A Funny Thing Happened on the Way to Our Blog (and the Realities of Mobile Payments) – by Jack Hojnar

The best laid plans of mice and men often go astray or so I was reminded today as I started to write the first CBSI blog.

Having spent nearly my entire career in both technology and financial services – an odd mix, no doubt – the increasing ability to merge transactions with mobile phones has the makings of an Edward Bellamy novel. Future, meet the Present. The only object I carry with me everywhere is my phone and I am longing for the day when my driver’s license is embedded within an app. Thank you airline industry as I’ve been using barcode boarding tickets on my phone since the technology became available. Put all of me into one, shiny metallic box of chip sets and I’m good to go.

See, this topic fascinates me to the point of completing changing my behavior. I am a rare technology lover that does not drink coffee (or other accelerants). So when Starbucks introduced its reloadable card app and allowed people to scan and buy without opening their wallet, I proposed my love of expensive roasted cocoa beans on the spot. Make mine a tall, thank you, so I can keep my wallet at home.

And so propelled my love affair for anything regarding mobile and payments giving me an outlet and topics on which to Tweet and blog.

Passbook. eWallets. Gyft. Square. Banking regulations. Interchange fees. To NFC or not NFC is my question. Keep it flowing and keep the options open. The more the merrier. The mobile technology and payments world coming together. Topics galore.

After years of trudging through antiquated banking systems, the New Mobile Payment Age (far better than the Old Mobile Payment Age) was awakening and smiling at me.

Until a representative at my bank called me today to ask if I had made a series of credit card purchases.

Damn.

Fraud. Stolen credit card number. After several reviews of my transactions, the culprit emerged: someone hacked my phone.

At some point last night, my phone mysteriously turned off. Plenty of battery power remaining. No frozen apps. Just shut down. Now I should know better, or at least should have been suspicious. But instead I rebooted my life and sloshed around reading Twitter feeds, unaware unconcerned.

The previous day I used my phone to purchase concert tickets via an app. All seemed to work well – especially for the hacker. Entered my credit card number, contact information, security codes and email address with the absentmindedness of a starving catfish sizing up a big chunk of cut shad on a treble hook. Transaction done. A beautiful black and white bar code e-Ticket in Passbook slept happily in my phone waiting for the big day.

The representative at the bank suggested someone examine my phone. I’m not sure if this was a scripted instruction because more people were sharing my experience, but it sure appeared that way. Drove to my cellular provider who confirmed something nasty took up residence and therefore the phone needed to be wiped clean.

Through all of this activity, accepting that the world of mobile payments is still young – really young – bugged me. Clearly working in the industry, I’ve come to experience the adolescent state of mobile payments. Maybe I wasn’t prepared to be a consumer victim.

The challenge to mobile payments is not whether NFC is the solution or whether the retail marketplace is prepared to offer multiple hardware devices to accept payments.

The challenge is not accepting alternative providers, like PayPal, who exist outside of normal banking considerations. These companies may pose competitive risks to banks, but their existence is good for the marketplace.

Even government regulations perceived as meddlesome are not the biggest concern.

It’s security.

Security is still the largest issue facing the success of mobile payments. Where money flows, vultures follow.

My intention with the first CBSI blog was to review the several available options to consumers and marketers with regard to mobile payments: Why NFC may not be the best option. How start-ups like Square are pushing the industry to new places. How my company, CBSI, is an important part of that equation.

Instead, I spent the day searching reviews of operating system security flaws with Android, iOS6 and more:

Article 1:
http://www.intego.com/mac-security-blog/apples-ios-6-release-a-mixed-bag-for-security-and-privacy/

Article 2:
http://www.quora.com/Passbook-iOS-app/How-will-Apples-new-mobile-wallet-Passbook-impact-other-mobile-wallets

Article 3:
http://blog.softwareadvice.com/articles/retail/whose-responsibility-is-it-to-protect-our-ewallets-1030511/

I tried to understand what role the banks have in this new arena:

Article 4:
http://www.bankinfosecurity.com/interviews/whos-securing-mobile-payments-i-1692

I even looked into ways to protect my online accounts (though, again, I should know better):

Article 5:
http://gadgetwise.blogs.nytimes.com/2010/09/29/what-to-do-if-hackers-steal-your-online-accounts/

For now let’s just say my eyes are a bit wider and my enthusiasm a bit tempered. As someone who leads developer teams and other technology initiatives, my primary concern is always integrity, not only to make sure that something works but also that we are doing everything we can to make sure the consumer experience is amazing.

To be sure, I hit a speed bump; a reminder of the vigilance required and the humility necessary to keep pace. Banks, start-ups, non-traditional payments sources and so many other companies will benefit from mobile payments and transactions and this makes the speed bump manageable.

When Chester Gould gave Dick Tracy his two-way radio wristwatch, he probably didn’t anticipate Tracy waving that watch in front of a device to pay for gas. But I’m glad someone did.

By: Jack Hojnar

Advertisements