This reminds me of the few loyalty programs I actually use. Two use a phone number the clerk enters at checkout. I see the discounts immediately at the POS (Safeway), or I get a discount coupon in the mail (BevMo). The airlines I am unfortunate enough to live on recognize me immediately online and at check-in, so I’ve never seen the point in the cards they send.

The common thread in each case is immediacy. I carry no additional plastic in my wallet I can avoid. Then again, I’m not a typical consumer so maybe others have different experiences as retailers or consumers.

I thought the idea with chip & signature was to allow its use in both US & EU markets. One card – dual authorization methods.

One of the major goals of this program is to place the burden of implementation back to the hands of the vendor(s), so that the merchant can rest assured that as long as they use the system provided for payments, everything else is taken care of.

I think that this has the potential to provide a terrific win for the merchants in scope for these sorts of systems, and also to the security posture of payments as a whole – exactly because it should ensure that people who know what they are doing are the only ones involved in the details.

In Mike’s case, he talks at great length about the augmentation of the customer experience. The biggest hole we see retailers struggle with here is basic wireless coverage. The experience goes bad quickly if, while your walking around, you get into the middle of a function and can’t recover. This is even worse when it is being used for Mobile POS, which Mike indicates is still in the future for Guess. For the experience to be pure, the coverage has to be seamless, much stronger than the store is used to providing. As a result, we see a surge in a few areas . Wireless site survey’s and new infrastructure deployments … areas of cost often overlooked. Additionally, we’ve seen the desire to have an enterprise level app allowing the measurement and gauging of signal strength as the devices are moving around.

Additionally, the discussion of tie into the Walkie Talkie system is also an emerging need. I anticipate the ability to see Apple devices tie into or even act as Walkie Talkie devices within the next year.

As a matter of interest, I doubt the above activity directly triggers a card payment.

PayPal has stated—in a letter to the US Fed. circa May 2011 (http://www.cnbc.com/id/42916668/)—that PayPal is “not a debit card or payment network – it is a large merchant of sorts.”

And, indeed, for a change, there is truth in this statement. PayPal, indeed, does all their online “payments processing” not via their own system or directly by the banks’ system but simply by riding, precariously, on the back of the banks’ existing systems.

For accessing PayPal users’ funds other than from a PayPal “account” (in effect an unlicensed bank deposit account) or as a “large merchant of sorts” by direct debiting users’ banking accounts, in effect, PayPal operates a credit card merchant account (with the Wells Fargo bank) to then charge users’ credit cards.

PayPal is one more unnecessary middleman. Where the responsibility lays for security here, who knows? And they certainly are a source of concern for eBay merchants as the linked story in the “Guardian” on 27 January demonstrates.

Still, in due course, Visa’s professional offering, V.me, will undoubtedly drive PayPal back into its eBay box, and that should solve whatever security problem PayPal poses, off eBay at least..

As a merchant, you offer PayPal at your peril.

I never understand the way people see things at times. This phone is not “from Verizon”. The operating system was written by Google. The hardware was manufactured by Samsung. The reason a person might buy such a device is to run Android software. Verizon is just the service provider that links the device to the telephone backbone and the Internet. Verizon has no right to tell users what software they can or cannot run on their devices. And “Google Wallet” or Verizon’s (vaporware so far) competing product should be treated as just what they are: software. The users should be able to download and install their own choice.

Of course this is not the first time eBay’s CEO has played fast and loose with the facts in an effort to paint a rosier picture than reality would dictate. He will exaggerate facts as demonstrated here, or omit important relevant facts when discussing results during conference calls.

One fact he continues to side step / omit is the fact that GMV as he has reported has not factually increased as he has purported, but rather, GMV as he reports it is reflective of the fact that eBay has ratcheted up pressure on sellers to include shipping costs in the selling price of an item.

In doing this, he can say GMV has increased when in fact the increase is largely accounted for by the fact that postage costs are now concealed as part of the selling price instead of being separated.

Before eBay assessed the penalty fee on shipping costs (which can only be avoided by sellers when they artificially inflate the selling price of their item by adding shipping costs into the selling price of an item) eBay was unable to count shipping revenue as part of GMV. Now that eBay has coerced so many sellers into adding shipping costs into the selling price, eBay now counts shipping costs as Gross Merchandise Value because they have engineered it so that it is no longer possible to separate out those costs.

If so many sellers were not avoiding the Final Value Fee eBay imposed on shipping costs, eBay would lose much of the artificial GMV growth they have been reporting, and investors would have a much clearer picture of eBay’s actual marketplace health.

In the case of page load speed, while I am skeptical of the urban legands quantifing the effect of pageload (1 conversion drop per 100ms, etc…), I have seen a number of first hand examples of improved performance directly improving bounce rate and conversion. So my own experience tells me that speed is an important factor in customer experience… I just don’t believe it can be reduced to a simple equation.

I wonder if one of the problems with the data in the study is how tricky it is to measure page load speed as perceived by the user. Many of those sites with very large pages and long load times, are optimized to load asynchronously. So the first screen of content comes in fast, and content below the fold (and many of the scripts, tracking pixels, etc) come in after the fact. So it’s entirely possible that a consumer saw their first page of content in 3 seconds even though it took 9 for the “full” page to load.

