Apple Pay on the wrist: How Apple’s watch gets around the ID problem

Apple only gave a fleeting demo of how contactless payments would work on its new Apple Watch at its Spring Forward event on Monday, but it was an impressive one. You select a card from Passbook in the watch interface and then tap the wearable device against it or wave it over the payment terminal and, presto, your credit card is charged. The watch emits a tone and a vibration to show the transaction has gone through.

Furthermore, according to reports from the event, Apple Pay doesn’t always need to be manually activated in the watch. If you move your hand close to a near-field communications (NFC) based terminal, the app will immediately become active and use your primary credit card for payment — most likely the terminal’s NFC radio “wakes up” the NFC chip along with the Pay app in the Watch.

There also doesn’t seem to be any passcode or other ID authentication necessary. Most retailers will ask for signature –– after the EMV transition this year, many will start asking for PIN codes –– if the purchase is over $20 or $25, but Apple seems to removing every other barrier possible to a simple tap-and-go payments in its new wearable device.

But how does Apple do this with compromising security? Rather ingeniously actually. The Apple Watch appears to use its other sensors to make an indirect ID. Last week at Oracle Arena, Apple head of internet software services Eddy Cue explained that the watch senses when you put it on and then asks for authentication, which you can give either by supplying a fingerprint on the iPhone 6 or 6 Plus. If you’re using an iPhone 5 or 5s, which don’t support Apple Pay directly, you can enter a PIN code in the phone’s app or on the watch itself.

After that, as long as the Apple Watch is clamped to your wrist, your authentication is valid in Apple Pay. But as soon as the watch detects that you’ve removed it, Apple Pay locks up, requiring you to re-authenticate to re-activate it.

Apple Watch Pay

This means you won’t be handing your wristwatch to your waiter to pay your check, but most people probably don’t want to see their new $350-plus fashion accessory disappear behind the bar anyway. Short of a desperate criminal cutting off your hand at the forearm, it’s a pretty full-proof system: Apple Pay is active when the watch is on your wrist, and it’s nullified when the watch comes off.

What’s particularly interesting to think about is how this kind of variable authentication might be used to validate different types of transactions in the future. Anyone who has ever shopped with a piece of plastic knows that different levels of security come into play depending on what and where you’re buying. For instance, self-service gas stations typically ask for your zip code at the pump. Signature requirements kick in at a grocery store if you rack up a high enough bill. And if you’re making a big dollar-amount purchase, a clerk will often ask to see a picture ID.

Apple could fit different levels of Apple Pay authentication to those various retail security policies and then offer them up as options to merchants or payment processors. For instance, any purchase under $25 may not require any additional verification beyond a wave of a wrist. A more expensive purchase that would normally require a signature could be handled with a PIN code entered on the watch, instead of a John Hancock with a pen. A very expensive transaction could require Touch ID verification on the phone and a PIN number to boot.

I don’t know about you, but if I’m about to pay a $900 bill with my watch, I don’t mind jumping through a few extra hoops. On the other hand, I do get really annoyed when I’m forced to go through four or five different screens on a drug store’s payment terminal when all I’m doing is buying a stick of deodorant. If Apple could match a purchase’s level of hassle to its price, then it could do something much more impressive in payments than merely making them contactless.

Apple has tripled the number of stores accepting Pay in 5 months

Apple Pay is accepted by 700,000 retailer locations in the U.S., and the iPhone-embedded payment service now loads cards from 2,500 card issuing banks, CEO Tim Cook revealed at the kick off of Apple’s Spring Forward Event on Monday.

That’s pretty astonishing growth considering Apple was accepted at 220,000 retailers at its launch in October, meaning retail chains and independent businesses have been either upgrading their checkout gear to accept the near-field communications (NFC) taps used by Apple’s iPhone contactless payment technology or they’ve turned on NFC capabilities in their existing terminals.

A growing list of retailers accept Apple Pay, Apple revealed at its Spring Forward event.

A growing list of retailers accept Apple Pay, Apple revealed at its Spring Forward event.

At the event, Cook flashed a slide on screen that showed many of the retail chains newly on board with Apple Pay. There were carriers like AT&T and T-Mobile, airlines and hotels JetBlue and Marriott and many, many new stores.

