Feeds

El Reg pays by phone – mmmm, free cookies!

Slow tap dance for UK's first contactless payments

Eight steps to building an HP BladeSystem

The UK's first pay-by-phone retail service launched last week, but based on our experience we won't be dumping our coins and notes any day soon.

Orange kindly sent us a Samsung Tocco Quick Tap – a spin-off of the feature-phone Tocco with added NFC to handle the payments. But before we could use Quick Tap to pay for something we needed a Barclaycard, and we also needed to create half a dozen passwords, PIN numbers and security prompts to ensure no one else could top up our balance for us.

To be fair, the first part of the process was registering our Barclaycard on line, which some customers might have already done, but even then there are various hoops through which one has to jump to get the service working. Once it is working then the payment itself was flawless, and we successfully bought chocolate cookies by waving a mobile phone – rather to the surprise of the shop staff.

To register a Barclaycard online one identifies oneself with an account number and credit limit, then one has to come up with a username (eight to 16 digits, at least one number) and a password (six numbers, no repetition, no date of birth and no sequences). The card then has to be registered with the Quick Tap payment service, which requires a security word (six to eight characters, no keyboard patterns and no repetition), and another security word (five to 16 characters, as before) followed by a four-number PIN.

Once you've managed that – and made copious notes to be eaten once memorised – you'll get a screen asking you for the number of the phone and the SIM identity, which the Quick Tap application on the phone will helpfully display.

Within the next couple of hours the phone is sent an activation code; ours arrived after about 20 minutes. That has to be entered into the website, and finally one can start charging up the account.

The Quick Tap application, which runs on the phone, is a J2ME app and that shows in the slow boot time. Enter the application and then click to add a Barclaycard Payment Service and it will trigger another J2ME app, with associated lag as the virtual machine instantiates again. Both applications also suffer from the Tocco's unresponsive touch screen, but one can get used to it.

The Barclaycard app asks for a PIN on launch. If the user tries to add some credit then the same PIN has to be entered again, which seems redundant – there is clearly a focus on security, or the appearance of security at least. That might allay the fears of the new user, but the process is painful and clunky in stark contrast to the process of spending the uploaded credit.

Due to a misunderstanding over shipping, we were left in Inverness to try the system, but Barclaycard advised us that at least two locations in the city would accept payments with a wave of the phone. One was a chemist, but as we weren't yet feeling ill we dropped into Inverness Subway to buy a cookie or two.

The staff at Subway were slightly bewildered by our request, but agreed that their terminal was emblazoned with the word "contactless". With the staff repeatedly pressing buttons and us waving the phone in the vicinity of the terminal we were able to complete the transaction within a minute or two.

Securing Web Applications Made Simple and Scalable

More from The Register

next story
Auntie remains MYSTIFIED by that weekend BBC iPlayer and website outage
Still doing 'forensics' on the caching layer – Beeb digi wonk
Apple orders huge MOUNTAIN of 80 MILLION 'Air' iPhone 6s
Bigger, harder trouser bulges foretold for fanbois
GoTenna: How does this 'magic' work?
An ideal product if you believe the Earth is flat
Telstra to KILL 2G network by end of 2016
GSM now stands for Grave-Seeking-Mobile network
Seeking LTE expert to insert small cells into BT customers' places
Is this the first step to a FON-a-like 4G network?
Yorkshire cops fail to grasp principle behind BT Fon Wi-Fi network
'Prevent people that are passing by to hook up to your network', pleads plod
BlackBerry: Toss the server, mate... BES is in the CLOUD now
BlackBerry Enterprise Services takes aim at SMEs - but there's a catch
Bring back error correction, say Danish 'net boffins
We don't need no steenkin' TCP/IP retransmission and the congestion it causes
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.