Feeds

El Reg pays by phone – mmmm, free cookies!

Slow tap dance for UK's first contactless payments

High performance access to file storage

The UK's first pay-by-phone retail service launched last week, but based on our experience we won't be dumping our coins and notes any day soon.

Orange kindly sent us a Samsung Tocco Quick Tap – a spin-off of the feature-phone Tocco with added NFC to handle the payments. But before we could use Quick Tap to pay for something we needed a Barclaycard, and we also needed to create half a dozen passwords, PIN numbers and security prompts to ensure no one else could top up our balance for us.

To be fair, the first part of the process was registering our Barclaycard on line, which some customers might have already done, but even then there are various hoops through which one has to jump to get the service working. Once it is working then the payment itself was flawless, and we successfully bought chocolate cookies by waving a mobile phone – rather to the surprise of the shop staff.

To register a Barclaycard online one identifies oneself with an account number and credit limit, then one has to come up with a username (eight to 16 digits, at least one number) and a password (six numbers, no repetition, no date of birth and no sequences). The card then has to be registered with the Quick Tap payment service, which requires a security word (six to eight characters, no keyboard patterns and no repetition), and another security word (five to 16 characters, as before) followed by a four-number PIN.

Once you've managed that – and made copious notes to be eaten once memorised – you'll get a screen asking you for the number of the phone and the SIM identity, which the Quick Tap application on the phone will helpfully display.

Within the next couple of hours the phone is sent an activation code; ours arrived after about 20 minutes. That has to be entered into the website, and finally one can start charging up the account.

The Quick Tap application, which runs on the phone, is a J2ME app and that shows in the slow boot time. Enter the application and then click to add a Barclaycard Payment Service and it will trigger another J2ME app, with associated lag as the virtual machine instantiates again. Both applications also suffer from the Tocco's unresponsive touch screen, but one can get used to it.

The Barclaycard app asks for a PIN on launch. If the user tries to add some credit then the same PIN has to be entered again, which seems redundant – there is clearly a focus on security, or the appearance of security at least. That might allay the fears of the new user, but the process is painful and clunky in stark contrast to the process of spending the uploaded credit.

Due to a misunderstanding over shipping, we were left in Inverness to try the system, but Barclaycard advised us that at least two locations in the city would accept payments with a wave of the phone. One was a chemist, but as we weren't yet feeling ill we dropped into Inverness Subway to buy a cookie or two.

The staff at Subway were slightly bewildered by our request, but agreed that their terminal was emblazoned with the word "contactless". With the staff repeatedly pressing buttons and us waving the phone in the vicinity of the terminal we were able to complete the transaction within a minute or two.

High performance access to file storage

More from The Register

next story
Broadband Secretary of SHEEP sensationally quits Cabinet
Maria Miller finally resigns over expenses row
Skype pimps pro-level broadcast service
Playing Cat and Mouse with the media
Beat it, freetards! Dyn to shut down no-cost dynamic DNS next month
... but don't worry, charter members, you're still in 'for life'
Like Google, Comcast might roll its own mobile voice network
Says anything's possible if regulators approve merger with Time Warner
EE dismisses DATA-BURNING glitch with Orange Mail app
Bug quietly slurps PAYG credit - yet EE denies it exists
Turnbull leaves Australia's broadband blackspots in the dark
New Statement of Expectations to NBN Co offers get-out clauses for blackspot builds
Facebook claims 100 MEEELLION active users in India
Who needs China when you've got the next billion in your sights?
Facebook splats in-app chat, whacks brats into crack yakety-yak app
Jibber-jabbering addicts turfed out just as Zuck warned
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.