The number of partner banks quintupled from the 500 deals Apple had in place at launch, which is significant because it means consumers don’t have to apply for specific debit or credit cards to use Apple Pay. Consumers can load any card — or at least the vast majority of cards — they already have in their billfolds into the iPhone 6 and iPhone 6 Plus. Not having the backing of the banks has been a hindrance to other mobile wallets like Google Wallet and Isis/Softcard at launch, but Apple recently claimed that more than 90 percent of all credit and debit transactions could technically be supported on Apple Pay.

Apple is clearly having success embedding its service into retail stores, but it gave an update on its effort to embed itself into vehicles. CarPlay now has the backing of all of the world’s major automakers. Though we have yet to see a CarPlay-enabled vehicle, this likely means that CarPlay will eventually become an option in most newer cars with fancy infotainment systems.

PayPal acquires Paydiant, puts NFC into its Here readers

PayPal is buying Paydiant, a startup that provides the mobile payments and loyalty technology used by many big-name retailers use in their apps, for an undisclosed amount. PayPal also announced on Monday that it plans to start selling a near-field communications (NFC)-enabled version of its Here credit card reader, which will allow its merchants to start processing Apple Pay, Google Wallet and contactless card transactions.

Paydiant is the behind-the-scenes technology used by companies like Subway and Capital One to put payment options, loyalty programs and digital coupons into their apps. But its biggest customer is MCX, a consortium of big retailers including [company]Walmart[/company], [company]Target[/company], [company]Sear[/company]s, [company]Wendy’s[/company], [company]Exxon[/company] and [company]CVS[/company] that is launching its own digital wallet called CurrenC. You’ve probably MCX’s name pop up in the news lately as its members have butted heads with Apple for turning off NFC at their registers, effectively blocking Apple Pay for some of the biggest retail stores in the country.

At Mobile World Congress in Barcelona, I spoke briefly with PayPal’s senior director of global initiatives Anuj Nayar, who said Paydiant gives the payments giant another set of commerce tools to offer its merchants customers. While Paydiant focused on larger retailers, PayPal will be able to scale its products down to its vast network of small retailers. “We can create a digital loyalty program for the corner coffee shop,” Nayar said.

PayPal’s new NFC reader will be similar to the stand-alone point-of-sale terminal it launched in the U.K. two years ago. It has a numeric keypad with a slot for Chip-and-PIN card transactions and a Bluetooth radio to connect to a smartphone or tablet where PayPal’s Here app processes the transaction. The addition of NFC means it will accept contactless transactions from mobile wallets like [company]Apple[/company] Pay, [company]Google[/company] Wallet and eventually Samsung Pay (PayPal’s own mobile wallet doesn’t use NFC). It will also take payments from contactless credit cards popular in many countries outside the U.S., which is why PayPal first will roll out the terminal in the U.K. and Australia this summer and then launch in the U.S. later this year, Nayar said.

When it does come to the U.S., the reader will pull double duty as PayPal’s next-generation credit card reader. This year, retailers are beginning the transition to EMV cards, which use smart chips instead of magnetic stripes to transmit encrypted data at payment terminals. The familiar triangular PayPal Here reader in the U.S. accepts magnetic stripe transactions only, and I assume it will be gradually be phased out as more merchants move over to EMV payments.

MWC-2015-ticker

Samsung Pay has all the tools it needs to surpass Apple Pay

A lot of the features in the new Galaxy S6 and S6 Edge, like curved edges and glass-and-metal design, are examples of Samsung playing catch-up on the latest smartphone trends, but Samsung’s new mobile payments app stands apart. Apple and Google may have brought their contactless payment technologies to the market first, but Samsung Pay fills in sizable gaps that Apple Pay and Google Wallet have in their services.

Samsung Pay uses both near-field communications (NFC) and magnetic secure transmission (MST) technology from LoopPay. That means that it can not only make the same secure contactless transactions that [company]Apple[/company] Pay can, but it can also make “swipe” purchases on the vast majority of older payments terminals that haven’t upgraded to NFC. Samsung has also retooled the new smartphones’ fingerprint sensors so they work with a press rather than a swipe, making it easier to initiate a purchase with a thumb tap.

