I don’t know about you but the idea of transmitting my credit card data from my smartphone to a receiver in order to avoid using my credit cards does not sound like a good idea. I know about the encryption and all the steps to secure the transmission but I still have a big concern about someone snagging the information.
That said, I like the idea of being able to use my smartphone to pay for purchases at any checkout counter. Seems to me the technology to do this already exists to a very large degree and is quite secure.
Let me see if I have the requirements correct. Each credit card needs to be able to be uniquely presented in an electronic form. Some proof of ownership needs to be provided such that no one else but the phone’s owner can access the credit card info. The merchant needs assurances that the electronic card being presented is valid. Impact on the existing infrastructure needs to be minimized as many merchants cannot afford to replace existing cash registers. I think that about sums it up.
My idea to solve this problem involves barcodes. To be specific, 2-dimensional barcodes. Imagine approaching the checkout counter of your local supermarket or department store. The clerk scans all your items reading the UPC barcodes affixed to each item. Once all items have been scanned, the clerk tells you the total and asks what form of payment you would like to use. Out comes the smartphone and a credit card locker application is opened. The desired credit card is selected, the appropriate password is entered and a barcode is displayed on the screen of the smartphone. This barcode is then scanned by the merchant’s scanner and all the necessary credit card information is identified. The merchant then looks at the small photo accompanying the barcode to verify that the person presenting the barcode is the same as the person in the picture. The transaction is then continued as normal.
The beauty of this model is that there is no transmission of data to worry about. The barcode is password protected on the smartphone and the photo, programmatically connected to the barcode, provides verification of the validity of the customer. Most smartphones have screens of sufficient size that both the barcode and the photo can fit on the screen at the same time. The customer can create as many different credit cards for their “locker” as they desire so there is no limitation nor waiting for the bank to issue any sort of special codes. The scanners that most merchants use today are able to read barcodes other than UPC codes once they have been updated through software.
So what would it take for this idea to come to life? IBM and NCR agreeing to an encoding standard for the barcode along with the necessary software updates to their current equipment. Once this defacto barcode standard is published for all to adopt, the only thing left is for the smartphone app vendors to build “lockers” in which to create and store the barcode info. I would guess the entire process would take less than 12 months to develop and deploy.
Keep in mind that some airlines already accept electronic, barcode-based boarding passes that have been sent to the customer’s smartphone prior to being scanned by a gate agent at the airport. All I want to see is the same type of technology to be applied to my credit cards.
So what do you think? What functionality have I missed? What security issues are not addressed that would cause you concern? If you were a merchant, would you want more assurances before accepting a smartphone-based barcode? Post a comment NOW and let’s see where this can go.