Exclusive Interview: Will Graylin on the Release of ROAM’s NFC Swiper
Can you tell us a little bit about the product?
The NFC Swipe is the industry’s first device agnostic card reader with near-field communication (NFC) and magnetic stripe combined. Two years ago, ROAM was the very first company in the world to provide a secure mag stripe reader across phones via the audio jack and is now the industry leading provider for the technology. The new NFC Swipe adds another dimension to facilitate the growing demand for contactless acceptance. It provides end-to-end encryption to securely protect the cardholder data read by merchants, and will work on hundreds of different smart phones and tablets and even PCs, turning them into secure state-of-the-art mobile POS devices, and enable other value added applications.
The unit is very compact and is slightly narrower and a bit taller than our current semi circle Swiper that you see in the market, whether it is ROAM branded or white labeled for our partners. You’ll be able to swipe a magnetic stripe card on one side, and be able to tap your contactless card or NFC phone on the other side. The NFC Swipe will plug into any smartphone and tablet with a 3.5mm audio jack, and it also has a micro USB interface for PC’s.
How different is it from what is already in market?
The differences are in several aspects: First it not only has a secure mag stripe reader, it also has an NFC / Contactless reader that can be used by the same POS application on mobile devices seamlessly. If you only have an NFC reader, you miss out on all the mag stripe customers, and vice versa.
Secondly, unlike a smartphone with an NFC chip that can read a contactless card and passes the card data “in the clear” to the app on the phone, ROAM’s NFC and Swipe first encrypts the track data with industry standard 3DES DUKPT encryption before the data ever arrives on the phone, and is only decrypted at the secure payment server. This protects cardholder data from being sniffed and attacked by malware or intentional skimming.
Finally, the NFC Swipe is plug-and-play and is compatible with hundreds of different mobile device types and does not have to wait for smartphone manufacturers to design and build in NFC chips on these different phones and worry about software compatibilities and payment security – all that is built in to our device, and our API for applications to interface.
Is there a price differential from what you are offering today?
The NFC Swipe does cost more because we have added sophisticated electronics to make it a secure POS reader from the NFC chipset, to power management, battery, USB interface, LED and other components.
However we are still able to keep the price per unit less than $30 with volume, which is significantly lower than any secure NFC POS readers wired or wireless on the market, with a heck of a lot better compatibility to mobile devices. It is an amazing advancement for those who want to promote secure contactless payment adoption.
Since this is NFC enabled, could someone purchase this now (or when it comes out) and then use it today – with cards that are don’t have a chip?
Yes, we specifically built in the mag stripe reader for that purpose, we know vast majority of cardholders will have magnetic stripe cards for a long time to come, so this allows for the legacy of mag stripe while enabling new contactless payments as well.
Why did you decide to release this product now – EMV and NFC seem like a long way from getting critical mass – at least here in the US. Is this primarily for non US markets?
EMV is just getting started in the US, but NFC is gaining more momentum as we speak by players who are investing in this space. I think it will still take time for NFC to reach critical mass, but many major retailers are starting to have compatible readers, and as more application developers build new compelling apps that are NFC based, the need for a low cost reader that goes across mobile devices will be needed and can help spur the necessary momentum to reach critical mass. We just want to help fuel the larger ecosystem with innovations that help bridge the gap.
Was there the need for additional security protocols to be built into this product?
Yes, there was. As I mentioned before, it is important to provide “end-to-end” security when capturing track data and to encrypt the data before it gets to the phone. We have seen people using NFC phones to capture contactless card data in England for example, if the reader does not provide full encryption of the track data, than you can easily put an application on the phone to skim the card. http://www.channel4.com/news/fraud-fears-grow-over-contactless-bank-card-technology ROAM provides proper encryption with secure keys on the reader that can only be decrypted by the server protecting the card holder information end-to-end.
This same issue exists today with magnetic stripe readers as well that are not encrypted, which is why Square has been scrambling the past year to add encryption to their reader which had none. The question for consumers whether it is mag stripe or NFC would be: Is my card data protected by this reader? Can this reader keep bad guys from sniffing my card in their phone? ROAM’s security designs ensure the answer is always “Yes!”.
When and where will this be available?
We plan to provide release to early customers late this quarter and start taking orders for those looking to leverage the NFC Swipe. We plan to support the US first with to read PayPass and payWave cards in the US. We can see Canada and UK be countries that will be looking to launch NFC Swipe as well. We will evaluate customer demand as it comes.
Describe your new product in 25 words or less.
The NFC Swipe turns any smartphone or tablet into a secure Contactless and magstripe POS, enabling a host of new applications for merchants and consumers.