January 30, 2011

To NFC or not to NFC?

Incorporating NFC technology with mobile phones has resulted in a new alternative payment method which is considered a revolution by some industry analysts. The NFC technology is to be adopted by financial institutions and mobile phone companies together. But many fear being a victims of new wave in payments fraud. While 'Flash phone to pay' idea sounds to be the easiest and the most convenient method till date, there are still a few things to consider from the technology and infrastructure point of view.

Technological considerations:
Near Field Communication (NFC), a wireless technology which allows devices to transfer data from within a short distance, is considered a revolution since it takes just a touch on the reading device to complete the whole payment process. But not everything it touches provides ease and convenience. What if the reader is brought closer to the NFC enabled device to 'steal' data.

- Imagine a small portable skimming device which can fit in a pocket. The fraudsters can steal data by simply brushing past people in crowded places. Sensitive user information can be captured from hundreds and thousands of such compatible devices out there. Any acknowledgment signals like a beep or vibration can easily be worked around by small time hackers.

- Another problem area where a constant threat remains, as with all wireless communications, is exposure to data leakage. Hackers, by means of sniffing the airwaves can track stored cookies and can then easily disguise as a genuine user to steal bank details. Payments fraud cases may rise to a much higher level then what Credit/Debit cards offer at present. A score of customer sensitive information could be available for hackers to misuse them.

- A well known denial of service attack can directly impact the service providers and mobile companies alike. As the end user's lose the trust and patience with the service. Once the NFC enabled device is hacked into, calls or texts can be made unknowingly for the victim. In a variation the calls can also be made to divert from their original destinations. The consumer again, ends up losing from all fronts.

Infrastructural considerations:
Device manufacturers and the financial institutions are well aware that payments with NFC demands a highly secure environment. NFC does offer endless possibilities though. But questions still remain in terms of end user and merchant acceptance alongside many possibilities for  technological glitches and criminal intent.

- For Merchants, its the burden of extra cost involved for deploying compatible cash registers in addition within the current infrastructure built upon Pay by cash and Pay by card systems.

- The consumers are not actually looking for any alternative payment method as such and neither do every single shopper has access to a smart phone.

Considering how many merchants and a few consumers readily adopt mobile payments, the transaction volume will be too low, in turn raising the transaction fees for the merchants and retailers. So, as for the Merchants and Consumers, its a "Who goes first?" situation.

From the payment industry point of view, educating the merchant and consumer communities is a top priority as their behavior is highly susceptible to concerns of security. At present, plastic cards have been working well and NFC is not actually replacing an ineffective system in first place.

The 'Flash phone to pay' idea has enormous market potential, but the payments eco system demands huge developments by the involved parties to be better able to add this incentive into already effective payment infrastructure.