© 2014 NACHA — The Electronic Payments Association. All rights reserved.No part of this material may be used without the prior written permission of NACHA.
Content from sources other than NACHA is used with permission and requires the separate consent of those sources for use by others. This material is not intended to provide any warranties or legal advice,
and is intended for educational purposes only.
© 2014 NACHA — The Electronic Payments Association. All rights reserved.No part of this material may be used without the prior written permission of NACHA.
Content from sources other than NACHA is used with permission and requires the separate consent of those sources for use by others. This material is not intended to provide any warranties or legal advice,
and is intended for educational purposes only.
What the Future Holds for Regulating Mobile Payments
Marianne Crowe, VP, Payment Strategies, Federal Reserve Bank of Boston
John Muller, Vice President, Global Payments Policy at eBay IncJackie McCarthy, Director, Wireless Internet Development, CTIA
Lauren Saunders, Associate Director, National Consumer Law Center
Moderator:Bill Sullivan, Senior Director & Group Manager, Government & Industry
Relations, NACHA - The Electronic Payments Association
What the Future Holds for Regulating Mobile Payments
Overview of Mobile Payment Landscape
Marianne CroweFederal Reserve Bank of Boston
July 17, 2014
© 2014 NACHA — The Electronic Payments Association. All rights reserved.No part of this material may be used without the prior written permission of NACHA.Content from sources other than NACHA is used with permission and requires the separate consent of those sources for use by others. This material is not intended to provide any warranties or legal advice, and is intended for educational purposes only. The views expressed in this presentation are those of the presenters and do not necessarily reflect the views of the Federal Reserve Bank of Boston or Federal Reserve System.
Agenda
• Overview of Mobile Payments Landscape• Challenges• Mobile Payments Industry Workgroup• Key Takeaways
3
3
Mobile Definitions• Mobile Payment: Mobile device used to make proximity (point of
sale/POS) or remote purchases, transit, digital content, P2P money transfer, online goods and services. Funded via credit or debit card, prepaid account, bank account, charge to mobile phone bill.
• Near Field Communication (NFC): Standards-based wireless radio communication to exchange data between devices a few centimeters apart (e.g., mobile phone and merchant POS terminal).
• Secure element (SE): tamper-resistant, encrypted smart chip in mobile phone to store and manage access to customer account credentials for NFC/contactless payments.
• Host Card Emulation (HCE): Software representing smartcard. Eliminates need for secure element. Routes NFC communications through mobile phone’s host processor and stores and transmits payment card credentials via cloud.
• Cloud: Remote server where mobile payment credentials are stored. Payments may be initiated from a mobile app, QR code, or NFC/HCE.
4
4
Dynamic, Rapidly
Evolving Mobile
Payments Landscape
Drivers of U.S. Mobile Payments Landscape
Convergence of online, mobile &
POS channels
Incentives –coupons,
rewards, loyalty
Increasing role of nonbanks &
merchants
Mobile/digitalWallets
Rapid growth in smartphones and
mobile apps
Multiple technologies: QR, NFC, Cloud, HCE,
BLE
Prepaid accounts
Impact of EMV migration
e-Commerce growth via
mobile
5
5
5
Mobile Payment Developments2006-2008 2009-2010 2011 2012 2013-2014
Remote Payments -SMS & Internet
PayPal Text to Buy
Text Buy It
Direct Carrier Billing
Mobile App Stores
Apple
Android
Contactless cards
Mobile Browser
First Mobile Card Acceptance/
mPOS
Proliferation of mobile Apps
QR Codes
NFC + SEMobile Wallet
Prepaid
AmEx
mPOS
PayPal Here
NFC Mobile Wallet
Cloud Digital Wallet
Apple Passbook
Prepaid Account
AmEx Bluebird
Mobile Bank Account
Green Dot
Merchant Apps
NFC + Host Card Emulation (HCE)
NFC iPhone case
Beacon BLE
Other?
