ISIS Collides With Magstripe's Dominance

ISIS is scaling back expectations for how much its mobile payment system will be used, even before it launches. Last week, ISIS Chief Marketing Officer Ryan Hughes told GigaOM, "We're not trying to hit a home run, but get a bunt single." That's wise, given the very low levels of customer use for Google Wallet and the relatively low usage and security issues that have muddied PayPal's Home Depot trial. In fact, ISIS's expectations may still be too high, considering what happened to Chip-and-PIN, contactless in the U.S.

After all, even the hottest things in retail-chain POS today—iPads and iPods outfitted with sleds—still only handle one type of payment device: a magstriped card.

Everyone agrees that magstripes are insecure and unreliable, easily cloned and easily damaged. Contact Chip-and-PIN is much more secure. Contactless is much more convenient. Tapping with a mobile phone would be secure, convenient and let chains deal in mobile coupons and more effective CRM. Visa, MasterCard, Google, ISIS, a whole slew of smaller mobile payments competitors, even the group of retail treasury types who are mulling their own new payments proposal—they're all on board with the idea that magstripe's time is done.

And that's everyone, right? Well, except customers, who like their magstripes fine. And store managers and associates, who don't want to deal with training hassles and unfamiliar processes and equipment, especially because magstripes are what all the customers already know how to use. And even retail IT departments, which often talk a good game for improved payment technologies but actually roll out in-store mobile checkout systems that only support magstripe.

In practice, magstripe is a veritable god for U.S. retail payment, worshiped almost universally. Retailers have been lukewarm to anything besides the stripe. Consumers have been oblivious to alternatives—even consumers who will use their phones to shop and buy online. Except for a few heretical gadget freaks, the standard drill is to swipe the stripe.

Chip-and-PIN can't buy a break in the U.S. Contactless has so far been a huge waste of resources. Most major chains now support contactless, and many support contact chip (with or without PIN) at the fixed POS. But it's all pro forma, because those non-magstripe capabilities go unused. Associates are, in effect, trained not to use them. Magstripe isn't just a legacy. It's what associates prefer, what POS hardware is optimized for and what customers assume as the default.

Even at Home Depot, where theoretically the entire chain has been refitted to handle PayPal's new in-store payment cell-number-plus-PIN system, the alternative for any PayPal payer who finds that insecure is a plastic card with a magstripe.

And outside of major chains, the fastest growing alternative payment system, Square, requires magstripe.

The idea that magstripe is so well-entrenched didn't seem possible when word of the Google and ISIS mobile wallet efforts first started leaking out.The idea that magstripe is so well-entrenched in U.S. retail didn't seem possible when word of the Google and ISIS mobile wallet efforts first started leaking out in 2010. Of course NFC-equipped smartphones would have the wow factor necessary to get consumers using them at the POS. The oversold idea of consumers getting rid of their wallets always sounded like hype, but moving payment cards into phones seemed very practical.

Based on the Google Wallet results, ISIS apparently no longer believes that's going to happen. And after a string of shifts in its business plan—it started with plans to run its own end-to-end payments network, and several shifts later now positions itself as just a "technology provider"—this time ISIS is adjusting in a way that's clearly lined up with reality.

What Chip-and-PIN and contactless first demonstrated, Google Wallet has now proved—and ISIS is watching it rapidly approach, as well. The dirty little secret of payment cards is that there's no demand for a change from consumers, store managers or associates, or even retail IT.

Enabling more phones with NFC won't create that demand, despite Google's fondest hopes (remember, most consumers now carry contactless cards they only use with the magstripe). Building a massive infrastructure to support it won't create the demand, no matter how much ISIS wishes that were true. Even financial incentives for EMV transactions won't move this needle, although Visa and retailers' finance departments wish that were so.

What will do it? For a start, checkout-counter POS systems that don't actually make a swipe easier than any other form of payment, and in-store mobile POS systems that don't make a swipe the only option. Training for associates is probably a hopeless proposition, unless associates actually get a bonus for successfully encouraging customers to tap instead of swipe—which may not be such a crazy idea.

As for ISIS, it may now be down to three choices. It can keep working to reduce expectations for mobile payments—although once expectations get low enough, no one will use mobile at all. Or it can make sure its retailers' POS terminals still support magstripes, but don't effectively promote them by making them easier than anything else.

Or ISIS can forget about NFC and work with smartphone makers to add a pop-out magstripe to every phone. Yeah, that'll work.