Digital Transactions Authoritative, insightful and timely information for payments professionals
That visual, machine-interface technology we all know from the grocery store is experiencing a renaissance. The first item to be marked with a Universal Product Code or barcode tracks back more than forty years. But now the technology is brand new again, expanded in form to the quick-response (QR) code (really, a 2D barcode). It is already supporting a vast array of services, including person-to-person and retail payments.
Those of us in the industry watch with interest as merchants scramble to accommodate new consumer payment preferences driven by external events like the pandemic. One recent example is the rapid adoption of QR code technology on POS receipts as a result of the desire for touch-free interactions.
But this technology is an attractive interaction medium for a much broader array of applications in payments. First, generating the codes is easy, whether customer- or merchant-initiated. Virtually all smart phones have QR code acceptance technology built-in, putting the codes at the consumer’s fingertips. At the point-of-purchase, merchants need only minor modifications to their display technology to generate the codes.
Next, QR codes help reduce fraud when they’re created from unique, unpredictable, one-time-use data. It quickly became apparent that the same underlying security concept that chip cards employ could easily be adapted to QR codes.
Finally, and perhaps most intriguingly, QR codes facilitate direct-to-issuer transactions. The general simplicity of the underlying data (as the technology is being implemented now) is well-suited to leveraging the point-to-point capabilities of the Internet, bypassing the immense integration complexities and costs of technologies like EMV. And that ease of implementation applies equally well to e-commerce as it does to physical retailing.
However, there are some issues to contend with when applying QR codes to payments. The first is data standardization. While QR code layouts are controlled by the ISO standard and others, the underlying data is not. Some have found this openness concerning and are looking for ways to apply existing payment standards, like EMV, to the data. Unfortunately, this runs up against some of the fundamental limitations of the QR code technology, like data density. Can EMV, a data-heavy scheme, be “pared back” to fit into a reasonably sized QR code, the way it had to be for NFC? Or will new QR code technologies, such as those that employ color, be required?
Others see this openness as an opportunity. When the Internet directly connects an issuer and merchant, the QR code data they pass may not need to subscribe to any outside standard or third party. They can decide for themselves what is needed and what is not. But as QR code payments expand into a multi-issuer environment, a standardized scheme to differentiate and identify one issuer’s QR code from another will be helpful. The Domain Name System of the Internet, which maps URLs to IP addresses, could provide a useful model.
The adoption of QR codes in payments will only increase. Providers across the industry are racing to adapt this technology to the products and services they offer. From POS terminals with integrated QR code readers, to gateways that facilitate direct merchant/issuer interaction, and to data services that provide one-time-use data generation and verification, those venerable zebra stripes found on the back of a soup can may just be the catalyst that changes the payments landscape once again.
—Roger Applewhite is president and chief executive at MagTek. Reach him at roger.applewhite@magtek.com. Maria Arminio, is president and founder of Avenue B Consulting.com. Reach her at maria.arminio@avenuebconsulting.com.