6
6
Consumer Adoption of Mobile Payments Slowly Increasing
• Ubiquity of mobile phone is changing how consumers access and pay – 2/3rds of mobile payment users
paid a bill online– 17% of smartphone users made
POS mobile payment– 39% QR code– 14% NFC tap at terminal
• Unclear value and security concerns limit adoption – 63% do not make mobile
payments due to security concerns
– 61% see no benefit from mobile payments
24%
15%
24%
17%
Mobile PaymentUsers (Smartphones)
Mobile PaymentUsers
2013, n=2341 2012, n=2291
Source: Federal Reserve Board, “Consumers and Mobile Financial Services,” March 2014
Percentage of Mobile Payment Users
7
7
Nonbanks Strongly Influencing Mobile Payments Ecosystem
• Diverse businesses and industries– MNOs, start-ups and technology solution providers– Merchants and online payment providers
• Easy market entry for start-ups• Creating new relationships/partnerships with banks
and other businesses• Raising concerns related to security, consumer
protection, data privacy, knowledge of payment regulations
• Need for enhanced vendor risk management programs
8
8
Diversity Creating a Fragmented U.S. Mobile Payments Market
9
9
9
Wallet Provider Features
• Host Card Emulation (HCE) replaces secure element• NFC to tap & pay at point of sale• Load any credit/debit account• Credentials stored in cloud
• Joint venture between AT&T, Verizon and T-Mobile• NFC with secure element in ‘Isis-ready’ SIM card that
stores payment credentials• Includes AmEx Serve prepaid account
• Mobile phone number & PIN at POS to access PayPal account to pay
• Payment credentials stored in cloud
• Cloud-based for mobile and online purchases; not POS• Customer can link Visa & other card accounts
• Top U.S. merchants; mobile app with QR code to pay at participating retail/grocery stores, restaurants, gas stations
10
Much Focus on Wallets10
• Closed-loop prepaid account with reload capability & rewards
• 10M+ mobile app users, 5M mobile trans/week• 14% of in-store U.S. transactions from mobile
• Small merchant white label mobile network• Link credit/debit to mobile app to get unique QR code• 1M+ users; 5K+ merchants• No interchange. Merchant pays based on incentives, new
customer & rewards fees
• iTunes digital wallet (575M active accounts, 775k+ mobile apps) has potential to expand to payments
• Passbook - cloud-based digital wallet that aggregates merchant QR codes, loyalty, gift cards, movie tickets, boarding passes. NO payments.
• Small merchant model with Mobile app & plug-in device to accept credit/debit cards, replace cash and check
• As merchant acquirer assumes liability, charge-backs• Customer model – restaurant pre-order, pre-pay
11
Other Mobile Solution Disruptors11
What Consumers Want in a Wallet
• Mobile P2P transfers 26%
• Make small purchases with mobile QR code 27%
• Set up prepaid account for small purchases, automatically reload from debit or credit card 22%
• Pay for purchase with debit, credit or prepaid card account linked to mobile/digital wallet 25%
• Store merchant loyalty/rewards cards in mobile wallet 28%
• Pay using loyalty points 30%Source: TSYS Survey, October 2013
12
12
Prepaid Mobile Banking Solutions Gaining Traction
• GPR prepaid account with card• Mobile features: New account open, direct deposit,
alerts, bill pay, P2P, mRDC, ATM access, cash reload at Walmart; savings
• GPR prepaid account card • Mobile features: Alerts, mobile RDC, direct deposit, cash
reloads/withdrawals at Chase ATMs and branches
Green Dot Bank
• Branchless mobile bank account: Open new account, alerts, mRDC, P2P, bill pay, direct deposit, ATM network, cash deposits at some retail/convenience stores
COMMON FEATURES
• All FDIC-insured. • Bluebird and Chase Liquid have mobile apps • No minimum balances or overdraft fees • Bluebird and GoBank offer aspirational savings tools• GoBank has PFM tool
13
13
Drivers can also challenge U.S. Mobile Payment Adoption
Competing technologies
impact merchant decisions EMV
migration distraction
Lack of interoperability and standards
Nonbanks cause disintermediation
Data security and privacy
Complex regulatory structure
Fragmented market confuses
consumers
Low merchant
acceptance
14
14
Multiple Points of Risk Create Security Challenge
• Progress requires trust, transparency & cooperation
• Convergence of mobile platforms and multiple parties blurs lines of responsibility and liability
• Complexity creates new opportunities for compromise
– Data breach– Data monetization vs.
