February 03, 2014, 12:09 PM — In the new world of plastic money, technology has provided - in addition to the old standby of magnetic-stripe payment cards - a multitude of readily available innovations and services:
- EMV cards with embedded microchips from Europay, MasterCard, Visa and others;
- Smartphone apps such as Google Wallet, Braintree and Square Wallet;
- Payment readers apps such as GoPayment, PayAnywhere and SAIL;
- Carrier-based billing and payment options, and
- Near Field Communication (NFC) technology that makes payments by waving or tapping a phone against a contactless reader.
The concept of using one card or one device for all purchases isn't really the same as a universal credit card - although one product on the horizon, Coin, comes pretty close.
Coin Does the Work of Many Cards
About the same size as a standard credit card, Coin is a low-energy, Bluetooth-enabled card that customers can exchange for their wallets full of plastic. Users can load their credit, debit, membership, customer loyalty and gift cards to the device's mobile app by using the card-swipe dongle that connects directly to their smartphone or tablet.
Once installed, the Coin functions just like any other credit, membership, gift or debit card, with transactions as easy as tapping a button on the device's digital screen. The screen displays the card brand, such as Visa, MasterCard or American Express, and, if applicable, the last four digits of the card number, its expiration date and its CVV/CVC code.
[ Interview: How a Mobile Payment Service Can Grow Your Business ][ Analysis: Mobile Payments Battle Brews Around Small Shops in Big Countries ]
"With Coin, we wanted to create something that was completely innovative but recognizable," says Patrick Evans, creative director at Coin, which is due to be released this summer. "Every day, we modify Coin based on customer feedback and our own testing to deliver a sleek product that easily fits into everyday life."
While the Coin card can manage only eight cards at a time, the Coin app can store all your cards, and changing the "onboard selection" is simple once the program contains all the cards' data. At that point, the Coin mobile app and user smartphone are needed only if users want to add, delete, or sync more cards, which does require an Internet connection. (Using the Coin for live transactions doesn't depend on Internet or Wi-Fi service.)
'Lost and Found' Feature Disables Coin If You, or It, Goes Too Far
Security for all storage and communication (HTTP and Bluetooth) uses 128- or 256-bit encryption on the company's servers, mobile apps and the Coin card itself. The device is password-protected, according to the Coin FAQ page, and its signature panel is tamper-resistant.
There's also a lost and found feature: If you leave your card on a restaurant table, or if someone steals your wallet, Coin will find it and send an alert to your phone. From there, Coin automatically disables specific device functions, based on the card's proximity to your phone, or fully deactivates itself if it has been away from your phone for too long.
"Coin uses the concept of a leash. If your Coin gets too far away from you, it notifies you via the app that you left your device behind," Coin CEO Kanishk Parashar says. The device then locks itself; the card can be swiped but is otherwise disabled until it's back in your hands.
"If the phone battery dies or you're in airplane mode, the leash will also break," Parashar says. "But once this happens, users can manually unlock Coin using a single-button pass code (similar to a Morse code) and continue to use their Coin without their phone."
Coin can "comfortably communicate" with a phone within a 25-foot range, Parashar says. When it exceeds this distance, it starts a countdown to automatically deactivate itself if it does not reestablish communication with the phone within the period of time configured in the mobile app.
David Monahan, a senior analyst with Enterprise Management Associates - who participated in an email Q&A with Parashar for the purposes of this article - says he'd like to see the proximity loss to be farther than the proximity lock.
At a restaurant, for example, a lock setting of five feet would ensure that a server holding your Coin device can't "mess with it," but a loss setting of 25 feet would let the server reach the point of sale terminal without the card going off. In addition, Monahan says he's hoping for a tamper-resistant case such that incursions or cracks "won't erase the [encryption] keys or, at a minimum, make them inaccessible by the program."
Christophe Uzureau, research vice president of banking and investments at Gartner, describes the lost and found feature as "an interesting contribution to reassuring some cardholders," adding, "The approach to improve the tracking of payment instruments (cards) via smarphone is a feature that could generate new thinking for established stakeholders. Consumers - especially in the United States - are relatively aware of the liability with credit card solutions."
However, Uzureau says, Coin does present some valid concerns. Consumers' perceptions of security could be negatively impacted by a lack of familiarity with the Coin brand and the need to carry another piece of hardware, he says. In addition, customers must plug use a dongle into their smartphones to register their cards; some consumers already perceive dongles as insecure, and this may counterbalance the added security of the lost and found feature.
Coin's EMV Support, and International Usage, In the Works
Coin is currently available for iOS and Android; Windows Phone and BlackBerry options may be offered if there's user demand, the company says. The battery lasts two years; as of now, there's no rechargeable option.
Coin is regularly priced at $100 per card, but preorders are now available for $50 plus $5 shipping and handling. The first batch is expected to ship this summer. Coin is water-resistant, but not waterproof, and the company says the device should last about two years. Neither magnets nor X-ray machines will damage Coin, the company says.
Uzureau says Coin, in its current form, will likely have a "pretty limited" impact on the payment industry and won't reach a tipping point until 2015, when the United States is expected to switch from magnetic stripe to EMV chip payment technology. According to Parashar, the current Coin doesn't support EMV, but future versions will.
"What would be interesting," Uzureau says, "is for Coin to explore how to align itself to the evolution of digital wallet solutions and their use of both local and networked security credentials - the so-called hybrid model."
Read more about consumer in CIO's Consumer Drilldown.