Turning Smartphones into Mobile Wallets – What Are the Issues?

By TAP Staff Blogger

Posted on April 19, 2012

The technology to pay for a latte with the tap of smartphone is here. Smartphone manufacturers, mobile network operators, credit card companies, application developers, as well as companies involved in location-based advertising (Google and Groupon to name two prominent ones) are all vying for a piece of the mobile wallet action.
Here is a quick overview of the mobile payment landscape:

  • Near-Field Communication (NFC) is a technology that uses a short-range communications protocol between two devices. It allows for a small amount of data to be transferred wirelessly over a short distance (less than 4 inches). NFC is basically an evolved form of RFID (Radio Frequency Identification) technology which is used with wireless toll-collection devices like EZ-Pass and FasTrak. The difference is that NFC is two-way, allowing an NFC-enabled gadget to both send and receive information. (See “Everything You Need to Know About Near Field CommunicationPopular Science, March 1, 2011 for more information on NFC.)
  • Two major competitors using NFC technology: Isis and Google Wallet.
  • In the Isis camp: Verizon, AT&T, and T-Mobile teamed up with Discover and Barclays early this year to form Isis. Since then, Chase and Capitol One have joined the group. Isis will launch in the U.S. this summer in Austin, Texas and Salt Lake City, Utah.
  • Last fall, Google Wallet became available with Samsung’s Nexus S. Sprint, MasterCard, and Citigroup have partnered with Google for their mobile payment program.
  • In December, Verizon asked Google to not include the Google Wallet function in the Galaxy Nexus smartphone (a Verizon device). Verizon stated security as the reason for blocking this application, explaining that the service “needs to be integrated into a new, secure and proprietary hardware element in our phones.”
  • At the end of last year, PayPal began testing mobile payments in Sweden using NFC stickers on Apple’s iPhone and Android-based smartphones.
  • One of Google’s most important businesses is mobile advertising; therefore, Google’s recent announcement that it looks to split fees with carriers in order to boost wallet adoption is not surprising.
  • Additional “mobile wallet” technologies include: person-to-person payments by Venmo which allows users to send money to another person in much the same way they would a text message, and Bump Pay which transfers money by two people tapping their phones together.

Now let’s take a look at the technology policy issues surrounding mobile wallets.

Verizon and Google Wallet
Early this year, TAP scholar Barabara van Schewick sent a letter to the chairman of the Federal Communications Commission (FCC) in which she asked him to look into whether Verizon’s blocking of Google Wallet violates Verizon’s license to use its radio spectrum.
In an interview on IEEE Spectrum’s “Techwise Conversations,” Professor van Schewick explained her concerns:
To me, this isn’t really about two big companies fighting it out and fighting for control of the handset or what applications get on the handset; this is an example of a much more fundamental problem about how we can make sure that the wireless ecosystem remains open for innovation and useful and beneficial for consumers.
Professor van Schewick is the Director of the Stanford Center for Internet and Society as well as Associate Professor of Law and Associate Professor of Electrical Engineering at Stanford University.
Listen to the full podcast, “Verizon Versus Google Wallet” on the Center for Internet and Society (CIS) site. A transcript of the interview is available on IEEE’s Techwise Conversations site.
Europe’s Antitrust Regulators
In March, Europe’s antitrust regulators began examining whether the three largest British telecom companies should be allowed to go ahead with plans to create mobile wallets. Opponents of this venture say it is discriminatory since the three companies involved represent more than 90 percent of U.K. mobile subscribers. (EU Asked to Approve UK's 'Project Oscar' Mobile Wallet, PCWorld, March 20, 2012)

Privacy and Security
Security Flaws in Google Wallet
Google Wallet suspends prepaid credit card functions after a security flaw was exposed. The flaw is in the wallet’s design, and could allow an unauthorized user of a phone to tap into an existing balance on a card by reconfiguring the wallet’s settings. An additional security issue was identified when the security firm, Zvelo, discovered that the Google Wallet PIN –required of users to confirm purchases made with their phones – can be cracked with an exhaustive numerical search.
Google responded that the PIN attack can only occur on phones modified by their owners in a process known as “rooting.” Furthermore, Google stated that risk exposure to both these flaws can be thwarted when the owner activates the screen lock feature on their phone.
FTC Workshop on Mobile Payments
Next week, the Federal Trade Commission (FTC) will hold a workshop on mobile payments. Paper, Plastic… or Mobile? will examine the use of mobile payments in the marketplace and how this emerging technology impacts consumers. Based on the FTC’s agenda, a primary focus for this workshop is the protection of consumers; specifically, risks of financial loss and protection of personal data.