It’s traditional in blogs of this kind to have a go at a “top N” set of predictions for the coming year, so I’ll give it a bash and have a go at what I think will be the “hot five” secure electronic transaction technologies that will have our clients updating their roadmaps in 2014.
First, some background as to why I started thinking about this topic and ended up with my shortlist of five. A couple of weeks back, as Richard Watson mentioned on his excellent “What’s Next” blog, we had a bit of a catch up, talking about the major trends in and around the technologies, businesses and social memes that we are interested in.
Or it could it be the rather relaxed lunch I had with Dave Birch talking about Bitcoin, identity and steak.[From Just stuff | What’s Next: Top Trends]
We did have a relaxed lunch, it’s true. Richard is a futurist, and the author of The Future Files, which he kindly came and talked about at our Forum a couple of years ago and in a rather spooky coincidence he emailed me about something while I actually had a copy of his book on my desk! I had been looking up something for a book I am writing. But back to lunch.
I’m going to be helping Richard update the financial services route on his roadmap (which is what he’s looking at in the restaurant in the picture) and we were discussing the long term significance of Bitcoin and the Bitcoin family of technologies. Richard set me thinking about ways to provide useful input to his roadmap. In our internal roadmap, the one we use to support clients in developing their product and service roadmaps, we divide technology evolution into “now” (1-2 years), “soon” (3-5 years) and “later” (5+ years). One way of using this roadmap is to see business as a way of connecting the technology push and the social pull to deliver sustainable value. With this framing, I looked at the technologies that are reaching the mass market now and that gave me a short list. Then I went and asked around a few of our guys. Since they are, by and large, out working for clients (who are some of the biggest and most important players in the retail transactions space) and since, by and large, they are working on projects around exploring the latest technologies, they are a pretty good barometer.
So, by combining projects that we are working on now with the likely business impact of the technologies, taking away the projects that are confidential (!) and focusing on technologies likely to be of interest to blog readers, I got my “hot five” technologies for 2014! I’m genuinely interested in your feedback on my picks, which are…
Proximity and vicinity interfaces. The arrival of Host Card Emulation (HCE) and Bluetooth Low Energy (BLE) will open up mobile transactions, taking them away from (expensive) secure, controlled infrastructure and out into the open. While security and risk analysis skills will be crucial to delivering operational systems, I think that the overall mobile security environment means that there will be a revolution in app-centric retail. I can well imagine using NFC to “tap in” to Waitrose before being guided around by BLE and then a “tap out” to close and pay. See if you can spot the BLE beacon in this photograph of our CTO hard at work down at CHYP End…
Tokenisation. This made the front pages later in the year when the major payment schemes made it a priority and I suppose it was given an end-of-year boost because of the Target breach. I’ll blog about it soon, but one of the key points in the coverage to date is that Target’s own tokenised product was safe from the hackers whereas the untokenised general-purpose card numbers were not. This reinforced the schemes’ determination to make a serious dent in online fraud by moving away from cardholder PANs as the key to payments.
Visa, MasterCard and American Express have announced a proposed framework for a new global standard to enhance the security of digital payments and simplify the purchasing experience when shopping on a mobile phone, tablet, personal computer or other smart device.[From MasterCard, Visa and American Express Propose New Global Standard to Make Online and Mobile Shopping Simpler and Safer]
This has been reported as being a technology initiative that undermines NFC, whereas I tend to think that it dovetails with it.
My two cents is that this finally puts the stake in the heart of NFC by those who started the whole thing in the first place.[From 2013 – Networks, The Cloud And Many Open Questions | PYMNTS.com®]
As I said at the time, I’m not sure I agree with Karen about this because there is a positive synergy between tokenisation and proximity interfaces that is mutually beneficial. Tokens don’t need the same kind of security that card details do so they can thrive in the HCE/BLE-driven app.
Recognition. We’ve been using the world “recognition” to mean the combination of good enough identification and good enough authentication to make commerce possible. The mobile phone has an obvious and important role to play here, to the point where downstream tokenisation will shift to recognition (in other words, it will be the customer’s identity that is used to make a payment). I continue to think that making privacy part of the consumer proposition here will be a good strategy. It also seems to me that the tools for creating recognition infrastructure at reasonable cost are becoming standardised (FIDO, OpenIDConnect, OIX, that sort of thing) so organisations will want to use them on a large scale. HCE/BLE give us the convenient interfaces, tokenisation protects privacy and customers benefit from a personalised experience.
2014 will be the year in which you walk into a store and it “knows you” and customizes your visit.[From Predictions for 2014: Computing Technologies In The Age Of The Customer | Forrester Research]
Small Data. With all the talk about Big Data, I think there is an opportunity for “small data” to make a difference. Giving customers their own data and the tools to manage it seems to me to be a way to balance individual and organisational wants. The relevance of this to payments and identity plays is that the “wallet” of whatever form becomes a place to store and manage this small data — consumer receipts and warranties, spending history, loyalty and so on — as well as the tools that consumers can use to manage that data to their benefit. I saw a nice comment about this in response to Robert X. Cringley’s call for 2014 predictions:
2014 could benefit from a renewed focus on delivering value by sorting out the small data first.[From I, Cringely Call for 2014 predictions! – I, Cringely]
APIs. The glue that holds all of this together. There is no doubt about the crucial role of APIs in the future business architecture, but what will change in 2014 is that APIs have become a management issue, not a technology issue. I’m fascinated by the nature of API-based competition, but for our clients (who tend to be at the larger end of the scale) the fact that they can start to compete on the basis of APIs is problematic because they have no experience of competing in that way. It’s been a while since the Credit Agricole app store (the CAStore) became the first post-modern (!)bank app and the floodgates haven’t opened yet, but when Consult Hyperion studied financial services APIs for one of our international clients earlier in the year one of the clear conclusions of the work was that APIs will increasing shape the products and services that are delivered through them.
The CAStore uses an open API, or application programming interface, in which technology is shared freely with outside developers so that it can be integrated into new programs, without compromising compatibility.[From Open API for Bank Apps: Can Credit Agricole s Model Work Here? – American Banker Magazine Article]
When we are helping clients to put together their technology roadmaps we try to find ways for business to link the push of new technology with the pull of social change to identify new products and services in the secure electronic transactions world. I think these five technologies form the basis for a consistent narrative for retail transactions in response to real customer requirements for convenience, security and value. I can’t wait for the next version of my Waitrose app!
I agree re proximity+vicinity (see No.3 – http://www.finextra.com/blogs/fullblog.aspx?blogid=8684), but am sceptical about tokenisation. It’s an artificial control-led solution, it doesn’t solve the core problems of security and authentication. After all, isn’t EMV’s cryptogram a token?!.. If so (and it is so!), why do we need any other kind of a token?..
As for “recognition”, is “good enough” good enough?..