privacy– Use of location-based
services – Malicious mobile apps
CUSTOMER AUTHENTI-
CATION
POS
END USER
WIRELESS NETWORK
NFC, SECURE
ELEMENT & HCE
PAYMENT TRANSACTION
WALLET
MOBILE DEVICE
CLOUD & MOBILE APPS
15
15
EMV Migration Will Help Reduce Card-Present Fraud But Impacts Mobile Strategy
October2017
October2016
October20152014April
2013
Acquirers & Processors 100% EMV
Liability shifts tonon-EMV merchant acquirers
EMV at Gas Pumps
Liability Shifts for ATM transactions
16
16
FCC
FederalReserve
FDIC
CFPB
OCC
U.S. Mobile Payments Ecosystem
No one authority or law regulates payments or governs m-commerce
NCUA
Challenge of a Complex U.S. Regulatory System
CSBS
FTC
FinCen
17
17
• Builds consensus on mutual points of value and challenges • Works collaboratively to reach critical mass for secure, efficient
retail mobile payment adoption • Helps Fed understand industry role in mobile payments ecosystem
Mobile Payments Industry Workgroup
Financial institutions Merchants and card networks Clearing/settlement
organizations Payment processors Online payment providers Payment trade associations
U.S. Treasury Mobile Network Operators Handset/OS manufacturers Chip makers Mobile solution providers Mobile carrier trade association
Represents major U.S. mobile payment stakeholders—traditional and emerging payment providers
18
18
Mobile Payment Principles for Successful Adoption
Interoperability between mobile/digital platformsInteroperability between mobile/digital platforms
Open/ubiquitous mobile/digital wallet solutions Open/ubiquitous mobile/digital wallet solutions
Existing clearing/settlement channels, open to new railsExisting clearing/settlement channels, open to new rails
Security for NFC/card-based and cloud solutionsSecurity for NFC/card-based and cloud solutions
Globally interoperable, technology-agnostic U.S. standardsGlobally interoperable, technology-agnostic U.S. standards
Understanding roles/risks of non-banksUnderstanding roles/risks of non-banks
Understanding of regulatory requirementsUnderstanding of regulatory requirements
19
19
MPIW Activity 2014-2015• Monitor mobile industry trends to assess
impacts of EMV, HCE, tokenization, nonbank solutions
• MPIW Security workgroup– Analysis of mobile payment use cases– Analysis of authentication/tokenization industry initiatives
• Identify gaps and potential need for broad mobile payment industry standards (informed through Fed ISO/X9 participation)
• Keep abreast of regulatory developments
20
20
Key Takeaways• Much work to be done to address fragmentation & reach
critical mass. Consumer adoption contingent on multiple factors.– FIs still trusted but need to know their market – consumer
demographics, banked and unbanked, SME and commercial customer needs
• Security issues and technology standards are being addressed and will evolve. – FIs should get actively involved in related industry workgroups
• Regulatory and other mandates burdens may be impeding mobile progress.
• No one industry will dominate but nonbanks will continue to play strong and disruptive roles.– FIs should focus on partnerships and collaboration, including
regional solutions and transit
21
21
© 2014 PayPal Inc. All rights reserved. Confidential and proprietary.
Mobile Payments and Commerce
John MullerJuly 2014
© 2014 PayPal Inc. All rights reserved. Confidential and proprietary.
24
© 2014 PayPal Inc. All rights reserved. Confidential and proprietary. 25
25
© 2014 PayPal Inc. All rights reserved. Confidential and proprietary.
26
© 2014 PayPal Inc. All rights reserved. Confidential and proprietary.
The Payments “Holy Grail”
FastLow CostSecure- Secure against data breaches- Secure against unauthorized transactions- Secure against not getting what I paid for (consumer protection)
International
And more recently:
Great User Experience• Integration with Loyalty, Coupons, Offers• Integration into Mobile Apps – Pay with “Card on File”
Programmable• Ease of use for Developers
27
© 2014 PayPal Inc. All rights reserved. Confidential and proprietary.
