Tag Archives: m-commerce

PCI Guidelines for Mobile Apps

Leave a reply

Today the Official Merchant Services Blog will examine the PCI Security Standards Council’s most recent guidelines, and their slow crawl towards comprehensive security requirements for mobile devices.

On Thursday, the PCI Security Standards Council released a set of best practices geared toward software developers of mobile devices.  These guidelines come four months after they released some guidance about mobile payments for small businesses.

The PCI Council, based in Wakefield Massachusetts administers the Payment Card Industry data-security standard and affiliated standards for secure payments software and also PIN-based transaction devices. The guidelines were released during the Council’s annual North American meeting in Orlando, Florida on Thursday, after hinting at a possible PCI clarification in early September.  Present at the gathering were security assessors, merchants, processors and vendors, all preparing for the update of the main PCI standard next year.

The Council announced that it is starting to approve hardware for mobile payments such as card readers that plug into smart phones or tablet computers.  The Council has not delved into the approval of software for mobile payments and have they made it clear when that will happen. They have however, announced that more guidance for merchants will come next year and that they will continue to take input from the payments industry on the serious task of protecting card holder data when payments originate from mobile devices.

Correcting software vulnerabilities is the most important aim of the Council’s new guidelines, as app developers crank out new programs for processing payments on smart phones and tablets everyday.  The guidance covers everything from the payment transaction, access protection, and remote disablement of a missing device.

The last point is arguably the most important aspect of a new mobile PCI security system.  Since mobile payments are true to their name, mobile, the chance of someone running away with your credit card terminal is an increasingly possible risk.  The same applies for any tablets acting as POS systems in a store. An unlucky shopkeeper may open up in the morning only to find part of his or her POS system missing, and all cardholder data inside compromised. This is what the PCI Security Standards Council seeks to avoid.

Visa’s V.me, a new breed of mobile wallet

Leave a reply

The Official Merchant Services Blog again looks into the mobile wallet world today, by introducing the new product from Visa, Inc. called V.me.  Last week we discussed in detail the BarclayCard mobile wallet system, which has come here to Delaware at participating locations in Newark and Wilmington.

Visa plans to roll out its own version of a mobile wallet solution by the end of this year.  Although the Card Issuer is the largest in the world, the entrance seems late in a game filled with tough competitors.  Visa has been testing a beta of the program with five large online retailers.  Buy.com, Bidz.com, Cooking.com, Modnique and PacSun are the retailers currently offering the e-commerce side of the service on their web sites.  Customers have the option when checking out to sign up for the program, set up the account and add a card, all without leaving that merchant’s site. Buy.com went live with V.me first in May; the others followed suit a few months after.

The program will eventually allow mobile device users to pay for goods from participating merchants at physical locations, most likely by the end of 2012.  V.me uses a ‘hybrid’ security system of the device’s secure element, as well as cloud servers to store customers’ card credentials.  This technique is reportedly more secure than the Isis system of storing card information directly on a device’s SIM card.  In August, Google decided to upgrade to a cloud based system of storing card data, however they kept reliance on the phone-based element to house a prepaid virtual card that initiates transactions and identifies users.

Visa will also include a location-based offers service with V.me, that will likely use geo-tagging to identify customers most visited locations, and market offers accordingly.  Competitor Google Wallet, while nearly a year old, has struggled due to the reliance on NFC-based technology that is not wide spread enough yet.  Other companies such as Apple Inc., and MasterCard have also announced their entrance into the mobile payment game.  Apple, with its Passbook wallet feature expected in the new iOS 6 will feature QR code reading technology.  MasterCard announced a mobile wallet program in May, called PayPass wallet service that claims to be open to third parties for development and flexible to a wide variety of payment brands.

In summary, Visa’s V.me is one of the mobile wallets that I’ll be eagerly waiting for, however it seems a long way off from implementation now. For Delawareans, Barclays’ Barclay Card Mobile Wallet app seems to be the only one to hit the ground running here in the First State. A watchful eye will be kept on this close race of Banks, Card Issuers and Credit Card Processors to see who will be the one to win Mobile Wallet Dominance.

