July 2018

Mobile Payments Unriddled

To be the global intersection of Fintech industry experts and analysts – where connections are built to bring clarity to the world of mobile technology and payments

The Pays

Apple Pay. Google Pay. Alipay. Wait, how do I pay?

With 48 million people over the age of 14 using mobile apps last year, mobile payments have brought much-needed innovation to a legacy payments industry traditionally controlled by uninspiring bank technology. The emergence of the “Pays” has forced merchants to take a deeper look into their payments strategy, often unearthing a larger need for an overhaul of both the online and in-store checkout experience.

EMV to Mobile

With the industry migration from magnetic stripe to EMV (e.g., chip cards) acceptance, merchants were required to purchase new payment hardware to avoid fees associated with the EMV liability shift. Fortunately, but unbeknownst to many, that same payment hardware has enabled mobile NFC payments for hundreds of thousands of merchants across the United States. So, if acceptance at the point-of-sale isn’t the issue, then what is?

The Winners and Losers

Although the popular mobile payments providers like Apple Pay and Google Pay utilize NFC communication, many of the more popular mobile apps, such as the Starbucks app, use QR code based payments. NFC, which is a standard payment type with upgraded hardware, is much easier to implement than QR code based payment methods. Where NFC will work “out of the box” in most instances, QR code payments generally require more costly integration work with the point-of-sale system and the backend provider. If QR code acceptance presents a larger barrier to entry for mainstream adoption, then why are QR code based mobile payment option, such as the Starbucks app, Alipay and WeChat Pay, seeing significantly more success than the NFC based mobile payment options, like Apple Pay, Google Pay and Samsung Pay?

Beyond Payment

Although year-over-year growth in mobile adoption is promising, non-affiliated mobile payments (e.g., Apple Pay, Google Pay, etc.) still only account for less than 1% of all merchant transactions in the U.S. Compare those numbers to China, where more than 90% of all transactions made by users in more than 10 different provincial regions were conducted through mobile devices. The delta? Value added services. Mobile apps like Alipay, WeChat Pay, and even successful merchant apps like Starbucks, have had a hyper-focus on providing value added services through their apps instead of focusing solely on conducting a payment. Whether it’s the ability to earn redeemable points, order ahead, or pay your utility bills through a single app, successful mobile players have created an experience that gives power back to the consumer. The lagging mobile players in the U.S. need to focus on more than just payments processing. Ensuring a seamless consumer experience that emphasizes value added services works to ingrain mobile usage into a consumer’s everyday habits, creating a cultural shift towards mobile that is much larger than simply asking the question, “how do I pay?”

Make sure to sign up for MPC 2018 to hear more from Matt Donnelly! Like this blog? Also check out Starbucks Continue In Store Success Over ApplePay and Why China Leads The World In Mobile Payments.

Staying One Step Ahead Of GDPR

If your company operates in the European Union, you’re aware that General Data Protection Regulation (GDPR) is now in effect; May 25, 2018 was the deadline to have compliance procedures in place. But for companies doing business only with US merchants and consumers, GDPR does not apply. For now.

GDPR focuses on controllers of data (merchants) and processors of data (payment processing firms like FreedomPay). Among other things, GDPR insists that both groups provide greater transparency and give consumers greater control over their data. It’s an initiative driven by high-profile data breaches like Equifax, Target, and other retail and service providers. But GDPR isn’t as much about security as it is about privacy. At its core, GDPR enables EU consumers to contact a company they’ve interacted with, ask what data has been collected on them, and make requests on rectifying, updating or deleting that data.

Unlike PCI, a global initiative with strict and specific rules for payment data compliance, GDPR is a legislative regulation with broader directives around all Personally Identifiable Information (PII). Processors such as FreedomPay work on behalf of the controllers to process PII, and merchants should understand their responsibilities as Controllers to properly handle sensitive consumer data. While FreedomPay does not directly interact with the consumer, we are responsible for working with our clients to comply with consumer requests around data modification and deletion.

The whole issue of data collection, including who collects it, what they collect, how it is collected, how it is stored, and how it is used, is a major area of interest for merchants and consumers across the globe. But just as merchants crave more data, there’s a gap as to how it is handled. Organizing data so it’s relevant and useable is the end goal. Being able to efficiently retrieve requested data and delete it is the next logical step and will likely become a more common request from consumers.

The EU has drawn a line in the sand with GDPR. The United States has regulations on privacy as well. But in the United States, the laws are focused more on privacy and notification if a breach occurs. Further, the laws are not on the federal level; each state has its own regulations, and enforcement is generally lax. FreedomPay’s consolidated global platform allows for data protection and consumer privacy to be centrally managed, regardless of where a consumer resides. That, and providing the consumer with a seamless, secure transaction experience, will leave us and our merchants well-positioned should Congress choose to implement a sweeping law like GDPR.