Samsung and LoopPay: Strategy or ’stop gap’?
The big news last week was that Samsung bought a mobile payment service company called LoopPay for an undisclosed amount, saying it will bring “consumers a mobile wallet solution that is not just safe and reliable, but also widely accepted at more locations than any competing service.” Anyone in this industry will immediately recognise that this competing payment service is a response to Apple Pay, which has grown and has been quickly accepted as a ‘de-facto’ mobile payments service in a very short time.
LoopPay is a new twist on old credit/debit card ‘mag-swipe’ payment technology and is accepted at roughly 90 percent of all locations that accept traditional card payments in the US. LoopPay does this by creating a magnetic field that replicates the data on the magnetic strip of standard cards. As a result, in theory, there’s no need for retail locations to add or use point-of-sale terminals that use NFC wireless technology; much of the existing retail infrastructure already supports LoopPay. LoopPay's technology executes contactless payments by using a fob or phone case to transmit a magnetic signal to a standard point of sale terminal.
Instead of using a LoopPay fob, Samsung can start to build LoopPay's technology into its next smartphone, eliminating the need for consumers to buy separate hardware to make mobile payments. The technology can co-exist with NFC, even though some observers say that Samsung's deal for LoopPay demonstrates its reluctance to go with an NFC-only strategy. Perhaps a case of ‘hedging one’s bets?’ After all, the US mobile proximity payments market – defined as payments made with a smartphone at the point of sale in place of a credit card or cash – totalled $3.5 billion in 2014, according to eMarketer. eMarketer sees 2016 as the tipping point for mobile payment adoption, when the mobile proximity payment transaction value will increase significantly to reach $27.5 billion. By 2018, that figure will balloon further to $118.01 billion. There were 15.9 million US mobile proximity payment users in 2014, according to eMarketer. By 2016, that figure will more than double to reach 36.2 billion and total 57 million by 2018. So there is definitely a case for making sure that your mobile payment solution is an all encompassing one. Something that Samsung is aware of. Hence the LoopPay purchase.
"Samsung's acquisition of LoopPay signals how serious it is about building and launching a competitive mobile payments system in the United States," said Bryan Yeager, analyst at eMarketer. "It also likely gives Samsung exclusive access to LoopPay's technology, which enables mobile payments to be made at merchants who haven't upgraded their point of sale technology to support newer contactless payment methods like NFC – of which there are many."
However, with the upcoming move to EMV payments (Chip & PIN), surely new equipment upgrades will also include NFC technology to support mobile payments, too? Isn’t Samsung trying to cover a payment technology that has had its day? Contactless Intelligence posed this question to eMarketer’s Bryan Yeager, who had this to say, “In terms of the adoption of chip-and-pin and LoopPay becoming a redundant technology, there is some credence to that. As merchants continue to upgrade their point of sale technology to support chip-and-pin due to the liability shift, they will likely buy systems that also support NFC contactless payments. Though that transition is certainly happening, mag stripe terminals are going to be around for at least the next few years. In a sense, LoopPay is a stopgap or bridge technology that could potentially give Samsung an edge in positioning their mobile payment system as being accepted more widely than competitive systems that rely on NFC. Additionally, Samsung already has several phones with NFC and it wouldn’t be surprising to see a phone that includes both LoopPay and NFC embedded in it — so long as it’s technically feasible.”
Samsung was already a strategic investor in LoopPay, along with Visa and Synchrony Financial. Samsung and LoopPay were also rumored to be collaborating on a mobile payments project. In addition to providing Samsung with an alternative to NFC payments, the acquisition addresses a problem with LoopPay's own business model. LoopPay has typically required consumers to buy the add-on hardware, which can cost up to $90. This would have been a tough sell for consumers who are used to getting payment cards or apps for free.
The question remains if this acquisition is a long term strategy for Samsung to cover mag-stripe payments or merely a stopgap solution to put the brakes on a seemingly unstoppable juggernaut in the form of Apple Pay. We are sure to hear more about this at next week’s Mobile World Congress in Barcelona.
Speaking of Apple, their Touch ID technology is to be used by banks RBS and Natwest to allow customers to access their accounts. RBS and NatWest customers must activate the feature with their security information, but would only need to use Apple's Touch ID thereafter. The banks, both part of the Royal Bank of Scotland Group, said that the feature would be available on the iPhone 5s, 6 and 6 Plus. Customers would have to enable the feature using their existing login details. Some of the in-app features that are used to pay money that required additional verification would continue to do so and limits were set on new payments, the banks said. They said that around 880,000 of their customers currently use the apps on those handsets.
As always, there is criticism from certain quarters about the security risks of biometric technology with the inevitable examples of biometric fingerprinting ‘spoofing’ to fool the technology. Apple insists that TouchID is secure, saying its not a total replacement for traditional security measures and is meant to make unlocking the phone more convenient. In a similar vein, the banks have now said they wanted to make it "even easier and more convenient for customers to access their accounts online”.
According to a British Banking Association report, banking apps have been downloaded more than 12.4 million times in Britain. The Way We Bank Now study, which was released last June, showed that people were making "around 5.7 million transactions each day using smartphones and other internet-enabled technology". The banks claim that nearly 50% of their combined customer base of 15 million people used online banking and that around three million accessed their accounts via an app each week. Stuart Haire, managing director, RBS and NatWest Direct Bank, said: "There has been a revolution in banking, as more and more of our customers are using digital technology to bank with us. Adding TouchID to our mobile banking app makes it even easier and more convenient for customers to manage their finances on the move and directly responds to their requests."
Finally, speaking of security, breaking news at the end of last week informed us that National Security Agency whistleblower Edward Snowden had released documents claiming that both the US’s NSA and the UK’s GCHQ had hacked into the internal computer network of the largest manufacturer of SIM cards in the world – Gemalto – stealing encryption keys used to protect the privacy of cellphone communications across the globe. The hack was perpetrated by a joint unit consisting of operatives from the NSA and its British counterpart Government Communications Headquarters, or GCHQ. The breach, detailed in a secret 2010 GCHQ document, gave the surveillance agencies the potential to secretly monitor a large portion of the world’s cellular communications, including both voice and data. You can read the full article here.
Gemalto was quick to release a statement acknowledging that there was a story out there but without any more details were unable to say much more. The entire statement reads, “A publication reported yesterday that in 2010 and 2011, a joint unit composed of operatives from the British GCHQ (Government Communications Headquarters) and the American NSA (National Security Agency) hacked SIM card encryption keys engraved in Gemalto (Euronext NL0000400653 - GTO) and possibly other SIM vendors' cards. The publication indicates the target was not Gemalto per se - it was an attempt to try and cast the widest net possible to reach as many mobile phones as possible, with the aim to monitor mobile communications without mobile network operators and users consent. We cannot at this early stage verify the findings of the publication and had no prior knowledge that these agencies were conducting this operation. Gemalto, the world leader in digital security, is especially vigilant against malicious hackers, and has detected, logged and mitigated many types of attempts over the years. At present we cannot prove a link between those past attempts and what was reported yesterday. We take this publication very seriously and will devote all resources necessary to fully investigate and understand the scope of such sophisticated techniques.”
This is a story that has the ability to embarrass all parties involved, NSA, GCHQ and Gemalto, so at the moment no-one is saying anything; leading to speculation and supposition. I expect to hear a little more on the topic later this week, when Gemalto will be holding a press conference dedicated to this matter (Wednesday, 10:30am) but I also expect details to be very scarce indeed. This is a story all parties would probably prefer to blow over as soon as possible.
Whether it will, though, remains to be seen.
Until next week.
Steve Atkins
Contactless Intelligence