Just as significant as the technology is Samsung’s broader financial ecosystem. It’s brought [company]MasterCard[/company] and [company]Visa[/company] to the table as partners along with four of the largest card-issuing banks: [company]JP Morgan Chase[/company], [company]Bank of America[/company], [company]Citi[/company] and [company]US Bank[/company]. (At the launch event, Samsung CEO JK Shin said these were just a few of the financial deals Samsung had signed.) Banking deals were one of the key reasons Apple Pay was a big initial hit, as consumers could load almost any of their existing debit and credit cards into the iPhone’s contactless wallet.

The new Galaxy S6

The new Galaxy S6

For Samsung, those bank deals are particularly important because the biggest selling point for its mobile wallet is that it will work on a far larger variety of terminals in the U.S. than Apple Pay or any other NFC-only payment app. If the banks hadn’t gotten on board Samsung wouldn’t have been able to make that argument come this fall.

The U.S. is finally making the leap to EMV credit cards, which use a smart chip to send encrypted data to a payments terminal. It’s a much more secure technology, and Samsung’s MST technology can’t emulate it the way it can the numbers stored on the mag stripe of credit. But with the banks apparently lining up to work with Samsung Pay, that’s not a problem Samsung has to worry about anymore. The banks can simply pass that encrypted card data from the cloud to a secure element in the Galaxy S6 or S6 Edge, which the phone then passes either through its NFC radio or magnetically, depending on which technology is available at the terminal.

Samsung Pay will not only make both “smart” and “dumb” transactions, so to speak, but it has the potential to turn what would normally be insecure static payments into more secure, dynamic As LoopPay co-founder and now Samsung employee Will Graylin recently explained to me, MST can send dynamic data through a magnetic read head designed only to take static data. The terminal thinks it’s just getting a regular credit card number, but Samsung Pay could send out a prefix code that alerts the payment processor that the numbers it’s about to receive are EMV cryptograms. Samsung Pay can use the same method to send tokens — one-time-use numbers supported in the newest payment technologies — through even the oldest, junkiest card readers.

An earlier version of LoopPay's MST technology. Instead of living in a phone sleeve, LoopPay will be embedded directly into new Galaxy S-series phones.

An earlier version of LoopPay’s MST technology. Instead of living in a phone sleeve, LoopPay will be embedded directly into new Galaxy S-series phones.

MasterCard chief emerging payments officer Ed McLaughlin explained to me that the potential implications for the payments industry could be big indeed because the banks and consumers will no longer be tied to a particular type of transaction based on a merchant’s hardware.

“The type of payment you make is a business decision, not a technology one,” McLaughlin said. “This is a clear way to work with older [payment terminal] stock out there.”

While Samsung seems to have minded all of the technical and financial details, we’re going to have to see Samsung Pay in action before we can levy a final judgment. I was at the Galaxy S6es’ big launch at Samsung’s Unpacked event at Mobile World Congress on Sunday, and while Samsung executives showed a video of Samsung Pay in action onscreen, there didn’t appear to be a live demo at the event. None of the new Galaxy S6 and S6 Edge phones I played with at Unpacked even have the app installed.

If Samsung Pay launches with a bang this summer, Samsung will have a compelling mobile wallet that can rival Apple Pay in many ways, but it will only have that advantage for so long, especially in the U.S. As merchants upgrade their payment terminals for EMV, they’re also upgrading them to support NFC. Within a year or two, NFC transactions could become the norm rather than the exception.

MWC-2015-ticker

Maybe I’m just a dumb millennial, but I’m going to keep using Venmo

Venmo, a mobile payment app popular among college students and recent grads, has security holes “you could drive a truck through,” according to an article posted on Slate this week. The report was largely based on one man’s story about how a grifter was able to steal $2850 from his account before he was ultimately reimbursed.

The fact that Venmo doesn’t offer two-factor authentication is indefensible, so I won’t defend it. But I’m also not going to delete the app off my phone and cancel my account.

Still using venmo

In fact, I used Venmo last night — as I do fairly often — to reimburse my girlfriend for a magazine she bought for me because I didn’t have cash and it was the easiest way to pay her back. (Ostensibly I wanted the March issue of Vogue for the Apple Watch spread, but I was most interested in the cover story about Taylor Swift and Karly Kloss.)

