Visa pushes contactless radio-frequency devices as a more convenient and possibly safer alternative to debit cards.
Advances in standards and technology have Visa believing now's the time for the United States to embrace radio-frequency-enabled contactless payment devices that can be waved near a sensor rather than having to be swiped through a card reader. These devices can take the form of a standard credit or debit card, a chip implanted in a cell phone, or a mini card that's about half the size of a conventional credit card.
Radio-frequency equipped devices touted as a more convenient alternative to debit cards
Photo by Thomas Cooper/Getty Images
Radio-frequency tags have been a hit with drivers who, for the past decade, have been able to use them at Mobil gas stations and at toll booths, but U.S. businesses have been slower to invest in the infrastructure needed to implement the technology in retail settings. Visa is trying to change that mind-set, and in December it launched a pilot program at Atlanta's Philips Arena, home of the National Basketball Association's Hawks and the National Hockey League's Thrashers, to prove the efficiency of contactless payments when crowds gather at concession stands.
Season ticket holders with Chase-issued Visa credit accounts and Cingular wireless accounts can make contactless payments at concession stands throughout the arena using near-frequency communication-enabled Nokia 3220 cell phones. Pilot testers wave the phone within an inch or two of a radio-frequency reader without the need for a PIN or a signature. In the arena setting, merchants believe they can make more money because their workers spend more time helping customers and less time handling cash. The pilot program will run through the end of the NHL and NBA seasons.
The push to implement more convenient and secure forms of payment comes as concerns mount over the security of PIN-based debit transactions that could allow thieves direct access to bank accounts. Visa last month acknowledged that a U.S. merchant that accepts Visa payments "may have experienced a data security breach resulting in the compromise of Visa card account information." Visa alerted banks, including Bank of America, Citibank, Washington Mutual, and Wells Fargo, whose customers might be affected by the data breach, so the banks could monitor transactions for fraud and, if necessary, reissue cards.
Visa, the FBI, and law enforcement in cities nationwide continue to search for the thieves, who apparently stole not just the encrypted PIN codes but the encryption keys needed to decode them. The PIN theft affecting Visa and a number of banks could inadvertently help the business case for moving to payment technologies that rely on microchips and radio-frequency sensors embedded on cards, key chains, or other devices, says Ron Carter, director of payment solutions for nCipher, a provider of encryption technologies. "The level of fraud in the U.S. hasn't been high enough in the past to justify the change in infrastructure for vendors to support" chip-based payment devices, he adds.
Visa's contactless payment chip uses 128-bit encryption and Triple Data Encryption Standard technology to protect the data used during a transaction, which includes the user's account number and a unique numeric code generated for each transaction. The greatest drawback to contactless technology is that, since no PIN or signature is required, the merchant has no way of knowing whether the person making a purchase is the rightful card owner.
Although U.S. businesses have been slow to adopt contactless payment options, international support has blossomed. Japanese card issuer JCB International recently agreed to share a common contactless communications protocol based on MasterCard's PayPass ISO/ IEC14443 implementation specification, the same specification Visa agreed to support. JCB's adoption means major international card brands are expected to base contactless payment technology on the same communications protocol, ensuring international interoperability among payment systems.
With ISO 14443 becoming a payment standard, merchants are able to accept contactless payments from different card companies, including Visa and MasterCard. This diversity makes an investment in a contactless infrastructure more practical. "For Visa USA, contactless now is a way to drive speed and convenience to merchants and consumers for small payments that have traditionally been cash based," says Niki Manby, Visa USA's VP of market and technology innovation.
Faster Fast Food
Another factor aiding adoption of contactless payment devices and readers for small purchases is that, over the past few years, businesses specializing in high-volume, low-value transactions, such as movie theaters and fast-food restaurants, have embraced credit and debit card payments. Visa hopes such businesses will go the next step and embrace contactless technology.
Visa and MasterCard's vision of the future is in line with research and consulting firm TowerGroup's prediction that, by 2015, a large portion of consumer payments globally will move from cash to new cashless mechanisms, including the Internet, mobile phones, and radio-frequency-enabled devices. In fact, TowerGroup predicted in a January report that by 2009 the total U.S. market for contactless micropayments worth less than $5 will reach $11.5 billion, with almost $5 billion of that transacted via mobile phones.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.