A group of 22 big banks is working on yet another system to support mobile wallets—and, along the way, potentially solving a major security problem for retailers, according to Karen Webster at Pymnts.
The group, which includes Bank of America, Capital One, Citibank, JPMorgan Chase and Wells Fargo, announced on Monday (July 1) that it will set up a cloud-based tokenization system for its members and, eventually, any other financial institution that issues credit or debit cards.
The scenario goes like this: A customer with a mobile wallet registers that wallet with the bank that issued his credit card. Instead of the card number, the mobile wallet gets a randomly generated "dynamic credential"—a token—that will be passed through retailers' point-of-sale systems, processors' networks and banks' firewalls so that only the issuing bank will be able to translate the token into the actual payment-card number.
At least for cards in mobile wallets, retailers should be safe from thieves who want to steal credit-card numbers, since there won't be any usable numbers to steal.
It's not a new idea, but for years efforts to get retailers and card processors to use tokenization on a large scale have failed, largely because they were at the wrong end of the payments process. Now that large card-issuing banks are pushing a standardized token, it has a better chance of being adopted.
But that's still not guaranteed. The banks will have to throw support open to the largest number of mobile wallets possible—if they just use it with their own wallets, it's likely to go nowhere. And to be useful at all, customers will actually have to start using mobile wallets in large numbers—a problem that no mobile wallet provider has so far been able to crack.
Mobile Wallets Hit $500 Million In 2012, But That's Mostly Starbucks
Gartner—Finally—Drops NFC Mobile Payment Predictions
Can The Google Wallet Approach Work Any Better In Russia?