I’m not going to stop using Venmo because its security is actually appropriate for the service it provides. In fact, I think it’s much more likely that my insecure magnetic credit card will get swiped by an ATM skimmer or through a security breach at a store like Home Depot. It’s simply not worth giving up Venmo’s convenience. And based on the number of transactions I saw in my Venmo social feed from last night, my friends agree.

Sure, Venmo might not have FDIC or credit card consumer protections, but it is legally required to help its customers recover funds from unauthorized transfers. One of the scariest details in the Slate story is that you have two business days under Venmo policy to contact the company after you spot fraud in order to limit your liability to $50 — even if the fraudsters stole close to $3000 (Venmo’s monthly limit.) After that, you could lose up to $500.

But those scary-sounding consumer protections aren’t exclusively Venmo policy — they stem from federal policy that covers unauthorized transfers for debit cards as well as smartphone transaction services like PayPal and Chase QuickPay. It is likely no different than what your bank offers for electronic transfers.

From the Federal Reserve’s regulation E:

Reg E unauthorized transfers

Plus, it’s in Venmo’s interest to make sure its customers aren’t paying for fraudulent charges. Fraud is not part of its business model — in fact, fraud almost certainly leads to Venmo losing money, either because it has to pay or through bad PR. (If you’re a Venmo user who has had thousands of dollars stolen from you and you haven’t been made whole, I’d love to talk to you. Email me.)

Here’s the statement Venmo gave me:

At Venmo, our most important job is to protect our customers and provide a safe experience. We are continuously improving product and security measures but there is always more to do. We have teams dedicated to fraud prevention, customer support, and operations working tirelessly behind the scenes, and we always guarantee our users’ funds. Our customers put their trust in us and we take that responsibility seriously.

Just this morning, I changed the password on my account and immediately got an email from Venmo alerting me to the changes. It’s not perfect: A request to change email ended up sending a message requesting I verify the new email address, but nothing to my old one saying it had been changed.

One real issue is that Venmo’s support line is an email address and it doesn’t get back to customers quickly. Venmo clearly needs to improve that, but the fact that it doesn’t offer a phone line actually seems like a good thing to me, because it means a slick social engineer can’t get a call center employee on the line and sweet-talk him into giving up personal information.

Ultimately, I’m going to keep using Venmo for a few reasons:

  1. All my friends are already using it. If I’m trying to pay someone back for, say, a beer at a bar, I usually don’t need to ask her to download an app.
  2. It works and it’s easy — I’ve made hundreds of transactions and I haven’t had a problem yet. If I do, I feel confident in predicting that Venmo will eventually make it right.
  3. When you link it to a bank account, it’s free to both pay people and cash out.

If you’re really worried about security, you can unlink your bank account, as some of my colleagues have done. I added a PIN to my Venmo app — locking it with my fingerprint on my iPhone — but that seems superfluous because you need my PIN to get access to the phone’s contents in the first place. And when Venmo introduces two-factor authentication, I’m going to turn that on too. But I’m going to keep using Venmo, and frankly, I’m going to keep publicly posting many of my transactions.*

*For the record, I’ve labeled many Venmo memos as “drugs,” but never actually for a transaction that included drugs.

5:40PM: This article has been corrected to clarify the emails that Venmo sends when account settings are changed.

Barclays to allow mobile payments based on Twitter handles

The British bank Barclays has announced a new twist on its Pingit mobile payments app – users will be able to transfer money to one another using their Twitter handles.

Pingit, which has been around for a few years now, has so far used phone numbers as the main identifiers for its users, who do not need to be [company]Barclays[/company] customers (though they do need a U.K. bank account and phone number) and don’t need to pay any transaction fees. As of 10 March, iOS and Android users will be able to associate their [company]Twitter[/company] handles with their Pingit accounts in the same way.

“Adding the ability to pay people or a small business using just a Twitter handle brings together a social and digital experience to create a new step forward for mobile payments in the UK,” Pingit chief Darren Foulds said in a statement.

That said, this approach – where Twitter IDs are used from within the Pingit app — is only one of several ways in which banks are enabling mobile payments using elements of Twitter. Last year France’s Groupe BPCE launched a service whereby people can actually send payments through public Twitter itself, with tweets containing special phrasing that triggers a form of verification on the recipient’s smartphone.