Categories of Mobile Payments
1. Proximity PaymentsNear Field Communications/Hosted Card Emulation (Isis, Google Wallet)QR Code/Bar Code (Starbucks, LevelUp, MCX?)“Check‐in” using mobile device geolocation (Square, PayPal)Data on device vs. Data in the cloudMobile‐only wallet vs. Digital Wallet
2. Online Payments through Mobile DevicePayments through Merchant’s App (Starbucks, McDonalds)Payments through Payment Company’s AppPayments through Mobile BrowserProliferation of wallets – Visa V.me, MasterCard MasterPass, Google Wallet, Square, LevelUp, Dwolla, PayPal
3. Carrier Billing‐ Usually for games and other “digital goods”‐ Bango, Boku, Zong, AmDocs, Fortumo, Bill2Phone
28
© 2014 PayPal Inc. All rights reserved. Confidential and proprietary.
Categories of Mobile Payments
4. Mobile Merchant Acceptance‐ Square, Intuit, PayPal, Groupon, Bank of America, Chase, Capital One
etc.‐ More than just a Card Reader‐ Mag stripe only vs. EMV/Chip‐compliance
5. Mobile Money Transfer/Person‐to‐Person paymentsBank services (clearXchange, POP Money)VenmoInternational remittances (Western Union, Moneygram, Xoom)
6. Mobile Money Storage – Cash SubstitutionMpesa (Kenya)Gcash (Philippines)Bitcoin and other virtual currencies?Prepaid card apps (AmEx Serve, Green Dot, Netspend, U.S. Bank)
29
CTIA- The Wireless Association®
Jackie McCarthyDirector, Wireless Internet [email protected]
Mobile Financial Services:Payments, Banking and
CommerceJuly 17, 2014
Mobile Financial Services as a Multi-Platform Ecosystem
Source: First Data Corporation
31
Growth of Mobile Banking
– 86% of mobile banking providers offer dedicated Smartphone applications, the vast majority of which are available on both phone and Android mobile devices.
– 35% of banks that have dedicated applications for mobile banking offer more than one type of application (e.g. PNC, Charles Schwab, American Express) for different forms of interaction (one for mobile banking, another for brokerage, insurance, etc.).
Source: First Annapolis Consulting, 2012 Mobile Payments and Banking Study
32
Adoption of Mobile Payments
• Dozens of choices; No clear leader
• Isis (AT&T, T-Mobile, Verizon Wireless)o Compatible with several major payment cards (Barclay’s, Capital One)
• Google Wallet (Sprint)o Accepted by 28 retailers (and counting)
• Host Card Emulation released by Google for Android OS
• But the majority of mobile payments innovation is apps-based, “over the top”
o Card-based (Visa’s Pay Wave in wide usage at 2012 London Olympics)o Squareo Sage (card reader for the Girl Scouts of America)o Level Up (QR code-based, popular with small retailers)o Individual retailer-based (Starbucks, Dunkin Donuts)
• Transaction fee models varyo Some run a transaction through the retailers’ existing processors.oOthers bill the retailer directly for the transaction.
33
Expansion of Direct Carrier Billing
• Traditionally, third-party services appearing on wireless consumers’ bills were confined to premium SMS, ringtones, etc.
• We’ve seen a rise in the use of the SMS platform for charitable and political contributions (and related regulatory questions – FEC, state elections boards).
• There’s an increase in Direct Carrier Billing for “other” goods/services– Bill2Mobile– Boku– Implicates a host of credit, financial protection, and retailer regulations to
mobile network operators (formerly the “dumb pipe” for most mobile transactions”).
34
Mobile Commerce
• Apps help to optimize the “shopper experience,” and allow retailers large and small to integrate loyalty/coupon programs.
• Among the top 100 retailers, over 80% have developed a mobile commerce app.
• The use of Bluetooth low-energy, beacons and other location-based technologies further personalizes shopping and point-of-sale, but raises privacy issues.
35
Important Legal/ Regulatory issues in Mobile Banking and Payments
• CFPB Request for Information (low-income/unbanked consumers).CFPB interested in comments on how mobile platforms increase access to financial services, and encourage financially-responsible consumer actions like savings and dept management.
• FTC Actions/Investigations re: Online/Mobile Commerce Providers.
