In the weeks post Apple Pay’s launch, conversations around igniting mobile wallets – and what consumers actually expect from them – have spun in various directions. On the issuer front, while they seek that visibility and added utility to strengthen customer relationships, they still struggle to get their own mobile wallets to take off. Doc Vaidhyanathan, VP Product Management, Digital Payments at CA Technologies recently caught up with MPD CEO Karen Webster on his company’s recent launch of its mobile wallet solution, and how it plans to tempt issuers with a unique value proposition in a vastly competitive, crowded space.
KW: We’re here to talk about mobile wallets, on the occasion of CA Technologies’ launch of a mobile wallet solution. What did you guys launch?
DV: What we’re launching is a mobile wallet platform. The platform is targeted toward card issuers and allows them to embed our wallet library within their home banking application, or have a stand-alone wallet that will allow cardholders to use their mobile device both online and in-stores.
KW: What particular technologies does your platform support – NFC, barcode, all of the above?
DV: All of the above. Once you have a mobile device, there are two parts to the solution. Part one is making the mobile device your card. The second is using that at the point of interaction. There are a couple of technologies available for the communication itself – NFC is one of the standards, and with the announcement of Apple Pay, NFC got a boost – so we’ll see more and more NFC-enabled terminals.
But NFC is not the only way to communicate in the point of interaction with a mobile device. As we go along, we’ll see QR codes, bar codes, etc. at the point of interaction.
KW: I also think we’ll see is the use of the cloud, so there isn’t any interaction at the physical point of sale when using a device other than a consumer pressing “buy” in an app – and it happens sort of like the Uber experience.
DV: Yes, in-app purchases are definitely another possibility.
KW: So, I am curious to get your perspective on this issue in particular. Issuers have really struggled to be successful at bringing mobile wallets into the marketplace. They want to because they want to have that visible connection with the consumer, but it’s been very difficult in the past. Part of that difficulty comes from the consumers’ perspective, where they are asking about the value of having an issuer-branded wallet. How do you help issuers think that through when using your platform?
DV: What we are focusing on is providing a platform to the issuers so that they can quickly and easily deliver a mobile wallet experience to their customers.
Why would they want to use a wallet compared to using physical cards? One benefit is the improved security that cardholders will have. Another is that the plastic card is convenient, certainly, but one of the challenges is that cardholders will have a number of cards in their wallet – credit cards, airline cards, insurance cards, and more. If you have a plastic card in your hand, the process of swiping is not difficult. But carrying all of those cards will be an inconvenience.
I think that’s what issuers will offer – they will enable customers to experience that convenience of putting all of their cards on the phone.
KW: I get that from the issuers’ perspective that is advantageous. I also get why merchants want it, as one of the great values of mobile is the ability to have a communication channel with consumers. Merchants can now talk to consumers throughout their shopping experience, and issuers have the opportunity to be visible and add more utility to the relationship they have with the cardholder.
But, having said that, what most people have in their wallets is multiple cards for multiple issuers. Will consumers have multiple apps for multiple issuers on their phone?
DV: So, this is going to be a choice for consumers – they will need to decide what they want. Each approach will offer them a different benefit. For example, the Apple approach in which you put all of your cards and boarding passes and coupons into one wallet, mimicking a physical wallet, is today just a static holder of this information.
On the other hand, if you use an airline app for boarding passes, I can get other benefits from using the app such as getting a boarding pass to see if my flight is delayed or not, changing my seat, being alerted when the gate changes, and a whole bunch of other benefits which the airline experience gives me. But I have use an app for the airline, and when I get off, I need to use an Uber app to get a ride, and then a third app to check into my hotel. But each of those providers is trying to create a rich experience for just what they do. With the mobile wallet, customers can put all of their information in one spot, but it’s not yet a rich experience.
We believe that cardholders will make a choice depending on their preference. By giving the issuers a chance to put cards on their issuer app, we are saying this is all part of a whole branding issuer experience. Finding an ATM, checking balances, pay off balances, using the card – that whole experience coming together into one.
KW: That’s an interesting example, the boarding pass app and the benefits it offers to cardholders. That puts a lot of pressure on issuers, though, to make their app robust and also to go beyond just enabling a payment transaction. Does your platform provide additional capabilities to add value and utility as well?
DV: Our goal that we have focused on with the wallet is to make sure that the experience of provisioning the card on the app, the process of managing the lifecycle as a card is to be issued or is to be replenished, and when the phone is lost or changed, is as easy as possible.
What we’re also providing, from an issuer and therefore a cardholder perspective, is a fair amount of risk and fraud management. That’s kind of where we come from – we have a large 3-D secure platform for authenticating cards on the internet. We’re delivering the same thing in the wallet platform. When cardholders upload a card on their phones, we will watch what type of phone was used, and when it’s renewed or replenished, we’ll make sure it’s being done on the same kind of phone. We can use the location information to see if it’s actually the cardholder that’s doing it, or if it’s someone else trying to steal the information.
So we’re trying to create a lot from a security perspective, as a first step. Issuers and cardholders can use the wallet knowing it’s safe and easy to use.
And the platform is extensible – the next step will be to add that additional value that you mentioned.
KW: Let me ask you about Apple Pay. Issuers are now enabling their cards to be used with it, and Apple Pay has a very particular tokenization scheme that it uses as part of that proposition. Help me understand what the issuer is doing with your platform – are you using a similar tokenization framework?
DV: What we are doing is leveraging the same standards and protocols that exist for any kind of payment in which Apple Pay is used. Whether you use our wallet or use Apple Pay, the experience at the merchant will still be the same. The merchant will see exactly the same kind of message go from the phone to the terminal, and when the message goes back to the issuer, it will also look the same. So the issuers can use the same infrastructure – tokenization or authorization, everything will look the same. Our wallet platform is issuer-centric, not merchant-centric. In that way, it will behave like Apple Pay.