In January, Indian bank ICICI also launched a Twitter-based money transfer service, which involves sending a direct message to the bank’s Twitter account, containing the recipient’s Twitter handle and the amount to be transferred.

Google buys Softcard, teams up with carriers on mobile payments

Google and the mobile carriers have long been at odds over mobile payments, but faced with the runaway success of Apple Pay, the two rivals have become friends. AT&T, Verizon and T-Mobile are selling their mobile wallet joint venture Softcard to Google for an undisclosed amount, Google and Softcard revealed on Monday in separate blog posts, and they have agreed to pre-install Google Wallet on their Android smartphones starting this fall.

That’s quite a full circle to arrive at, considering that for the last three years the three operators actively blocked Wallet from their devices in blatant protectionism for their own mobile payments service Isis. The problem was that Isis, which changed its name to Softcard last year, was slow to arrive to market, meaning few Android phones had access to any kind of near-field-communications (NFC)–based wallet.

That left the nascent smartphone contactless payment market stillborn in the U.S. until [company]Apple[/company] stepped in with Apple Pay. Apple Pay is not only available on every iPhone 6 and iPhone 6 Plus (as well as the forthcoming Apple Watch), but it also built in a much bigger ecosystem for its service, bringing card-issuing bands and online merchants to the table that neither [company]Google[/company] nor Softcard managed to attract.

Those two also-ran wallets are obviously feeling Apple’s heat, so instead of battling it out in the Android space, they’re teaming up, which should make banks, merchants and especially Android-owning consumers happy. It probably would have made more sense to sign this deal a year earlier, though, as other companies are trying to fill the vacuum the Isis-Google war created with their own Android wallets.

Samsung last week bought universal digital credit card startup LoopPay, which uses an alternate technology to NFC that gives it access to most point-of-sale terminals in the market. As I wrote last week, Samsung still has to add a few missing pieces to its payments puzzle – most notably direct partnership with the banks – but there’s a good chance we might see the first Samsung contactless payments app debut in the Samsung Galaxy S6 when it is unveiled at Mobile World Congress next week.

Mobile recap: LoopPay vs. Apple Pay; new Pebble; LG Watch Urbane

Samsung has a new way to fight back against Apple and it has nothing to do with Google. This week, Samsung bought LoopPay; a company that adds mobile payments to phones using a magnetic field. Early reports and rumors about Samsung’s Galaxy S6 handset — expected to debut on March 1 — suggested a LoopPay tie-in.

Loop mobile payments

Google may not like it, but the acquisition gives Samsung a digital payment solution of its own, although the company can certainly still offer [company]Google[/company] Wallet on its Android devices. Google’s Wallet, four years in the making, hasn’t really resounded with consumers though. I’ve been using the service on and off since 2011 with Android phones that have an NFC chip inside them but retailers have been slow to adopt or support Wallet. That’s in stark contrast to [company]Apple[/company] Pay, which is a successful twist on the same NFC technology.

While LoopPay will work for now in the U.S. by spoofing the magnetic card stripe on current payment cards, Samsung will have to adopt it for the upcoming change in payments here. Samsung will need to create bank partnerships for EMV payments; essentially, we’re getting a payment card upgrade here later this year, which will require LoopPay to work with chip-and-PIN cards. LoopPay knew of this transition, so it’s not completely in the dark; we’ll see how it handles the change in a few months.

pebble action

Before then, we may have a new smartwatch or wearable device from Pebble. The company, which ran a hugely successful Kickstarter campaign in 2012 for its current smartwatch, is expected to announce something on Tuesday of this week. That’s based on a countdown timer that’s been busily ticking away since Thursday.

While we have no idea what Pebble is counting down for, the company did say earlier this month that it would be launching new hardware this year, along with a unique software interface. Perhaps we’ll get a glimpse of a new watch this week; hopefully, it’s not just a new band for the existing Pebble.

lg watch urbane gold

 

Even if Pebble does launch a new smartwatch, it’s going to compete with more Android Wear devices. The latest, LG’s Watch Urbane, hides its smarts in what looks like a very traditional analog timepiece. The stainless steel Urbane will be available in gold or silver finishes, uses the same 1.3-inch circular plastic OLED touchscreen display as the existing G Watch R and is aimed for the upscale smartwatch market.

