve devoted my career to championing innovation and believe technological advances have had innumerable positive impacts on our society. That said, every industry needs to seize opportunities to make better and more productive what we currently have, while simultaneously developing and introducing next-generation technologies. The current debate around payment technology and the fintech space is a prime example of this.
When discussing advancements in payment options, many immediately think of PayPal, Amazon Payments, Google and Apple Pay, which garnered a lot of attention when they were released. Driving home this point are the regular segments on morning shows touting mobile payments as “the next big thing.” Thank you, Matt Lauer.
I find it hard to believe there’s someone out there who thinks signatures are more secure and difficult to circumvent than a PIN.
But as The New York Times reported earlier this year, consumers are simply not making the shift to mobile payments. According to the article, a recent eMarketer survey found that an estimated $8.7 billion in purchases were made with phones in 2015, a paltry 0.2 percent of the estimated $4.35 trillion of in-store sales last year. Another new market report projects the mobile point-of-sale market will only reach 38 percent by 2024. So yes, Mr. Lauer, mobile payments are the next big thing — as long as by “next” you mean years from now.
Mobile payments technology has plenty of hurdles remaining, from innovation to adoption to deployment. For instance, how many retailers — large and small — have payment terminals capable of accepting mobile payments? Not many. And while there haven’t been detailed studies tracking how many retailers currently accept mobile payments, studies have shown that just over half of American retailers currently accept new chip-enabled cards — which is not really retailers’ fault. In the end, it all comes down to having the most up-to-date payment terminals. If a vendor does not accept chip cards, chances are slim it is taking mobile payments.
We’ll get into chip cards later.
Adding to this problem is the fact that only about 68 percent of Americans own a smartphone. Clearly, America is still far from adopting mobile payments as our primary method of payment, unlike the digital sophistication that has emerged in South Korea and Estonia. Yes, I said Estonia. If you want to study a digitally sophisticated and connected country, look no further than Estonia!
And lest we forget the constant worry among smartphone addicts (me included) that their phones will die. Trying to catch Pikachu on Pokémon Go will make swift work of a battery! So, on top of not being able to send a hilarious snap, if someone’s dead phone is their only form of payment, they’ll be in a very bad predicament. Better hold onto those Hot Topic gift cards.
Jokes aside, there’s no denying that mobile payments are more secure than the old-school magnetic stripe cards. The most unsophisticated criminal can figure out how to program and deploy a skimming device to capture consumers’ credit card data and make counterfeit cards.
However, credit card issuers and retailers have made progress in combating counterfeit credit cards by introducing and accepting chip-enabled, or “EMV,” cards. Every time a chip card is dipped into a payment terminal, a unique number is generated to complete the transaction, which can never be used again. This has rendered counterfeiting cards nearly impossible.
Unfortunately, the transition to chip cards in the United States came with one major snafu: Consumers are still verifying each transaction with a signature rather than entering a PIN. Industry arguments and talking points notwithstanding, I find it hard to believe there’s someone out there who thinks signatures, basically an ever-changing scribble if you’re like me, are more secure and difficult to circumvent than a PIN.
It’s time we pair chip cards with PINs to better protect consumers now.
Nevertheless, there seems to be an endless supply of excuses for why PINs received the boot. My favorite BS explanation is that Americans won’t be able to remember another PIN. Apparently there is an asinine argument that we Americans are really dumb, because people in almost every other developed country in the world have been verifying their credit card purchases with PINs for years, yet we do not. Surely if we can remember our garage door codes, ATM PINs, office log-in passwords or our smartphone passcodes, we have enough bandwidth to remember a PIN for our credit cards.
So what’s the hold-up on making consumers’ credit cards more secure? In a surprise to no one, some banks and credit card companies are fighting tooth and nail against the idea because of the potential threat to their own profits. Companies like Visa and MasterCard control the networks that process signature transactions, and PINs would add necessary competition that they view as jeopardizing their market power.
It’s also clear that smartphone manufacturers like Apple think numeric passcodes like PINs are more secure than biometrics. If you haven’t noticed, you are required to enter a PIN when you restart your device, even if it’s programmed to accept biometrics. And if you try to access a page with sensitive material on an app — like paying your Chase credit card — you must enter a passcode. While biometrics can sometimes be used to verify your identity, passcodes like PINs are considered a more sufficient form of proof, which is kind of counterintuitive.
So while innovations like mobile payments and biometrics may one day change the way we safeguard consumer financial information in the digital age, we cannot neglect the here-and-now of both online and off-line users.
The overwhelming majority of Americans use credit cards at the point of sale, and it’s hard to see that changing anytime soon. Unfortunately, we’re falling short in protecting them, even though the remedy is both simple and in widespread use around the world. It’s time we pair chip cards with PINs to better protect consumers now.