Contactless transaction map of Turkey

My colleague Tuncay Şahin made an excellent job and processed the full contactless payment transaction data in Turkey between March and August 2016 and displayed on a video map.

Below map  displays the transaction amount sums populated from actual live Visa and MasterCard contactless transactions taking place in Turkey from March 1 to August 31, 2016.

Seems like contactless transactions tend to appear on city centers and touristical coast line of Turkey. Western half of Turkey generate most of the transactions but even the border towns near Iraq and Iran host contactless transactions.

Contactless transactions below 50 TL are processed without CVM, while over 50 TL require an online PIN entry via PIN Pad of the POS terminal.

Digitalisation of life -and wallets

This article is also available on Medium.

We are living in a digital world. From ovens to car keys, refrigerators to vending machines, each and every device is now running software. Every day we are getting more and more dependent on digital devices. (read it as software)

Excluding the computer and mobile phone, an average person in the Western World interacts with a device running some sort of software more than 30 times a day. Opening a door with an access card, taking an elevator, riding a car, buying snacks from a vending machine, etc are examples of these interactions. Smart phone is of course a huge exception to this; average interaction with a smart phone is between 50-200 times a day, depending on the addiction status of the person. These stats dramatically change when it comes to teens. Humans are now having more interaction with software than with actual humans -or any other life form for that matter.

Don’t get me wrong, I am not against this. This is not something you can go against anyway, this is an irreversible patern.

Digitalisation vastly improved our lives. We are now in continuous communication with our friends, work place, family, people from around the world with similar interests with us. What digitalisation brought to our lives is easier communications with our peers. But more importantly, most repetitive tasks have been replaced with an automated device or software.

Social media has become the single source of information for many people. We can say in confidence that; now there is media and social media. People now have the option to refine their news sources based on their own interests and timing. Traditional communication channels are now transforming into digital versions, the ones that do not digitalise are slowly turning into legacy items in history.

Of course, payments are no exception. Almost any where in the world, people are paying with EMV chip cards which run an operating system and a payment application software on the chip of the plastic card. If you are not making a face to face payment, then you are on a computer or a smartphone making another digital payment. Card accepting device is now either a physical POS terminal or a virtual POS processing transactions from many different channels over the internet.

Payment systems were pretty quick to embrace the digitalisation era. Cards were one of the first products turning into user name and passwords in order to enable payments via web browsers. Then mobile devices came into the picture. In the mobile world, authentication is simpler than web, everything became faster and more convenient for the user on a mobile device. Paying via a non-cash mean is basically a credential based authentication and mobile phones are great with authentication.

When everything started to happen so fast, things that are not so fast (like payments) started to feel the pressure. Typing in the card number was one of them. People can register many online resources via few clicks with their Facebook/Google/Twitter accounts, why not for payments? That’s when digital wallets came in handy. PayPal had already started the revolution long before consumer digitalisation started based on different business cases. Entering the card information once could enable many more benefits to the end user.

Digital wallets may seem in a not-so-fast growth path, but this is inevitable. Any product that is not transforming into digitalisation will end up in a parallelised state.

This is a good time to think about your favorite digital wallet product if you are benefiting enough of it. If you are not using one, you should consider choosing one. Digital wallets will not just streamline your payment experience, but will provide an extra layer of security.

Contactless payment ads from Turkey

Contactless payments in Turkey is gaining ground, but it is still in early steps. As of December 2016, 25 % of the POS terminals have contactless reader and 30 % of the credit cards have contactless feature. Transaction volume though is still low and this is part of the effort for boosting numbers.

BKM, the national regulator and processor of the card payments industry in Turkey is actively working on the growth of contactless payments in Turkey. As a part of the initiative, 3 digital only ads have been announced. The ads mainly focus on how contactless payment can enhance customer’s payment experience during check out. The speed and convenience effect of the contactless payment along with “the cool factor” is underlined.

 

 

 

 

Mobile Payments, Apple vs Google

This post was originally published on Medium.

Back in 2010, NFC was a huge thing within the payment professionals community. Every single bank, payment processor, carrier and fintech company (this term was not in the mainstream media back then) had some sort of mobile payment project. Each mobile payment meeting was starting with the agenda of how the mobile payment figures would boom in the next 2 years. Well, things didn’t turn out that way.