Will Samsung’s mobile wallet plans work? We’ll know in 7 months

Samsung has entered the mobile payments fray with its acquisition of LoopPay, giving it the technology to turn its smartphones into wireless credit cards that can purchase goods and service with a wave of the wrist. LoopPay is clearly Samsung’s answer to Apple Pay, but there’s still one missing piece from its payments puzzle.

With LoopPay’s technology the consumer electronics giant now has all of the technical tools to take on Apple Pay, but Samsung still needs to form direct partnerships with the card-issuing banks. If it doesn’t, then the upcoming transition to new chipped smart cards will be awfully rough on its contactless payments technology.

Today LoopPay’s technology relies on what is essentially a spoofing of the credit card. It records the credit card number off of your plastic’s magnetic stripe, and when its fob or smartphone sleeve is waved over a payment terminal, it transmits that number through a magnetic field, emulating the physical card swipe. The technology works at nearly all point-of-sale terminals today, and I can vouch for its effectiveness. I’ve used a Loop fob to buy coffee at Starbucks and tools at my local hardware store with no difficulty. As Samsung incorporates this technology into its phones, it will work the same way.

The problem is that this kind of static magnetic transaction is going to be phased out of the U.S. retail industry starting in October (it already has been in many other regions of the world). The U.S. is adopting EMV (the name comes from the initials of backers Europay, MasterCard and Visa), which will replace magnetic cards with smart chip cards that store encrypted data that LoopPay won’t be able to emulate — at least not without the cooperation of the banks.

LoopPay's most recent iPhone 6 sleeve with detachable "card" module

LoopPay’s most recent iPhone 6 sleeve with detachable “card” module

LoopPay founder Will Graylin and Samsung’s head of mobile payments Injong Rhee assured me in an interview on Thursday that both LoopPay and Samsung have been in discussions with multiple banks and those partnerships are forthcoming. They also said that LoopPay’s technology is already optimized to handle EMV payments as soon as those first bank deals are signed.

I have no reason to doubt Graylin and Rhee, since even before the acquisition LoopPay already had the backing of at least one credit card powerhouse — Visa was an investor — and Samsung itself wields enormous clout. If it commits to making a Loop-powered wallet a key feature in its smartphones, then banks will want to come to the table, just as they came to the table with Apple Pay.

But Graylin and Rhee wouldn’t offer any details on the specific banks they’re talking to or any timeline for when those deals would be in place. That’s worrisome because the clock is ticking. If those deals don’t come down by October then Samsung may find itself with a mobile wallet that increasingly doesn’t work.

What happens in October

This year, banks will start replacing your plastic with chipped cards, and by the end year MasterCard expects that half of all U.S. credit cards will support chip-and-PIN transactions. Meanwhile, U.S. retailers are replacing their point-of-sale terminals with new card readers that accept EMV transactions.

The transition to EMV in the U.S. was originally expected to be slow – and it will take years before that last small merchant upgrades its hardware – but recent big security breaches like the one affecting Target have lit a fire under the major retailers, explained Osama Bedier, a long-time veteran of the mobile payments space. Bedier founded and is now CEO of payments terminal maker Poynt. Previously, he ran [company]Google[/company] Wallet from its launch until 2013, did product development at PayPal and is an advisor to and investor in LoopPay competitor Coin.

By the October deadline, the top 100 biggest retailers in the U.S. will accept EMV payment, accounting for 40 percent of all in-store retail transactions, Bedier said. Why the hurry? If they don’t, they’ll be liable for any fraudulent transactions made on chipped card at their stores.

Every point-of-sale terminal maker is developing an EMV reader, including Square

Every point-of-sale terminal maker is developing an EMV reader, including Square

That’s a huge shift in the U.S. retail landscape, but LoopPay and other digital credit card makers like Coin, Plastc and Swyp like to point out that even new chipped cards will continue to sport magnetic stripes so they will be able to load them into their universal cards. Conversely, even new payments terminals will still have magnetic stripe readers, so every merchant will technically be able to accept a transaction with their devices.

The infrastructure will remain in place for retailers to continue accepting their digital cards, so everything is hunky-dory, right? Here’s the problem: just because a merchant can technically accept a mag stripe transaction doesn’t mean they will.

