As the US payments space continues its evolution to EMV for brick and mortar merchants (card-present transactions), ATMs and fuel stations, there are additional opportunities for payment processors, point-of-sale (POS) developers and merchants to leverage EMV. While enhanced security has been at the forefront of in terms of a primary driver of EMV, there are additional values for the merchant that also support adoption of and migration to EMV.
Originally, network stability was a significant concern overseas. Support for this feature wherein the authorization occurs locally to the device and card was a must have to ensure transactions could be processed regardless of network availability. The US, however, has depended, except in rare scenarios, on a live authentication network to perform transactions. Technology has advanced to account for backup scenarios such as dual mode terminals (IP based with dial backup) as well as "Store and Forward" systems that hold the authorizations until connectivity resumes. In Store and Forward scenarios, merchants carry the risk of fraud or declined transactions by issuing an auto approval and releasing merchandise though the transaction is not technically authorized or complete.
For US merchants, there are some great use cases for an opportunity to provide offline authentication and verification through EMV including:
- Speed of sale – the quick-serve restaurant (QSR) marketplace, for example, could benefit greatly by seconds saved in transaction authorizing
- Redundancy / backup scenarios – protection during inevitable network outages
- Intermittent connectivity – challenges due to remote locations (for example, trade show merchants selling merchandise in a basement of a convention center) and high-bandwidth or surge usage scenarios, such as stadiums or large events
- Temporary usage – helping smaller trade show merchants or travel merchants overcome the cost of connectivity for interim usage
- Stand alone/self-service – suitable for kiosks or travel
Unlike Storage and Forward, EMV provides the customer with the ability to add in personal validation, even if the system is offline. With EMV, the PIN can be verified locally directly through the device. This not only provides the customer with a better sense of security, but it also offers merchants additional confidence that the transaction is verified by the cardholder and not fraudulent. Furthermore, the card issuer is allowed to set some fraud and usage protections within the chip on the card, providing a second layer of risk protection for the merchant.
Interestingly with features like chip based offline authentication and verification, mobile wallets may face another challenge. Originally mobile wallets were pursuing usage of the secure element and a chip much like a traditional chip and pin based card. After the hurdles of coordination amongst financial institutions, smartphone hardware manufactures and resellers, and service providers we have seen players like Google Wallet withdraw from a chip-based solution and move towards a cloud based solution. This is a major differentiator of chip-based cards, which could allow for offline modes as opposed to cloud-based payments, which do not provide that ability.
It appears that mobile wallets may better suited to enhancing the payment system through offers, coupons or other engagement type services. However, they may not be able to compete with EMV as a convenience or speed of sale offering. We have yet to see a magic bullet in regards to convenience with mobile wallets and at the end of the day you still need to take out your phone, typically open an app and hopefully enter an access code. EMV chip cards could truly provide for tap and go payments – all with the same or better security.
Assuming features like offline mode come to fruition, or are available, there will be a host of merchants who would prefer the default method to be offline mode (for example QSR) versus online mode (lowest possible risk, but slightly longer authentication process) and leading payment technology providers need to understand the options and preferences based on the vertical markets they target.
Of course, fallbacks would be available for merchants to decidedly take the risk or not. Again, the big difference is that in offline mode as a fail-safe the chip has intelligence from a prior network connection, balances information or disablement due to fraud etc. Not a bad backup mechanism.
If the US adopts a full-featured implementation of EMV it may provide the best pure payment experience over other payment mediums. Furthermore, this may re-introduce the conversation to mobile wallet providers of getting back into the secure element/chip requirements to leverage some of the non-security based features EMV may provide.