Essentially, payment is the authorisation of a person’s credentials for a certain amount of exchange by the financial institution that granted a risk limit to the transacting party requesting the product or service. When the NFC was supposed to be booming, the medium for the payment service was the so called secure element on the phone, which was the SIM card. This medium was owned by the carriers and they tried to make a big deal out of this ownership. Well, things didn’t turn out that way, either!

After the end of the SIM era, Google and Apple announced their value propositions to the mobile payment space.

Google provided the almost equivalent medium of the SIM for hosting the payment medium on the mobile devices. This is what we call Host Card Emulation, HCE. HCE existed before Google, but it was Google who made it available to a market at large. Google, being the platform owner of the Android eco-system, is the enabler for the mobile payments without the need of a third party between the customer and the financial institution. It is a pure software implementation, it is a balanced sharing of power between the customer, financial institution and Google. For the records, Google’s own mobile payment product Android Pay is another story.

Apple, then launched the ApplePay with typical Apple product features. It is a mobile wallet offering to the iPhone owners. The financial institution is somehow blurry within the service. Apple controls the hardware and software and no one else -including the iPhone owner him/herself has much option to act on his/her own other than what Apple is guiding. The mobile device becomes an interactive channel for the financial institution with its customer where the financial institution has no control over the whole experience other than provisioning the payment card.

The SIM based experiences showed the industry that the payment itself is not something that the customers are quite willing to accept on a mobile device. Especially considering all the hassle that the customer needs to go through for enabling the payment card on the device. Plastic cards are still very convenient to store, use and experience as a whole. When proposing the customer to use the mobile device instead of the plastic card, you need to provide the convenience of using an app on a smart phone that people choose over the computer; super fast, easy and intuitive. Learning curve must be natural. And this is not enough, smart phones have a lot of capabilities, you need to integrate components that make sense for people to use like location based offerings, personalised notifications for transactions, contextual reminders, etc. to create value over the plastic card experience. The traditional low acceptance levels of contactless readers is also not helping the mobile payment experience, but new mandates seem to overcome this issue in a few years. Also, Samsung Pay needs a special attention here, it comes with magstripe support on select devices, which is a unique proposition in the mobile payment space.

From the platform point of view, Google clearly is way ahead of Apple. Android platform for mobile payment is available worldwide right now, open and free, while Apple is selecting the countries to penetrate based on its own platform specific capabilities and restrictions. Almost all Android based mobile payment products except global players like Google, Samsung, LG, have been integrated with some financial service offerings like logging in with card PIN or mobile banking credentials, due date reminders, campaign offerings, limit monitoring, etc. Android is a platform where companies are free to choose what to and not to offer.

In the Apple world, financial institution is limited to a spot in the Apple Wallet and have no chance to provide any other service except the card image. There is no way to access the capabilities of the mobile device in order to enrich the mobile payment experience.

But when it comes to user profile, Apple is far more ahead in terms of customer base who are willing to and capable of making payments with the mobile phone. Android platform is quite fragmented, not just in terms of device attributes, but the user space is also not quite eligible for card payments. Although Android dominates the smart phone industry, Apple users are much more open to spend money on mobile apps and are more high profile than Android people.

iOS defines the user interface in a very intuitive way and iPhone users are very quick to pick up the experience as it is meant to be. Apple Pay is no exception to this. Enabling the card, making payments and deleting the card are all very smooth processes.

Android is far more behind this. Every single mobile payment application is unique for the whole process. People generally are not aware if their phone supports the contactless payments, since even same model devices have different variants in different regions.

So, when we look at the big picture, there is a long way to go for the time being. Apple is slowly gaining ground by penetrating into more countries and Android payment experience is slowly being streamlined. Masses are going to continue choosing convenience over security, price over quality and we will see how far the mobile payment products will go.

Cloud vs Payment

With the introduction of Apple Pay -and HCE before that, we started hearing about cloud payments. My initial reaction to cloud payment was “what kind of payment isn’t already in the cloud?”

In generic terms, cloud refers to data and applications that are not stored locally, but over the internet which people can access from any device, anywhere, any time just by having an internet connection.

When it comes to payment, everything was already in the cloud for like ages. The access devices to cloud was plastic cards and payment terminals. Everything was happening through online systems which was simply cloud.

So what is cloud payment in this context?

Cloud payment refers to the tokenization of current payment forms (plastic cards and their numbers) into the cloud. The device (generally a mobile phone) storing the card number has only the token of the real card number. What is token? Token is a replacement of the actual number that is usable only for a certain period of time. So that if someone steals your account information (card number), it will simply be not usable.

