Typically thought of as a mobile technology for physical merchants, NFC could soon be converting card-not-present transactions into card-present payments for e-commerce retailers. That prospect has important implications for processors and developers.
By Bill Pittman
Every e-commerce retailer would like to reduce its cost of payments, slash its fraud, and trim its chargebacks. Could near-field communication technology be the answer? WeÕll get to that in a minute.
First, letÕs look at the current situation for e-commerce merchants. Then weÕll explain what NFC is, what it can do for e-commerce, and what the implications of that are for payments processors and developers.
E-commerce retailers pay some of the highest discount rates for transactions because those transactions are considered card-not-present (CNP) by the card networks, which set interchange rates, the biggest component of a merchantÕs discount rate. The networks deem CNP transactions to be riskier than card-present (CP) transactions because the card cannot be verified as present at the time of checkout.
To achieve CP rates, the networks require that magnetic-stripe data be sent in the authorization message to the payment processor. You cannot store mag-stripe data, according to network rules, so the card must be swiped at the point of sale for each transaction to send the mag-stripe data and achieve this lower rate.
This is how brick-and-mortar retail works today. There is only one way with current technology for e-commerce retailers to work the same way: Their customersÕ computers would have to have a card reader connected to them so the customer could swipe a card at checkout. This input method would need to be integrated into the shopping cartÕs checkout process. Also, the e-commerce retailer would have to have a merchant account set up to support CP transactions. Good luck with all of that.
The Card-Present Goal
Now, keep in mind that many e-commerce retailers have long-established relationships with their customers. These are repeat customers who have been purchasing from them for years. E-commerce retailers know virtually everything about their customersÕ purchasing habits and patterns and have developed extensive fraud-monitoring systems that signal a real-time alert if something unusual happens. Often, the e-commerce retailer can validate the transaction in question before it even goes to the payment processor.
So, thanks to fraud-monitoring systems that take into account the repeat-customerÕs history, sophisticated e-commerce retailers can have lower chargeback rates than even traditional brick-and-mortar retailers. Yet all e-commerce retailers pay higher CNP rates and brick-and-mortar retailers pay lower CP rates.
Many e-commerce retailers donÕt think this is right. They pay higher rates because their transactions are deemed riskier because their transactions are CNP, even if they have a history of lower chargebacks than some brick-and-mortar retailers. The only way around this today is for an e-commerce retailer to turn their CNP transactions into CP transactions.
That brings us back to near-field communication, or NFC.
NFC is a standard that allows for simplified data exchange between two devices in close proximity to each other. It is all the rage currently, with news stories and press releases about it emerging every week. Typically, these stories are focused on smart phones with integrated NFC chips where the phone acts as a wallet. The smart phone has cardholder information securely stored in it, and the wallet app accesses the cardholder information. That lets shoppers pay for their merchandise by waving their smart phone near to or tapping them on an NFC reader that is connected to the retail cash register or POS terminal.
The major card networks, for example Visa Inc. with payWave and MasterCard Inc. with PayPass, have developed contactless standards built on NFC. These standards provide for chips in cards to be used at retailers to support NFC transactions. The standards also provide a mechanism to pass dynamic encrypted mag-stripe data via the reader to the payment processor so the payment qualifies as a CP transaction. In the future, you should be able to pay with an NFC card or NFC smart phone at your retail point-of-sale store if they have an NFC reader connected to their POS system or payment terminal.
The NFC Glue
NFC received a big endorsement in August with VisaÕs announcement that, effective Oct. 1, 2012, merchants that have a least 75% of their transactions originating from EMV chip card-enabled contact and contactless terminals will no longer have to validate (to Visa) their compliance with the Payment Card Industry data-security standard (PCI). In addition, effective Oct. 1, 2015, merchants that do not have EMV contact and contactless compliant terminals will be liable for domestic and cross-border counterfeit CP point-of-sale transactions.
The important point for NFC is that it is quickly becoming the contactless standard. If all Visa cared about was security, it would not have required merchants to support contactless, for example, VisaÕs NFC payWave technology. What this means is that all U.S. merchants now have a big incentive to upgrade their card-acceptance infrastructure to support both EMV and NFC. This is a big effort but could result in the entire brick-and-mortar point-of-sale infrastructure being NFC-enabled in just a few years.
So what does this have to do with e-commerce retailers? Well, think about it. In the future, if everyone has NFC cards and/or NFC smart phones that they can use at brick-and-mortar retailers, wouldnÕt they like to use them for e-commerce as well?
I know e-commerce retailers would like to accept them to so they can get CP rates.
I can see this transition happening in two ways. In one scenario, you purchase items directly with your NFC smart phone or tablet device off an e-commerce retailerÕs Web site. It qualifies as a CP transaction since you already have your card information securely stored on your smart phone or tablet. In the other scenario, your PC or tablet has an NFC reader imbedded in it. You will be able to purchase at checkout by waving your card or smart phone over the PC or tablet reader.
This will turn an e-commerce CNP transaction into a CP transaction. But it should also result in more than a lower cost of payments and potentially reduced fraud and chargebacks for e-commerce retailers. It should result in greater convenience for the consumer by not requiring her to type out her card number and info when making online purchases.
What are the implications if this? How will the market evolve? For years, I have been building payment-software technology that supports both CP brick-and-mortar retail as well as CNP e-commerce. All along, itÕs been my vision that the two worlds would some day merge. Now, with mobile and NFC, that vision is reaching its consummation.
Payment processors and developers now have a third vertical to support. NFC can serve as the glue that brings all of these verticals together. As you develop your future systems, you need to make sure you have a payment infrastructure that supports multiple verticals, CP (with and without NFC), and CNP so you have the flexibility to serve these markets as they merge.
If you are building an e-commerce system that does not support CP transactions, you could be at a disadvantage if the market evolves in this direction. In addition, shopping-cart checkout pages and processes will need to be modified to support this input method instead of using a server-side wallet to store cardholder information.
This can break the model for some major e-commerce and payment vendors that have built their systems around a server-side wallet. Your challenge is to make sure you are not one of them.
Bill Pittman formerly worked at Amazon.com and founded GO Software and TPI Software. Now a consultant, he can be reached at BillPitt123@gmail.com.