What is it about large retailers that make them incompetent
at building efficient payment acceptance systems? It is my unsubstantiated
belief that IT systems in general and payment system architecture particularly sit
quite low on the retailer totem pole. I come by the belief honestly in that I
have made recommendations to tweak specific applications to save retailer money
and see obvious changes completely ignored resulting in losses of millions of
dollars and counting. It also makes sense that organizations built by sales
people, managed by sales people, and directed by sales people scorn the beanie
wearing pocket protected nerds scuttling around in off-limits dungeons guarded
by 3 headed dragons. That is why the latest attempt by retailers to attack
transaction fees especially from Apple Pay is so amusing.
CurrentC is payment system architecture under construction
by MCX (Merchant Currency Exchange) and under attack by critics near and far (see
for example http://www.theverge.com/2014/10/25/7069863/retailers-are-disabling-nfc-readers-to-shut-out-apple-pay).
As the reader(s) of this blog know I believe the current payment card
infrastructure is not secure, too expensive, monopolistic, and technologically archaic.
In short, it is ripe for wholesale replacement, and it is natural for its chief
exploited users to replace it by rolling their own. However if the description
of this architecture that I read remotely resembles the planned deployment of CurrentC
(see http://techcrunch.com/2014/10/25/currentc/
) then once again we will witness millions wasted, angry consumers, and happy
payment system providers increasing their fees.
The first mistake is disabling the near field communication
(NFC) devices and replacing it with their own proprietary protocol. Payment
system infrastructure requires open standard protocols for ubiquitous
acceptance by the public. Any move away from an existent standard to a proprietary
one is bound to fail. Worse yet, it limits payment choice by customers which
sales folks know is not conducive to sales growth.
The second mistake is the interaction (if
the cited article correctly describes the interaction) requires too many data transfers
presumably to enhance the security posture but actually increasing the risk of
data intercepts and therefore the opportunity for a successful attack. In an
earlier post (see http://paymentnetworks.blogspot.com/2014/09/review-of-iphone-payment-initiation.html
) I noted that Apple Pay did not reduce its vulnerability that much although it
will take at least two years from the date of its deployment before an attack
succeeds. I think the same is true for the CurrentC architecture regardless of
the derived unique key per transaction (DUKPT) type of encryption the cited
article described. I never will describe an attack method in this blog, but I
think it is safe to say that MCX needs to carefully review its risk posture.
MCX exists for good reason but once again we find sales
people fielding a technology that they do not understand. Perhaps they should
consider using the infrastructure they already have in place and competing
against Financial Institutions and their acquirers by issuing digital currency.
It will be a lot safer, a lot cheaper, and it has the “gee whiz” feel that
modern consumers love. More importantly, cyber currency increases consumer choices
for payment and notably does not reduce consumer choice.
No comments:
Post a Comment