• Resources to Prevent Device Thefts (and “Lock” Stolen Devices)Same issues, but they take on new urgency when the device becomes the wallet.
36
Mobile Finance- Specific Published Work by CTIA Member Group
Mobile Financial Services (MFS) Best Practices and Guidelineshttp://www.ctia.org/business_resources/index.cfm/AID/11507
This was a voluntary and joint effort by CTIA member companies. Legal representatives participated.Presented to and accepted by CTIA Board of Directors, January, 2009.
Meant to be a guideline that assists Application Providers background from which to base their development and customer practices.
Important step because the members foresaw meteoric growth in this area.
37
MFS – The Guidelines• Even defining who is a provider of MFS comes into scrutiny:
Examples of MFS Providers:
1) A financial institution that provides its banking, brokerage or other financial services (e.g., account balance inquiry, bill payment) via the mobile channel is an MFS Provider.
2) A software developer or platform provider that develops and/or supports mobile banking or mobile payment services on behalf of financial institutions is an MFS Provider.
3) A provider of an online payment service (e.g., online commerce, bill payment, person-to-person transfer) that provides such services via the mobile channel is an MFS Provider.
4) A payment card issuer or payment network that provides credit cards, debit cards, stored value cards, or transit fare intended to be provisioned to mobile handsets is an MFS Provider.
38
Mobile Finance- Voluntary Guidelines
• Ensure that Liability Rests with Mobile Financial Service Providers
• Clear & Conspicuous Disclosures to Users• Extra Layer of Security for Financial Data• Fraud Prevention• Compatibility Standards: Networks & Handsets• Collection, Use and Control of Data• Customer Service/Complaints
Guidelines group Mobile Banking and Mobile Payments together and has unique provisions for Mobile Commerce.
39
MFS – Guideline Areas
A. Guidelines Specific to Mobile Banking and Mobile Payments– 1.Authentication and Authorization– 2.Banking and Payment Alerts; Transaction Records– 3.Limiting Liability for Unauthorized Transactions
B. Guidelines Specific to Mobile Commerce– 1.Disclosure of Material Terms of Purchase– 2.Obtaining User Authorization– 3.Receipts, Order Status and Account Information– 4.Mobile Coupons, Rebates, Loyalty Programs, etc.– 5.Minors
40
MFS- Guideline Areas (can't)
C. General Guidelines– 1. Disclosure of Terms; Disclaimers– 2. Consent to Enrollment in MFS– 3. Compliance with Laws and Regulations– 4. Security of Data Transmissions– 5. Security on the Mobile Device or in Storage– 6. Access Controls and Security of Sensitive Information– 7. Fraud and Identity Theft Protection– 8. Collection, Use, and Disclosure of Information– 9. Dispute Resolution Processes and Customer Service
41
Cross Industry Communication
• Federal Reserve Banks of Boston & Atlanta
(Mobile Payments Industry Working Group)
• NACHA –Payments Innovation Alliance
• Financial Services Roundtable
• The Smart Card Alliance
• NFC Forum
• Electronic Transactions Association
• Merchant Advisory Group
42
Where do we go from here?
• Business and technology models are fragmented.
• Consumer adoption is growing, but still tentative.
• Need for updated industry guidelines to reflect
evolving ecosystem.
43
©National Consumer Law Center
Principles for Safe and Fair Mobile Payment Systems
Lauren SaundersNational Consumer Law Center
July 2014
1. Ensure Choice
• Consumer can easily choose which payment to use.
• With mobile wallets, dominant players or exclusive relationships should not steer consumers away from choosing the card/payment system they prefer.
• Parents can control kids’ ability to make a purchase.
45
2. Promote Understanding
• Beyond disclosure, ensure consumers actually see and understand costs, terms; not fine print.
• Consumers need to be able to access, save terms for future reference.
• Simplify: few fees so consumers can understand the overall cost.
46
3. Protect Safety of Funds
• Mobile accounts may be held on company’s books, or in uninsured account, vulnerable to insolvency.
• NCLC: Require deposit insurance on bank account substitutes (reloadable, over $500).
• Deposit insurance also ensures bank regulator oversight, level playing field.
47
4. Safeguard Data
• Keep data safe from hackers, loss theft of device.
