But Visa is offering its new service for any issuing bank, mobile carrier and card brand. That means any payment card could go on a phone without the say-so of Google, ISIS or any other mobile-wallet vendor. At that point, will consumers see any reason for a mobile wallet other than the phone itself?
In the announcement at the Mobile World Congress trade show in Barcelona, Visa said the process for a typical phone owner would be straightforward: Buy an approved phone, contact the issuing bank, select a passcode, and then let the payment-card information download into the phone's NFC Secure Element. The rest of the process—swapping the necessary numbers, security keys and details among banks, mobile operators and service providers—would all be done by Visa.
What's not clear is what can be done with the card information once it's in the phone (Visa hasn't responded to our questions). But if there's an equally straightforward way for a smartphone app to query the Secure Element so the card info can be passed to a POS device, then Google Wallet and ISIS could become much less compelling.
After all, the big appeal for mobile wallets is supposed to be that all sorts of virtual cards could be stored on the phone with a single PIN—credit and debit cards, giftcards, loyalty cards, coupons, transit passes and anything else that could be squeezed in. That's a messy approach. But most wallets are pretty messy, so in itself that's not a drawback.
The problem is that consumers can put anything in their actual wallets. Mobile wallets, on the other hand, require a complicated web of relationships, orchestrated by whoever is in charge of the wallet. The fact that Google and ISIS have made a steady string of announcements about retailers, banks, card brands and POS vendors testifies to how complicated this gets. (For example, the same day Visa announced its potential wallet-buster, ISIS said it has signed up Chase, CapitalOne and Barclaycard. That only leaves hundreds of issuing banks to go.)
Result: How much of a consumer's actual wallet can go into the mobile wallet depends on politics, alliances and probably dollars changing hands—all of which is for the purpose of skimming a little bit off the top for the wallet operator.
But what if Visa actually follows through to the logical conclusion of its card-provisioning service? Suddenly the need for that web of agreements goes away.But what if Visa actually follows through to the logical conclusion of its card-provisioning service? Once the card numbers and passcode are stored inside the Secure Element, it has essentially become a contactless card—just without the plastic rectangle. Add a simple API that lets an app tell the Secure Element how to choose a card and spit out the encrypted account number at a POS (after the passcode is keyed in, of course), and suddenly the need for that web of agreements goes away.
Wal-Mart could do its own app that doubles as a loyalty card and Wal-Mart-specific coupon pouch. The loyalty card number wouldn't need to be cached in the passcode-protected Secure Element, and the retailer could add whatever CRM features it liked. The right type of RFID tag at the Wal-Mart POS might even automatically trigger the Wal-Mart app, which would then feed a payment-card number to the POS.
Macy's could do the same thing with its own app, loyalty program and coupons. Likewise Nordstrom, Home Depot, Staples, Sears and Gap. E-tailers could do the same thing, sending the encrypted card number to the Web site instead of a POS. And if a customer didn't have the appropriate retailer's app, a generic payment-card app—a sort of minimal mobile wallet—could be used to beam a card number to any contactless POS.
That's not nearly as tidy on the surface as that complex web of agreements carefully managed by a mobile wallet vendor. Then again, an unbundled wallet would cut red tape and pretty much eliminate the "sorry, that retailer isn't participating" problem that's likely to become a lot more common as the Google and ISIS wallets start seriously fighting the wall of apathy that has stopped contactless, Chip-and-PIN and other replacements for magstripe plastic cards in the past.
And because big retailers all have their own smartphone apps anyway, cutting out the middleman and adding POS capability to the app is likely to sound more appealing to upper management than negotiating an agreement with a wallet vendor and announcing "we're outsourcing mobile CRM to Google and the phone companies."
That still leaves room for wallets from Google and ISIS, though not much room under their current business models. They can both still offer up coupons, for example, and maybe grab the generic payment-card functionality. But a wallet within the phone? That could be gone, replaced by the phone as a (inevitably messy) wallet.
Of course, there's no guarantee that Visa will actually follow this through to its logical conclusion. Visa still has to cut deals with banks (a no-brainer), other card brands (if they can all play together with processors, they can do this) and mobile operators (only necessary because Visa expects to use the NFC Secure Element that's located on a phone's SIM).
But if Visa does close the loop, retailers might soon have a real reason to be seriously interested in getting customers to actually use this stuff.