Almost anywhere in the world, except the US, having the card number and the expire date or the magstripe data -which is readable by off the shelf readers- isn’t enough for making a payment transaction. Thanks to EMV and 3D Secure/SecureCode, you need more than than card data, you need password and cryptographic keys. Rest of the world has been migrating to more secure payment era but the US is the weak link for a long time. Now with the cloud payment -and the EMV mandates for the US of course, US is getting on board as well.

Cloud payment is actually tokenization. Tokenization requires a smart device which can communicate with the tokenization server over internet and tokenize (change)  the sensitive card data. And of course the smart device is a smart phone. In today’s world, when we say smart phone, we mean Apple and Android. They are different ecosystems but have the same usability approach to smart phone owners.

Apple finally integrated the NFC chip into the iPhone 6. Apple worked on the payment experience a lot and have come up with something just as expected from Apple. A very convenient user experience and a very tightly controlled environment.

Android has been playing with NFC for a longer time but everyone else was waiting for Apple to get on board for mass adaptation. Android has almost same workflow with Apple, with one big exception; the payment application is software based while Apple took the more secure way -hardware. From the end user perspective, everything is mostly same.

So, what now? It is time to talk about contactless terminals. Apple and Android ecosystem is getting ready for the cloud payments, yet the biggest requirement is still the acceptance devices. Hopefully, Apple will be the main driver here. But for that to happen, Apple must move outside the US. Europe and Asia has had a contactless wave before but it didn’t hit the masses. With the cloud payment, I am hoping that it will be different this time.

We are waiting…

Host Card Emulation

You’ve probably heard a lot on HCE – Host Card Emulation. Mobile industry had a great welcome on HCE, since contactless will become a software layer and get rid of hardware dependency. Actually every stakeholder in the NFC ecosystem except the SIM card vendors was thrilled.

Google was third in the line for the NFC, -after Nokia and Blackberry, but they took the “Google way” and they are now the champions of the mobile NFC game.

So, what is HCE? HCE is an software abstract of contactless smart card. It is now specific to Android, but definitely portable to other mobile operating systems as well.

As the definition suggests, it is an emulation of a contactless smart card. What is the capability of a contactless smart card? Mainly payment, identification and transportation. What happens when one of these cards, say your id card, which you use for entering your office building is just an app on your mobile phone? Or your contactless credit/debit card? Sounds intriguing.

Before HCE, contactless smart card was being emulated by a hardware chip and software (mobile app) was needed for the hardware to be activated. Hardware component was either a chip embedded on the phone or the SIM card. Either way, a few more parties other than the owner of the handset itself was involved in the game and it was quite complicated to activate and use the NFC app. Now with the HCE, smart card is still being emulated but this time it is software rather than the hardware.

In the hardware mode, contactless (NFC) reader was working with the secure element.

Secure Element

Now with the HCE, hardware component -SE or the embedded chip is not needed. Android itself emulates the hardware. Apps will use the interface provided by the operating system again but this time there is no hardware below the API.

HCE mode

When it comes to payments,  software only solution comes with a price; security issues. The answer to EMVCo is tokenisation. The actual card data that is stored in the software layer in the app is required to be a token only, which will enable the backward compatibility with the contactless readers. But the actual payment transaction will occur in the cloud. Quite similar to Google Wallet. HCE is an evolutionary next step of Google’s approach in the latest wallet implementation, which I covered in a previous post.

HCE will open a new set of possibilities in the NFC ecosystem from contactless to remote payments. It will enable more projects, let’s see how will it contribute?

 

Current state of contactless & NFC payments

It was back in 2007-2008, when everyone in the payments space was quite sure that NFC based mobile payments will be rocketing in the next couple of years. Countless graphics/info graphics showed us how the mobile payments would boom next year.

Unfortunately, we did not see any of the upcoming figures took place in the actual stats. Today, almost all Android phones have NFC chips embedded and almost all MNOs have a mobile wallet installed or the mobile wallet project is in the pipeline. Some of them even closed down the services and kept on trying at different levels.

