As mobile devices proliferate globally, will cash and cards be a thing of the past? Mobile payments have emerged as a tour-de-force in developing nations, providing a convenient way for people to transfer funds with the ease of a text message. While m-payment systems have raised concerns over their money laundering vulnerabilities, they may offer advantages over existing card-based systems in securing customer data and reducing fraud risks.
Major banks are also jumping on the mobile bandwagon as a way to provide customers with easy access banking from smartphones or tablets. This mobile movement has forged increasing business ties between financial institutions and the tech industry. For an inside look at this payments revolution, ACFCS spoke with Serge Elkiner, the Chief Executive Officer and Co-Founder of YellowPepper, a mobile payment tool in Latin America. The Miami-based company has received $30 million in venture funding and is set to become a widespread service in Colombia, Mexico, Ecuador and Peru.
As mobile payment systems emerge and expand, the risks of cyber threats, money laundering and fraud have to be addressed. Regulating and securing mobile payments to guard against these threats is an important part of the industry. Elkiner illuminates some of the vulnerabilities of credit and debit card payment systems, and how transitioning to “tokenization” models with m-payments can actually diminish the risk of fraud and theft of consumer data.
ACFCS: I’m Daniela Guzman for ACFCS. We’re glad to have you here to talk about the future of payments.
Elkiner: Thank you for having me here Daniela.
ACFCS: Why did this become a popular system in developing nations?
Elkiner: The primary reason that developing nations are where we believe mobile can play a big role in developing the ecosystem of a current payment is the security around the transaction. Compared to the US and Europe, the e-commerce industry is very small and definitely due to the security of the transaction and people fearing to put their credit card online because of the fear of it being sold and people taking their credit card to use it somewhere else. We believe that mobile technology can give an additional layer of security and comfort to use their cards online and offline where it is not atypical to have a cloned card at the ATM or at the restaurant when somebody takes your card and goes to the back. We strongly believe that mobile adds a security layer on top of the transaction.
ACFCS: Cybersecurity is a very important theme throughout this entire movement. What are the real risks of the current system that exists of normal card use? People are afraid of cloning and their identities being stolen. Why are cards prone to that sort of threat?
Elkiner: Online they do what we call “phishing” of the information of the credit card. They hack the website and take your card number and use the card number somewhere else. They use your identity and your card to purchase different things, that’s called cloning, or phishing. Same thing with the magnetic stripe of the card – they take the magnetic stripe, they copy it and they create the secondary card. That’s why in the rest of the world and most of Latin American countries are moving from magnetic stripe to what they call END which the chip reinforces the transaction of the card itself. It’s virtually impossible to clone a chip. If you add a pin to that transaction, then the security of that transaction is even better, so I think the industry as a whole is trying to reduce fraud and give more security to the user. Mobile does that by allowing you to tokenize your cards so you don’t give any of your card information. The token could take the form of a 6-digit pin you need for the transaction or the form of a bar code like bar codes you’re using in installation, so there’s different ways to tokenize the information of the card. What mobile adds to all of that is the ability to add to the transaction or in the promotional aspect of the transaction all of the loyalty aspects of the transaction a more complete shopping experience for the end user as well as for the merchant.
ACFCS: So we are seeing that tokenization is apparently a very secure way of making these transactions. Now can you explain a little more about how tokenization works and how YellowPepper is using it?
Elkiner: So basically what you do is in the cloud, or on servers in the back end, you link the hard information, or the financial information, your bank account, your credit card, your debit card, to your account and then when you’re ready to make a purchase, what you generate is a generated token that will be the information that you exchange at the point of sale. The point of sale could be a physical point of sale, or it could be an e-commerce merchant, but you don’t interchange the real information from your credit card. When you give a token in the case of YellowPepper, we generate a 6-digit code for each transaction, so you generate that code, you use that with the merchant, you input that on the website, and we make a match on the back end between that token and your actual card and we send your financial institution your actual card number for them to authorize it.
ACFCS: So financial institutions do have a role in authorizing and authenticating the transaction, so it’s not completely independent.
Elkiner: No, we work 100 percent with financial institutions and I think that they will remain at the core of anything.
ACFCS: Speaking of financial institutions and that cooperation, could you tell us how regulatory agencies in this multinational region have reacted to YellowPepper and also other mobile payment systems?
Since we are trying to make the transaction more secure, we are working with the trans-financial industry, financial institutions, officers and merchants to create a better, more secure environment, so they’ve reacted very positively and they’re in contact with us. So they’re supporting our efforts.
ACFCS: Have they put pressure on you to create better security measures?
Elkiner: No, they’re not pressuring us because our system is already more secure than the current system in place. We add that layer of security that does not exist today so that there is no sensitive information that’s exchanged at the weak point, which is the point of sale or the checkout on the internet. That is really what regulators are looking for: always more secure transactions. The more security for the end user and for the merchant. So they’re not pressuring us for more than we are offering already. They’re actually enthused that we’re launching soon in their respective countries.
ACFCS: So it seems that these mobile payment systems are very popular in developing nations and Latin America, especially. You chose this region, specifically for a reason. Can you tell us about the population and the marketing strategy that you engendered with this business idea?
Elkiner: I think that for mobile payments to be a success, it needs to be ubiquitous, therefore it needs to be available everywhere. The problem with developed nations in Europe or the US, is that there are so many merchant service acquiring companies, I think like 4,000 of those, and so many banks like 10,000 banks in the US or something like that, that could generate the complication of developing an ecosystem. In Latin America, you have 25 banks per country, three banks in each country generate a market share of approximately 60 percent together. Some countries major bank has a market share of 30-40 percent and merchant service acquiring companies are usually 2-3 per company so you can really actually get into creating an ecosystem on the national level where you can now make mobile payments accepted everywhere. We needed a short period of time, around two years, to create this environment where it’s accepted everywhere. Physical stores, online and atms, creating an environment for a card-led society. So I think that’s what attracted us to Latin America, as I said e-commerce is really limited right now besides Brazil. Brazil has a very developed e-commerce ecosystem. We believe that there’s huge growth potential in that sector. The reason it’s not developed is the reason I said in the beginning about fear of putting your card information on the internet and we create a bridge where you don’t have to put card information on the internet. So those two factors have given us the opportunity to create the right environment for mobile commerce to be successful.
ACFCS: For this to work, you really need vendors to have the capacity to take this system everywhere, so has that been a challenge to get these vendors on board?
It’s always difficult to get the few first vendors, but then the other vendors follow suit. So I think it’s important to get the first few ones, good ones, and make sure that they’re on board with you.