PayPal says it is acquiring Zong for online purchases of digital goods, which is what Zong is used for now. But Zong's approach is simple enough that it could be used for in-store payments, too—without NFC or smartphones, using existing POS hardware and without payment-card interchange or PCI requirements. Is that what PayPal has in mind?
Zong's process is wonderfully dumb: You give the retailer (online or off) your mobile-phone number. The retailer sends the phone number and sale amount to Zong. Zong sends a text message containing a confirmation code to your mobile phone. You give that to the retailer, your phone bill is charged and the transaction is complete. The confirmation code is effectively a one-time password, so whether it's overheard or stolen is irrelevant. The phone number is hardly a secret, and there's no card number to be picked off by a thief with an RFID scanner.
No NFC, no PCI, no Google or Apple. No special hardware or software for the customer. It should work equally well for E-Commerce or in-store. There's still the problem of a stolen phone that has become the equivalent of a stolen payment card, but that's something every mobile-payments scheme has to deal with.
And although it's not as tap-and-go simple to use as NFC-based approaches, it probably could be—using, say, a contactless sticker with the customer's phone number on it. But under the covers, it's conceptually so simple that it might actually break through to consumer acceptance, the way contactless cards haven't.
So is this PayPal's secret plan to make a big play for in-store mobile payments by making NFC irrelevant? You might think so—except that on Wednesday (July 13) PayPal announced an Android app using NFC for person-to-person payments, with technology that could be as easily adapted for in-store use as Zong's.
It's another unsignaled left turn—and although we don't mind PayPal driving in circles, it is getting hard to believe even the company knows where it's going.