Well, there are solid reasons agains this booming to happen. Here are the main ones:

  1. Contactless card based payment is still not a daily requirement for the average consumer; a different way to put this: contact payment is still very convenient for all.
  2. Contactless terminal penetration is still quite low -worldwide.
  3. The NFC based mobile payment experience is not user friendly -both the enrollment and actual payment parts.
  4. MNO offerings are vague and banks have not been successful to develop a successful NFC based payment product up to now.
  5. NFC is still not a requirement for people when buying their next phone, there is no cool use case for NFC for the average people. Even bluetooth is still at its baby steps. Existing apps and services work fine over 3G/LTE/Wifi connections, people do not need any other interface for connectivity.

So, what now? NFC projects may be still at baby steps, but innovative mobile payment solutions appear frequently. Host Card Emulation (HCE) presents a great future both for contactless based or remote based payment solutions. Not only payment, but it is especially great for apps that do not require high security level that SIM card provides.

Contact card payment is still the king and we need some more time, or a disruptive approach based on mobile for NFC/contactless payments to boom.

NFC Symposium 2014

On 23-24th of January, NFC Symposium 2014 took place at Sheraton Hotel, Stockholm, Sweden. I was one of the attendants, along with mostly Scandinavian colleagues.

The speakers have been selected from a wide variety of NFC ecosystem, ranging from vendors, to airlines, TSMs to universities.

It was interesting for me to see what kind of NFC projects that the Nordic countries have been working on. Briefly; I must say, it was exactly what I was expecting to see.

NFC ecosystem’s biggest chicken & egg problem has partly been resolved on the device level, but the services on top of the hardware level is still at its early ages. Smartphone penetration is almost complete in Sweden. It was interesting for me to see that even a country like Sweden -where you can pay almost anything with a plastic cards- still does not have a variety of MNO/Bank based mobile wallets. This mostly comes out of the problem that contactless payment is still not an average consumer requirement, so nobody desires a payment card on the mobile phone.

An interesting project came from Mid Sweden University. Dr Johan Sidén presented all kinds of NFC chips embedded with moisture/temperature detection sensors, etc. It was particularly interesting to see the use case of NFC for senior citizen home care projects.

Screen Shot 2014-02-03 at 19.36.23

Valyou was also interesting to see, it is almost exactly like what’s been going on with the MNOs in Turkey, but the main driver of the product is the TSM, not single MNOs or banks. MNO wallets have been in production phase in Turkey almost 3 years now and exactly same workflow (of enrollment and transacting) is being piloted in Norway nowadays.

Valyou

 

Sweden is a great country in all aspect that you can think of -including card payments, however NFC payment is still at early ages and they will a need some time before the mobile payments with NFC to emerge on the mass level.

NFC portal from NXP

NXP, being the co-founder of Near Field Communications Forum and one of the master minds of NFC and one of the largest suppliers of NFC tags, chips and controllers has started a portal on NFC. It is a good start for any developer or company interested in NFC and its ecosystem. Worth to add the RSS feed to keep in touch.

NFC&ContactlessXL@Amsterdam

We are living in the ecosystem and API age. It would be almost impossible for Apple to have this success for its mobile devices if they didn’t provide the APIs to access the capabilities of their hardware components through their SDK. This API environment created the ecosystem that developed all those applications that people are crazy about. Who would use an iPhone on which you could just make phone calls, send text and e-mails only?

It is the ecosystem that boomed around Apple created its huge success. And it is not just for Apple. Google, Blackberry, Facebook, Twitter, Foursquare, you name it. The surrounding ecosystem is the key for the success.

NFC and contactless ecosystem is formed by contactless chips, contactless reader chips, SoCs, mobile operating systems, Windows, Linux, Mac operating systems, embedded terminal environments, etc. Companies developing NFC and contactless applications/solutions are connecting those APIs and services together for a broader use case or a product/services.

NFC and contactless ecosystem is still in its early years. Yet, I’ve bumped into this great mentoring program for startup companies focused on NFC and contactless, which I believe is a great step forward for the ecosystem.

It is program of the Startupbootcamp organisation which provides early seed funding and mentoring to the startups. It is a great organisation for creative and talented people to boot up their companies and projects. Now they are on their way to support NFC and contactless projects.

NFC_ContactlessXL

If you have a project or a product on NFC or contactless space, this program is a great opportunity for you. Use this link to explore the NFC&ContactlessXL program which will take place in Amsterdam starting on October 14th, 2013.

I salute the people who have put efforts on this program, good job! I will try to catch up any companies or products that will emerge by the help of it.