The launch of Apple Pay last month jump-started the mobile payments business, with several companies pushing hard to become your preferred payment method in stores. Even more competitors are on the horizon, promising to bring a lot more security and convenience compared to today's plastic payment cards.
The magnetic-stripe cards currently used in the U.S. are simply not very secure. Your name, card number and expiration date are all encoded on the stripe without protection, and hackers have been targeting payment terminals to steal that data, jeopardizing the security of tens of millions of card holders.
Banks are racing to introduce more secure, chip-based cards by October 2015, but phone-based systems like Apple Pay and Google Wallet are here now and offer a good deal of convenience and security. But not all mobile payment systems are equal. Here's a look at the major systems out there and how they work:
Included with the iPhone 6, iPhone 6 Plus and upcoming Apple Watch, Apple Pay allows users to load their credit card details and then make payments using a short-range wireless system called NFC. With it, users simply bring their phones close to a terminal for a payment to be made. It's more secure too, because the card number isn't sent. Instead, a substitute called a token is sent so the retailer never sees your card number. The token, if stolen, is useless for subsequent purchases and the only time it gets matched to your card number is by your bank.
Apple has created a system that's incredibly easy to use: the cardholder authenticates the transaction by putting their thumb on the phone's fingerprint sensor, which happens in seconds. It only works with banks and card companies that have partnered with Apple, but that list is growing. Apple is keen to point out that it never sees details of your purchases. Only U.S.-issued cards are supported at launch, but it will expand to other countries in 2015.
Also based on wireless NFC technology, Google Wallet appears similar to Apple Pay, but it's a little different behind the scenes. When paying with Google Wallet, Google assigns your phone a MasterCard number. It exists only in your phone -- you don't receive an actual card, and you don't have to go through a credit check. When you pay, the retailer gets that MasterCard number and Google immediately charges your chosen credit or debit card for the same amount. The two-step process, which is invisible to the user, means any U.S. debit or credit card can work with Google Wallet. It also means the retailer never sees your actual card number, which makes it more secure, but also means that Google can see every purchase you make.
Backed by AT&T, Verizon and T-Mobile, Softcard is another NFC-based payment system. The service requires a dedicated Softcard app, customized by each carrier, and a special SIM card that has a secure payment chip. The SIM card is available free. It works with phones running Android 4.4 (KitKat) or above and Windows Phone 8.1 and supports cards from American Express, Chase and Wells Fargo. For other banks, Softcard will set up a virtual American Express card that can be used in much the same way Google Wallet uses a virtual Mastercard. With that, any debit or credit card is supported.
The eBay-owned payments company is pushing beyond the virtual world into brick-and-mortar retail. One version, in use at Home Depot, allows PayPal account holders to purchase goods by tapping in their phone number and a PIN code at payment terminals. A newer version involves the customer "checking in" on a PayPal app when they enter a store that accepts the payment system. That action alerts the store to your presence and paying is as simple as telling the cashier you want to use PayPal. The check-in action transmitted your presence and account details to the store, so the cashier just needs match the charge to your account. The app is available on Android, Apple and Windows Phone.
CurrentC (get it? "currency") has been developed by some of the biggest names in retail in the U.S. including Sears, Target and Wal-Mart. It will be launched in early 2015 and, while many details are still unclear, appears designed to solve two problems for its backers. The first is the roughly 2 percent fee that credit card companies charge on each transaction. CurrentC will work with a customer's bank account, avoiding the fees although also losing the fraud protection offered on cards. Secondly, customers will be able to share personal information, like their name, birthday and contact details, with a store, presumably for incentives although quite how that will work is yet to be detailed.
A big difference lies in the technology used by CurrentC. Unlike Apple Pay, Google Wallet and Softcard, it doesn't use NFC but instead displays a barcode on a phone screen that is scanned by the cashier.
The system was under the radar until October when two CurrentC members, CVS and RiteAid, stopped accepting NFC payments right after the launch of Apple Pay. That brought a wave of negative publicity and eventually forced the company to divulge a little more about its plans. The CEO said additional forms of payment, including cards, might be supported and CurrentC could switch from a barcode to NFC or Bluetooth. But for now, we're just waiting to see what the retailers will come up with when it launches.
Martyn Williams covers mobile telecoms, Silicon Valley and general technology breaking news for The IDG News Service. Follow Martyn on Twitter at @martyn_williams. Martyn's e-mail address is firstname.lastname@example.org
Join the CIO New Zealand group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.