NFC, Smartphones, and a New Model for Payments Confidence
Boston, MA -- With NFC on the near-term horizon, the number of
smartphones in the U.S. with this new security capability will number in the
tens of millions within a year. This flood of highly capable devices will
provide new security and fraud mitigation possibilities for payment
accountholders, financial institutions, merchants, government, and other
enterprises.
Growing in popularity with consumers, these devices offer the critical
convenience features necessary for consumers to participate in security steps
such as PIN entry to specific apps, fingerprint reading, etc.
Mercator Advisory Group' s new report Authentication At the Edge:
NFC, Smartphones, and a New Model for Payments Confidence examines the
potential of the smartphone in security applications as it evolves to include
hardware-based security via NFC, NFC' s Secure Element card number storage, as
well as potential biometric applications.
Findings of this report include:
- Projections for the installed base of NFC-equipped smartphones in the
North American Market by Q1/2012.
- Context-specific, layered identity authentication provides a solid
approach that does not break existing relationships among transaction
participants.
- As e-commerce merchandising and payment methodologies move into the
physical point of sale environment, these clicks-at-bricks transactions will
require strong payment credential authentication.
- The availability of NFC facilities improves authentication services for
m-banking, e-commerce, m-commerce, and POS payments.
- Biometrics managed at the edge of the network by the device owner offer
new layers for authentication surety without imposing the challenge of
biometrics management on participants.
"Authentication is the heart of payments and online security. Smartphones with
hardware-based security capability, especially via NFC and fingerprint
readers, will give consumers, enterprise users, and the government
unprecedented control over their payment and security interactions," stated
George Peabody, Director of Mercator Advisory Group' s Emerging Technologies
Advisory Service. "The payments network has done an excellent job with
network-based intelligence, but it is time to put intelligence into the
devices accessing those networks from the very edge. Smartphones with hardware
security features bring contextually appropriate authentication power to the
problem of risk-based assessments.
One of seven exhibits in this report:
This report is 29 pages long, with seven exhibits and three tables.
Companies mentioned in this report include: Broadcom, Apple, Isis,
AT&T, Verizon Wireless, T-Mobile, Discover, Barclaycard, Gemalto, Giesecke &
Devrient, AisleBuyer, Facebook, Amazon, Google, SK Telecom, First Data, CASSIS
International, TSYS, Visa, MasterCard, Discover, Microsoft, Prime Sense,
Omnicom, Barbarian Group, Cheil Worldwide), and Razorfish, Publicis, ID-U
Biometrics, Disney, Blue Planet Apps, Bank of America, and INSIDE Secur.
Introduction
- Why Does Authentication Matter So Much?
Online Authentication Needs to Go Physical
- In Brief: The Identity Ecosystem Concept
- Government Activity
The Weaponized Consumer or Swiss Army Knives Iin the Aisles
From Online to Clicks-at-Bricks
- Bringing the Online Back-end Into the Store
- Hardware is Always Better - NFC
Next Steps: Hard Token, PIN, Biometrics
- The Phone: Something You Have
- The PIN: Something You Know
- Now Add Biometrics
A Look at Biometrics
- Could Gaming Technology Influence Merchandising and Payments?
- Mainstream Biometrics Scaling Up
For Biometrics, We' ve Got the Power
- More Layers: Passive Biometrics Authentication
- Challenge Response
- Edge-Hardened Clouds
Biometric Inhibitors
- Who Vouches for the Biometric Identity?
- Keep It Local
- Sample Use Cases for the "Hard Token + Sensor" Model
Card Present Redefined?
Conclusion
- It' s Not Just at the POS - Authentication for Online Banking
- Accelerating a Three-Party Model?
- Open Questions on Open Access to NFC
- An Exciting, if Potentially Confusing, Time for Consumers
Table of Figures
- Figure 1: US Smartphone Penetration Forecast
- Figure 2: Dynamic Authentication Draws on Payment and Non-Payment Sources
- Figure 3: The Many Roles for Smartphones in Retailing
- Figure 4: Smartphone as Multi-factor Security Device in Dynamic Data
Transition
- Figure 5: Access to NFC Requires Standards and Clarity
- Figure 6: Smartphone as Hard Token and Sensor
- Figure 7: Edge and Network-based Authentication