But where it differs from Apple Pay is that we are not dependent on a secure element in the device. If you want to make it democratic and available to more people, you need a wallet capability available to all kinds of devices. The way we have built it is to create a virtual secure vault – there’s no need for a secure element. We are using our patented cryptographic camouflaged technology to protect key data on the phone. Instead of having a physical secure element, we’re using a virtual secure element.
The second thing is that we currently do use NFC – but the way we have built it is so that it’s not dependent on NFC to communicate. It can render itself as a QR code, or Bluetooth or anything else. So if you think about, with physical plastic cards, you can swipe the card with the magstripe or read it and enter information into a POS terminal. Similarly, we are saying that the underlying information is the card and we can render it to NFC, QR code, or any other method.
KW: When you say a virtual, secure wallet, who then manages the token? Does the network manage the token?
DV: We allow for the networks to manage the token, or we can create our own token. There’s value in the networks managing the token, because when the authorization message comes in, the networks can quickly de-tokenize it so the issuers don’t have to worry about the token being used, they’re just seeing the card number and can do the processing based on that. But in our solution, we also support that.
KW: What kinds of conversations are you having with issuers about this? I think what Apple Pay has done is create a more intense conversation across the ecosystem about getting a serious mobile wallet and mobile payments strategy really flushed out. I think everyone recognizes that the next couple of years will be very critical in getting that strategy developed and in motion. What are the issuers talking to you about – is this a hedge against Apple Pay, or something they see as a critical piece of their mobile strategy?
DV: To some extent, the conversation varies depending on which region we talk to. Some regions that have already adopted EMV obviously see a larger number of merchants who can also support EMV, and some have even played with previous solutions.
The U.S. market obviously has Apple Pay, so they will build infrastructure to support it, whether it be in collaboration with card brands or on their own. But by and large, what we are hearing from them is: “How can we get more users to adopt?” I think the initial experiences of whatever solutions have been extremely positive – the few people who have adopted it have been uniformly happy with the experience. But they are looking at how to take it to the next set of people, increasing the adoption rate, and in a way that is economically convenient. What they can’t do is make it expensive because, in some sense, it’s not clear that having a mobile solution will dramatically increase sales.
We are not saying this is an alternate to Apple Pay, but we’re saying it coexists. Where the device can support Apple Pay, use it, and where it can’t support Apple Pay, use our solution. The backend and the experience of the merchant is the same, it’s just using a different device.
KW: So is that what you think the value proposition is for your mobile wallet platform? There are lots of people coming at issuers and merchants with variants on the mobile playform, and talking about the advantages of what they have in market as an alternative. Is your value proposition the fact that this brings life to the issuers’ mobile banking application, and gives them visibility in a mobile wallet environment while working on the backend just like these other schemes do?
DV: In our experience working with card issuers, effectively, for a solution to be adopted in large numbers – not just as a fringe or fad – it has to be simple, based on standards, and require the least amount of change. Doing anything that requires a dramatic amount of change will take a long time to implement.
What we have done here is make small changes. It requires the least amount of change for issuers. That’s really our value proposition.
KW: That makes sense. It gives the issuers the opportunity to focus on their value proposition to the consumer, which I think at the end of the day decide how mobile wallets ends up being a viable part of payments’ future. I think consumers will use what delivers the most value to them, and I think, at the moment, that’s sort of unclear. There’s not currently a whole lot of places that you can use a mobile payment device and in a number of physical stores to transact.
DV: Right. I think there are two parts to it – although there are many things that we do, most of us get into a particular shopping pattern where we end up shopping at 15 stores or so on a regular basis. What will happen is, as the number of merchants adopting EMV/NFC increases, those users who see a set of merchants that fit in their lifestyle will start using the mobile wallet. It’s efficient for them – it doesn’t matter that some merchants don’t have it yet. The ones they go to do accept it, and that’s sufficient for them.
As the positive experience is more talked about, other merchants will come aboard and make it a reality.
KW: The 15 stores that you go to may be different from the 15 stores that I go to, which will be different than the 15 stores that my brother goes to. So what will be interesting to see play out is the experiment with where mobile payments really ignites – in what categories and with what value propositions. It’s still very early.
DV: Absolutely, I agree. That’s the reason why I think issuers will not be eager about making wholesale changes today. Our approach has been to make the least amount of change, and with that we’re offering a service without asking people to install software. We’re minimizing the work that the issuers have to do.
The CA Technologies’ Mobile Wallet Solution: An Overview
VP Product Management, Digital Payments, CA Technologies
As Vice President of Product Management for Digital Payments at CA Technologies, Doc is responsible for defining the Strategy and Product Vision for CA’s suite of products that enable Digital Payments.
Doc came into CA Technologies in Oct 2010 through its acquisition of Arcot Systems – where he was the Chief Product Officer. During his time at Arcot, Doc was responsible for the identification and definition of multiple products. In particular, he led the creation of the cloud infrastructure for delivering Authentication As A Service (AAAS) – establishing Arcot as the Cloud Authentication Leader – with over 120 million enrolled users and a high availability service that is PCI Level 1 certified and SSAE-16 Type II SOC1 compliant. Prior to Arcot, Doc held senior management roles – building and managing software applications for a variety of industries. Early in his career he worked as a VC making investments in startup and emerging companies.
Doc holds a B.Tech in computer science from Indian Institute of Technology (IIT) and a MBA from Indian Institute of Management (IIM). He has served on the board of CRY America – a non-profit focused on upholding children’s rights.