Social Media Commerce: Tweet, Like, Buy

Leave a reply

Today’s installment of the Official Merchant Services Blog is on the rise of E-commerce in social media. Last week, we covered the E-commerce offerings of the video game industry in detail. Today, I’d like to take a look at the role E-commerce is beginning to play in the realm of Facebook, Twitter and other social media websites.

Social Media User Base

Social media sites have expanded rapidly over the last few years.  For those who don’t remember, Facebook started out as a place strictly for college level students to network. Now all-inclusive, Facebook is the world’s most populated social gaming and media platform with 955 million users worldwide.

Twitter is second with over 500 million users worldwide, LinkedIn is third with just about 175 million, and Google + trails all three with about 90 million. With such a massive user base to reach out to, an E-commerce presence is the next logical step, and as usual, Facebook is taking the lead. This article will focus on what Facebook has done to streamline the E-commerce aspect of social media.

“Like” Pages

It’s safe to say most Facebook users are familiar with the “Like” button and similarly, the “Like” pages. These pages describe the interests and activities of the user, offer updates to certain products and promotions, as well as allow users to share their thoughts on those products.

The end goal of any merchants Facebook “Like” page is the get the most number of “Likes” and subsequently the most number of page views and purchases of your particular product. The problem lies with differentiating potential customers from current ones. If someone “likes” a page for a product, they may already own it, be saving their money for that product, or just think its neat but don’t want or need it. As of right now, Facebook has no way to separate these users.

Social E-Commerce

According to Facebook’s SEC Form Q-10, 1.6% of users spent over $1 billion on Virtual goods (accessories for virtual characters, tools in Farmville, etc) in the first six months of 2012. That is money spent on items never seen outside of the browser. If the market for non-tangible goods can be that lucrative, the market for actual goods Facebook users enjoy must be bigger.

Carol Rozwell, Vice President at the tech research firm Gartner had a call to action for merchants unsure of the potential for social media e-commerce.  “It’s crucial that organizations implement approaches to handling social media now. The effort involved in addressing social media commentary is not good cause to ignore relevant comments or solvable issues.” According to Gartner, although more than 50% of organizations track social media only 23% actually collect and analyze data.

In June, Facebook made a move to simplify mobile e-commerce payments by decreasing the number of steps involved in checking out, from seven individual steps to two, and eliminating the need to type. The Facebook mobile app SkyBucks, is another innovation in E-commerce, it allows you to charge your virtual accessories to your phone bill directly.

More recently, the social media giant rolled out an offer for stores using Shopify.  Since partnering, Facebook is now offering free $50 Facebook Ad credits. This is in addition to the credits from Google AdWords and Amazon Products that Shopify merchants already enjoy. The promotion is another step for Facebook in the E-commerce direction.

The “Want” Button

Above I identified a need Facebook had, the ability to discriminate between current and potential customers for their advertisers and business users. In early July, the Ecommerce Times had a story on Facebooks next big thing: The “want” button.

The button will allow users to create ‘wish list’ of products that they like or want, but do not currently have. Merchants will want to focus on who has marked their product as ‘wanted’ and who has not. The benefits of the “want” button go beyond sales. The button would allow for highly targeted marketing as well as a sharing of ‘wish lists’ between users. Ultimately the goal should be for the wish list to take its place among the social media landscape, along side a user’s general info and status updates.

For the Consumer

To the average consumer and Facebook user, this should add to the ease of purchases that has increased recently. With the additional “want” info that the site will collect, you will be able to see what your friends and family want, add similar items to your personal wish list, and research potential gifts for you friends discretely. All of which add value to Facebook’s ever-increasing platform.

For the Merchant

For merchants looking to expand on Facebook, the E-commerce addition will do wonders. The added marketing affects will help businesses increase name recognition and sales, while still connecting with the end user. It seems to me, that Facebooks E-commerce push will benefit all involved.