If we’re talking about consumer behavior, then we should probably be talking about perceived load times, not measured load times.

Part of the cause is a lack of training. As you point out, PCI compliance requires employees be trained not to do things like asking for payment cards over email. That the customer service rep did that is bad enough. Worse is the Fortnum & Mason spokesperson foolishly stating both how important their customers’ security is AND that the company is PCI compliant.

This situation also has me wondering if they also have a call recording system that captures and stores card data, too. Just for quality purposes, of course…

It is disappointing that a leading retailer like Fortnum’s would be so casually dismissive of their customers’ security.

Emma, we both agree that merchants should protect PayPal data with the same rigor that they protect cardholder data for PCI. Let’s hope everyone does. Especially given the later comments.

Steve and Rob, your insights into the parallels with tokenization should have every merchant thinking. In particular, Rob’s points out that a PayPal “token” can be used at multiple merchants where a “regular” token could be used only at one merchant. That aspect/risk had escaped me. Thanks for the insight, and for reinforcing that whether or not PayPal is officially in PCI scope, merchants should be advised to protect the PayPal account, PIN, and other data as though they were subject to PCI.

And that advice goes for whether your QSA tells you to do it or not.

A properly designed tokenization system should have rules that prohibit tokens obtained from one merchant to be used at another merchant and/or prohibit initiating transactions unless the PAN and authentication data has been previously received by that merchant.

Implemented properly, tokens retain their “high value” to the merchant but not to a fraudulent actor.

Which leaves the PIN. It’s fair to consider this a high value token and therefore PayPal would be in scope. So methods like end to end encryption, tokenisation will be inevitable everywhere if Merchants want to minimise the impact of PCI compliance as solutions like PayPal are unlikely to.

Merchants will have to protect the PayPal payment information with the same rigour as PANs/CV2s/tokens, but this isn’t arduous because they are doing it right now. (Or should be.)

Emma.

I agree with you, another watershed way of getting mobile payments introduced is to shift merchant’s payment modes from higher to lower cost products. I think ISIS has started down a path that completely misses that opportunity by partnering with incumbents who have zero interest in reducing merchant payment costs.

However, to completely displace the traditional POS *software*, payment acceptance is only part of the requirement.

What is holding back the rest of us is the lack of a viable software solution for inventory-driven businesses. Square just doesn’t cut it, at least the last time I looked at its capabilities. Inventory management and reporting, purchasing and invoicing, as well as multiple location and channel capabilities are some the features that force us to the much maligned legacy POS solutions.

There doesn’t seem to be a middle ground between the entrenched, large scale POS solutions and the agile ‘startup merchant’ apps that run on tablets or iphones.

Furthermore, as demonstrated by the recent Carrier IQ scandal, there are real security and transparency concerns around the use of cutting-edge products like the iPad. Once these wifi,bluetooth and cell-enabled devices become ubiquitous as a payments platform, I think we’ll see some consequences of having their much larger attack surface. So much more to hack than that old wired POS!

But to steer back to the original subject, I agree that the fossilized, register-centric POS will be inevitably much of their market share to the new breed of retail-enabling hardware, but find that in my personal experience its the software, not the hardware that is limiting the progress.
cheers,
david

Why limit POS to front of store where we only do mind-numbing checkout. That was yesterday’s need for yesterday’s problem – expensive POS that had to be fixed to the floor.

I would position the tablet enabled buying experience as solving a much more valuable retail problem… 1:1 service at scale with increasing cart size and margin per customer. “Our tablet based enabler allows your professional customer service personnel to meet the client in the aisles, help them with style, fit, selection, accessories and use rich media to explain the premium price value. Our version 2 moves from transaction enablement to relationship mgmt whereby customers prior purchase history is available to accessorize and extend with each visit, no matter which tablet toting retail assistant they greet.”

I have seen one great example already of this discontinuous innovation: Chair lift boarding in Utah ski resorts! Smart tickets are sensed at the turnstyle and lift attendants in snow and cold alternate holding the iPad. Season ticket holders, instructors and out of town guest pictures are displayed to the attendant who can:
1) recognize a large picture and eliminate season pass fraud
2) get warnings when fast skiers return to queue too fast and can suggest more challenging terrain where slower skiers are at less risk
2) greet out of towners and offer lunch reservations with discounts onto their day pass.

Its not about how the tablet does the existing mind-numbing checkout cheaper. Its about how the iPad allows higher end retail and mass retail to sell more premiums, increase avg sale, move excess inventory, and change a trx to a relationship. Big box competes on price and must rely on volume inlane checkout at minimum wage. Tablet enabled experience is for everyone else. I see the future world where you will endure the big box for commodity purchase at lowest cost. For considered purchases, we will favor friendly, more personal experience at retailers who know your persona, sell with deeper product content/comparison, and check out in aisle much like Hertz and Avis do today.

If your readers or retailers want to discuss enable the vision with new positioning, please call or write:
chris@couloir.net or 650-868-7440.
chris roon

Food, clothing and shelter are the three things we humans go out and scavenge for and that is in our primal instinct. It appears the next logical step is to focus on items that do not interfere with our primal instincts such as prepackaged food or personal hygiene.