• Sensitive personal or financial information should not be sold to highest bidder.
48
5. Offer Effective Dispute Rights (Reg E)
• Liability limits for unauthorized charges, not just voluntary policies.
• Legal rights, procedures to challenge errors.
• Clear rules on which entity is responsible.• Danger zone: Take Reg E payment and
strip of Reg E protections; bill-to-carrier unless de minimis.
49
6. Permit Chargeback Rights for Merchant Disputes (i.e., Reg Z)
• The form of payment shouldn’t deprive consumers of rights if they don’t get what they paid for.
• Consumers can’t keep track of differences between credit, debit cards.
• Network Zero Liability policies help, but clear, uniform legal rules are better.
50
7. Use Consumer Data Fairly
• Comply with the FCRA for any data that might be used for credit, insurance, employment or other FCRA purposes:– Use only if have a permissible purpose.– Ensure accuracy.– Give consumers access to “reports” and
effective means to correct errors.
51
8. Avoid Discrimination
• Comply with ECOA when extending credit.
• Look out for disparate impacts when making product offers, discounts, differential pricing.
52
9. Protect Privacy
• Let consumers’ choose when they want info shared (and what type of info), when they don’t.
• Explain why information may be shared.• Protect personal financial information• Build privacy into the design of products.• Don’t sell consumer information to
predators.
53
10. Ensure Access to Funds
• Provisions for access if mobile device lost.
• Holds on check deposits consistent with bank account rules.
• Prompt crediting/delivery of payments.
• No arbitrary account freezes.
54
11. Provide Free, Convenient Access to Account Information
• No fees for balances, account info, occasional written transaction history.
• For bank account substitutes, right to opt in to paper statements for $1/mo.
• Free customer service w/o long holds.
55
12. Eliminate Unfair Fees, Tricks
• Avoid penalty fees. Creates incentives to encourage mistakes.
• Avoid information fees.• Negative options, unclear add-on products.• No fees charged on empty, inactive account.• Ensure that the product works, costs what the
consumer expects.• Disclosure does not insulate you from unfair,
deceptive or abusive charges.
56
13. Keep Credit, Deposit Accounts Separate
• Don’t use payment product to induce consumer to incur overdraft fees or debt.
• Credit features should be offered as credit, based on ability to pay.
57
Underserved:Opportunities
• Internet access, ability to shop and compare.
• Convenient bill payments.• Fast, convenient, cheaper check
cashing/deposits.• Entry point to financial services.• Easy access to account information.• Financial literacy tools.• Discounts.
58
Underserved:Concerns
• Cost of data.• Lack of access if prepaid plan runs out, can’t
pay mobile bill.• Incomplete/deceptive info on 3” screen.• Long check deposit holds.• Inability to print, retain T&C, other info.• Coercion to agree to E-Sign when want paper
bills, statements.• Differential, more expensive pricing.• Predatory lending/marketing.• Language access.
59
For more information
• NCLC mobile payment comments to FTC:
http://www.nclc.org/images/pdf/banking_and_payment_systems/mobile-comments-by-nclc-to-ftc-28-aug-2012.pdf
• NCLC prepaid card comments to CFPB:http://www.nclc.org/images/pdf/rulemaking/cm-prepaid-card-july2012.pdf
60
For more information• NCLC website (Issues/Banking&Payment
Systems/Prepaid Debit Cards or Electronic Banking)
• NCLC comments, legal treatises and reports
61
© 2014 NACHA — The Electronic Payments Association. All rights reserved.No part of this material may be used without the prior written permission of NACHA.
Content from sources other than NACHA is used with permission and requires the separate consent of those sources for use by others. This material is not intended to provide any warranties or legal advice,
and is intended for educational purposes only.
© 2014 NACHA — The Electronic Payments Association. All rights reserved.No part of this material may be used without the prior written permission of NACHA.
Content from sources other than NACHA is used with permission and requires the separate consent of those sources for use by others. This material is not intended to provide any warranties or legal advice,
and is intended for educational purposes only.
63
Questions?
Type your question in the bottom of the Q&A Pod on your screen. To submit your question, click Send to the right of the text box, or press return.
Top Related