Advertisement

Blog

Winning People Over to Cellphone-Based Payment

Since my last post about near field communication (NFC) technology and its use in mobile phone payments raised some justifiable concerns about personal data security, I wanted to circle back and share some thoughts on that topic. (See: Cellphone Payments: High-Tech’s New Frontier.)

I’ve got to say, the more I read about NFC, the more questions I have. And, the more questions I have, the more skittish I've become about having my personal data magically zapped from my cellphone to some device a few inches away. Still, I know that incredibly smart people up and down the high-tech supply chain — semiconductor companies, industry organizations, device makers, software developers, phone operators, banks, and government agencies — are very much aware of the risks involved and are taking serious steps to win users' trust.

I’m fairly confident, too, that while I may not personally be an early NFC adopter, I will eventually climb on the bandwagon — once I see it being used regularly in everyday transactions and hear friends rave about how convenient all sorts of things have become because the technology has been embedded in a host of consumer devices. I’m sure other people will then come aboard as well. That’s generally the way technology gains traction.

What has me on unsteady ground at this moment in time is that there doesn't seem to be one standard security protocol in place for this technology. Everyone involved seems to be responsible for layering in whatever they define as appropriate security. As Popular Science Magazine points out in “Everything You Need to Know About Near Field Communication“:

    The NFC protocol itself has surprisingly few actual safeguards against data snatching — and the protections the NFC Forum does highlight are simply logical extensions of the physical nature of the protocol…

    The NFC standard leaves any kind of advanced protection, like encryption or password protection, up to whoever uses it. You'll have to trust your bank to encrypt your bank info, you'll have to trust Google, Apple, or RIM to encrypt your account info, you'll have to trust your digital locksmith to encrypt your new space-age virtual house key, and so forth.

I’m reassured, though, by the fact that many companies are taking steps to calm the jitters. For instance, {complink 9538|NXP Semiconductors N.V.} and security specialist Giesecke & Devrient announced in February that they have “the full validation of a joint software solution offering secure interfaces between the handset, NFC functionality and secure elements such as the SIM card.”

This solution, they say, will allow NFC to be integrated securely into Android-based mobile handset platforms and other operating systems. In December, EE Times reported that {complink 12722|Renesas Electronics Corp.}, leveraging on-wafer packaging technology, has developed a 0.22mm ultra-thin profile series of MCUs, the RF21S, that combines an NFC controller with secure element functionality for use in consumer electronics products such as smartphones and other mobile phones, notebook PCs, and PC peripherals.

Further upstream, Bank of America is testing out with a small group of BlackBerry users a secure element that will be owned by Bank of America and embedded in a microSD card supplied and controlled by the bank, according to The Register . Another solution that is being discussed in several other places on the Web appears to be, simply, setting up a PIN passcode that locks and unlocks the phone and protects user data.

Surely within the next few quarters, we’ll start seeing some more definitive trends take shape, and best-practices will solidify. Until then, what may help the US and people like me get more comfortable with this technology is to take a closer look at what’s happening in Japan. Based on the conversations on EBN and elsewhere on the Web, Japan — no surprise — is leaps and bounds ahead of most of the world on this. It’s common practice there, for instance, to pay for public transportation tickets via mobile phones. And the Japanese are already using NFC technology for information sharing and social networking, according to a post in Near Field Communications World.

Anyone want to weigh in with personal experiences you’ve had with NFC-embedded technology, particularly overseas where it has taken hold? And tell me, what kinds of security measures do you think make the most sense or will win out?

9 comments on “Winning People Over to Cellphone-Based Payment

  1. Ariella
    March 2, 2011

    I haven't used it, but, then again, I make a point of not using my cell phone for anything but calls.  Those who already use their phone to access information, scan barcodes, etc., I would think would be apt to use it for payment.  Places like Starbucks already popularized payment via phone, as mentioned in http://retailtechnologytrends.wordpress.com/2011/01/24/why-starbucks-mobile-payment-system-works/  From what I understand, the phone method of payment is far more common in other countries than it is in the US.

  2. Ms. Daisy
    March 2, 2011

    Jennifer:

    Thanks for looking into the NFC technology. I was one of those curious about this exciting technology. I am however wandering if the security applied to the use of bank cards and credit cards could be applied to payments by cell phone. The store register swipe payments that we are currently familiar with also has its risks which I believe over time is being improved on.

    I agree with you that one should be cautious about jumping on the bandwagon since there are these many unknowns about how the NFC technology will operate.

  3. Eldredge
    March 2, 2011

    I'd have to say that I am skeptical about the security of this technology, given the security breachs of older data technologies as a data point.  

  4. Adeniji Kayode
    March 3, 2011

    I am of the opinion that while many people are yet to trust the technology, With time security issue will become thing of the past because this is how it has always been with new inventions.If this will make transactions more easier to make, expect some level of perfection soon.

  5. tioluwa
    March 3, 2011

    Security is always the most important issue when it comes to communication and information transfer.

    when social media was used only to share light information between friends, security wasn't a big deal, because people wanted to be found on social media. now secrity is the biggest issue.

    When NFC was only used in areas with little or no risk, issues of security didn't come up, now that's it being incoorporated into mobile devices and bigger plans are being made for it, surely security will be taken into consideration.

    if NFC security is left in the hands of developers as the NFC forum says, then we might find our selfs with a whole market of NFC devices with just as many security protocols as there are vendors.

    One inherently good feature of the NFC is the 4inch transmission zone which helps with security a bitl.

    In addition, i think encryption will be a great security features, as well as pairing.

     

     

  6. t.alex
    March 3, 2011

    I'd like any security measure that is convenient enough. NFC is invented just to make our life esier isn't it?

  7. Eldredge
    March 3, 2011

    I agree to a point – and I am sure that secure data transfer has been a goal during the development of the technology. But it also has been true in the past that, as security developments evolve, so do the means to breach security. It can be a high stakes game.

  8. Mydesign
    March 3, 2011

      Jennifer, security is a major concern in any medium of transaction especially in mobile computing and NFC. Even though there are some standers existing for mobile payment and M comers, still we can say it’s NOT a tamper proof. The tamper proof security is much concerned when transferring vital information’s like bank details, credit/debit card, MPin etc. Since these information’s are passing through air, radio magnetic devices can be used for tapping this information for decoding and misusing (duplicating the credit/debit card) purposes.

      In my personal opinion, unless and until the wireless payment mode adopted such encryptions technologies, we cannot say that it is safer than any other payment modes.  One thing is dam sure, coming days are for mobile computing and expects a lot of revolutionary changes in this sector. Now a day’s several chip making companies are trying to include security features as in built with the devices – and trying to get more specifics about data privacy and safety.

    “In many ways, NFC is not much different from any of other technologies we had adopted so far. The same speculation surrounded credit cards and ATM usage, E-Z Pass highway toll payments, music and movie downloads, Internet and ironically the pervasiveness of cell phones”.

  9. Eldredge
    March 7, 2011

    A 4 inch transmission zone combined with encryption technology would help a great deal with security issues.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.