Sunday, October 26, 2014

Why Retailers Can’t Build Payment Systems

What is it about large retailers that make them incompetent at building efficient payment acceptance systems? It is my unsubstantiated belief that IT systems in general and payment system architecture particularly sit quite low on the retailer totem pole. I come by the belief honestly in that I have made recommendations to tweak specific applications to save retailer money and see obvious changes completely ignored resulting in losses of millions of dollars and counting. It also makes sense that organizations built by sales people, managed by sales people, and directed by sales people scorn the beanie wearing pocket protected nerds scuttling around in off-limits dungeons guarded by 3 headed dragons. That is why the latest attempt by retailers to attack transaction fees especially from Apple Pay is so amusing.

CurrentC is payment system architecture under construction by MCX (Merchant Currency Exchange) and under attack by critics near and far (see for example As the reader(s) of this blog know I believe the current payment card infrastructure is not secure, too expensive, monopolistic, and technologically archaic. In short, it is ripe for wholesale replacement, and it is natural for its chief exploited users to replace it by rolling their own. However if the description of this architecture that I read remotely resembles the planned deployment of CurrentC (see ) then once again we will witness millions wasted, angry consumers, and happy payment system providers increasing their fees.

The first mistake is disabling the near field communication (NFC) devices and replacing it with their own proprietary protocol. Payment system infrastructure requires open standard protocols for ubiquitous acceptance by the public. Any move away from an existent standard to a proprietary one is bound to fail. Worse yet, it limits payment choice by customers which sales folks know is not conducive to sales growth.

The second mistake is the interaction (if the cited article correctly describes the interaction) requires too many data transfers presumably to enhance the security posture but actually increasing the risk of data intercepts and therefore the opportunity for a successful attack. In an earlier post (see ) I noted that Apple Pay did not reduce its vulnerability that much although it will take at least two years from the date of its deployment before an attack succeeds. I think the same is true for the CurrentC architecture regardless of the derived unique key per transaction (DUKPT) type of encryption the cited article described. I never will describe an attack method in this blog, but I think it is safe to say that MCX needs to carefully review its risk posture.

MCX exists for good reason but once again we find sales people fielding a technology that they do not understand. Perhaps they should consider using the infrastructure they already have in place and competing against Financial Institutions and their acquirers by issuing digital currency. It will be a lot safer, a lot cheaper, and it has the “gee whiz” feel that modern consumers love. More importantly, cyber currency increases consumer choices for payment and notably does not reduce consumer choice.

Next Blog: Payment tails wagging payment dogs

No comments:

Post a Comment