EMV transactions are more secure because they use cryptograms instead of the numbers printed on your card face. When digital card holders start sending that insecure static data over payment networks instead of using the encrypted chip on their physical cards, the banks will notice, and a certain point they’re going to start rejecting purchases.

“It all depends on how long the grace period is,” Bedier said. “It could be three months. It could be six months. But the card issuers will start declining transactions.”

Samsung’s opportunity

The key for any of these universal card makers is to demonstrate there’s enough utility and demand for their technology that the banks will gladly climb on board, Bedier pointed out. And here’s where Samsung has a big advantage.

On its own, LoopPay was a small company selling a niche product. But with the might of Samsung behind it, it has enormous advantages over its digital wallet competitors, who are mainly startups trying to crowdfund their products. If Samsung were to make a big commitment to embedding LoopPay’s tech in all of its forthcoming Galaxy smartphones and its wearables, or if Samsung created a detachable phone module that you could hand to a waiter or sales clerk, then the banks would likely eat it up. The banks want to offer their millions of Android customers an alternative to [company]Apple[/company] Pay.

Could LoopPay's technology make it into the Galaxy Gear?

Could LoopPay’s technology make it into the Galaxy Gear?

Furthermore, Samsung would have much larger potential retail appeal than Apple could ever hope to achieve any time in the near future. Graylin explained that LoopPay can route secure EMV data through the mag stripe reader, effectively turning a static transaction into a dynamic one. That means LoopPay could process EMV transactions at any terminal, as it wouldn’t be restricted to working with chip-and-PIN readers or systems with near-field communications (NFC) radios, which is the big limitation of Apple Pay.

With the banks’ cooperation, Samsung could also go beyond the EMV standard to offer tokens – temporary credentials good for only one or a limited number of payments – just the way Apple Pay does. Since LoopPay would be connected to the cloud through the Samsung mothership, it could constantly update its encrypted credit card data from the banks.

“I think we’re going to offer a very unique experience,” Graylin said. “I think people will soon see that.”

So over the next seven months we shouldn’t just be looking out for announcements on how Samsung will incorporate LoopPay’s technology into its products. We should also be watching for the specific banking deals Samsung signs. If it gets enough of them quickly, Samsung could find itself with a mobile wallet that could rival Apple Pay. If it doesn’t, Samsung’s fledgling mobile payments plans could wind up buried in the same heap as Google Wallet and Softcard.

Visa expands its online payments service Checkout to 16 countries

After seven months of testing Visa Checkout in the U.S., Canada and Australia, the financial giant has decided to bring the online payments service to 13 additional countries in 2015. Checkout allows you store your credit card details into a kind of cloud wallet and then pay at merchant’s websites and in their mobile apps by entering just a user name and password.

In the coming months [company]Visa[/company] said it would bring Checkout to Argentina, Brazil, Chile, China, Colombia, Hong Kong, Peru, Malaysia, Mexico, New Zealand, Singapore, South Africa and United Arab Emirates, bringing the grand total to 16 countries across the globe.

Checkout replaced Visa’s more sophisticated, but also more complicated to use, V.me digital wallet last summer. Though [company]MasterCard[/company] and Visa run competing online payments networks, MasterPass and Visa Checkout actually support each other’s credit and debit cards as well as [company]American Express[/company] and [company]Discover[/company]. Checkout also competes with PayPal, though Visa appears solely focused on large retail brands rather than smaller merchants. That said, The Checkout button is hardly universal on shopping sites today, but Visa has had success in landing some big names like [company]Staples[/company], [company]Pizza Hut[/company] and [company]The Gap[/company].

Visa plans to roll out Checkout first to international retailers that already have a cross-border presence, said Sam Shrauger, senior vice president of Digital Solutions at Visa. For instance, in China, many of the wealthier set are buying luxury goods from the U.S., so high-end Checkout partners [company]Neiman Marcus[/company] could benefit from having a Visa button appear on their websites overseas, Shrauger said. After that, Visa will start going after the big retail brands in each of the respective countries, Shrauger said.

In the U.S., Shrauger said, Visa has already signed up 3 million users for the payments service, and the majority of those users have used Checkout multiple times.

This post was updated on Thursday to clarify how Visa Checkout partners like Neiman Marcus would benefit from the international expansion.