Consider this: Over its Sept 19th launch weekend, Apple has effectively shipped over 10 million EMV cards. Maybe these weren’t actual cards – rather, containers that could end up being a host to over 80M issuer cards eligible for Apple Pay. So how many among those will knock on a retailer’s door at launch? Initial device sales are to a loyal fan base. Should be easy to guess. Should be easy to spot too, as the aggregate NFC payment volume in US has never been more than a whimper.
The question I have seen asked much is – will it be sustainable? Is tap using Apple Pay such an improvement over a swipe that the consumer be willing to learn a new behavior? I believe it is – even though much of what realizes that improvement is abstracted away before the customer even gets to the point of sale (tokenization for example) – such that merely comparing the act of transmitting a credential is an incomplete measure. Even so, comparing a tap to a swipe is irrelevant when the latter is giving way to ‘chip and dip’. Except with dip, that behavior change is instead being forced on the consumer by the retailer and the issuer. And with little real consumer benefit to boot.
More issuers are scaling issuance of EMV cards in the US, largely equipping international travelers with a chip card so that their top of wallet preference is not swayed by merchant acceptance choices abroad. But issuers are also sending chip cards at renewal – which I believe to be largely counterintuitive in the domestic landscape, due to an unprepared consumer audience and a confusing PoS landscape.
Walmart is one of those few. I am yet to come upon a payment experience at a Walmart terminal with chip cards, that has not taken less than a full New York minute – and these days I am usually the poor schmuck caught behind the unfortunate chap struggling to insert the card long enough for the transaction to complete – while keeping up with the cryptic reader prompts. The cashier is apathetic. Having accidentally chosen chip cards out of my wallet on prior trips at Walmart – and knowing firsthand the broken experience that follows – these days I consciously choose another credit card when I get to a Walmart point of sale. And having those choices in my wallet today – I am not willing to tinker nor linger – with a six person deep queue behind me. One of the few places where strangers can still openly critique your competency is around your ability to navigate a credit card reader.
I remember hearing that it would cost Walmart $4M annually in payroll if every transaction took another additional 5 seconds. Shift to EMV would be bloody and I wonder how much retailers are willing to bet on this bold, costly and temporary experiment? For Walmart, it is an understandable move – motivated to knock out the cross border fraud it sees from fraudsters cloning swipe cards (to be used in US stores) from legitimate (European EMV) chip cards.
Yet, EMV is not a panacea – it is a set of tools to verify – unambiguously – the legitimacy of the card being presented. It is hardly the best option today, because the PAN is sent unencrypted to the point of sale, and because it is still possible to clone the card – sans chip and cryptogram – to create a swipe-able magstripe card that can be used at a non-EMV merchant terminal. It does nothing to protect online transactions. So tell me – How long must we treat these differently – one approach to protect the plastic, and another for e-commerce? Especially now that these two are coalescing…
On the other hand, Tokenization has in one fell swoop, solved for both. And now, maybe the payments stack as a whole – including consumers, can have a say in protecting both privacy and commerce. Retailers must act fast to adapt marketing and loyalty efforts – and further decouple retail and CRM systems from the PAN. And issuers should not look to simply shifting liability when it suits them – and instead approach transactional risk more granularly. A reduced risk overall must translate to economic gains for all – not just some – in the value chain.
But, for all the nuance we are now able to bring to solve for fraud holistically – plastic offers no help. That requires a connected device. So if between the mobile device and tokenization we can cure for transaction fraud – then why are we still messing around with chips embedded in plastic cards anymore? EMV is forcing a behavior change today across the retailer landscape – except, we now have the ability and the reason to preempt the wrong behavior from taking root.
If EMV was a head fake for NFC then screw it… let’s not fake it anymore.
You can connect with me on LinkedIn here.