Feeds

PayPal's 'delightful' intrusion into meatspace: You wish

It's not like this stuff hasn't been tried

Business security measures using SSL

Comment PayPal reckons its mobile payment system will take us into a new way of managing our money, and PayPal into the real world of real things, but disrupting world banking ain't that easy.

The plans, announced yesterday, made huge play of being superior to the nascent NFC-based payment systems, which require replacement phones and payment terminals. But a slightly closer look at PayPal's offering shows that it does require replacing terminals in shops, as well as integrating the retailer's back-end systems into PayPal's servers, all to enable a shopping experience which is less convenient, and less secure, than we have today.

Demonstrating the system PayPal ran though three scenarios, to show just how superior PayPal's system is. There's a video too, for those who want to play at home:

The first scenario shows someone paying for goods without any card at all: all they do is enter a special phone number and their own PIN into a device which PayPal refers to as "the retailer's existing payment terminal".

Skipping over the security concerns of having a payment system that can be replicated by someone shoulder-surfing, rather than forcing them to pick your pocket too, there's the question of when the "existing payment terminals" suddenly got support for dialling phone numbers and calling PayPal.

The vast majority of payment terminals are supplied by the banks, the model and make mandated even where not subsidised, and its hard to imagine the banks suddenly upgrading them all to accept PayPal.

The second scenario shows someone reading the barcode on a product to check if the garment is available in another size, and if so then where there is stock available. One might prefer to ask the staff, who'll be needed anyway if there's more stock out back, but PayPal reckons another branch nearby might have the stock needed and wants to let you know.

To do that the shop will, obviously, have to integrate its entire stock management system with PayPal's service, presumably at some cost, and one has to wonder if those young things, who are needed to get the stock out anyway, couldn't fulfil this role more cheaply.

The last example shows a chap being relieved of the burden of walking down the aisles searching for goods, he can see them on display around the entrance, scan the QR Code and his phone will show him where to find what he's looking for. UK shoppers will recognise this as Argos in action, only with a physically-bigger catalogue and a smart phone rather than a stubby pencil. In Argos the poor chap wouldn't even have to fetch his own barbecue, but with PayPal his phone guides him to the product just as his sat-nav guided him to the store.

He can also apply for credit, from PayPal rather than the store, but the store does get told he's there so it can push him money-off vouchers and suchlike. Those vouchers are just about the only part of the demonstration which makes any sense – which is why such a service is already being offered by half a dozen companies.

Ultimately the success of PayPal's venture into the real world depends on the deal it offers retailers. Online PayPal is cheaper than credit cards as it offers none of the benefits of credit-card payments, free insurance and suchlike: in the physical world the advantage of credit cards is far less clear and there is an opportunity for a cheaper alternative.

PayPal isn't the first to suggest, or even launch, a system using mobile phones for payments. In the UK that title belongs to PayBox, who were processing restaurant bills by text message a decade ago, but that service never caught on even in its native Germany.

Contactless payment terminals are already popping up all over the place, with just about all new chip-and-PIN devices supporting NFC contactless payments these days, and the standard is gaining ground on both sides of the pond.

PayPal might have 100 million customers, but tens of millions of shoppers (in the UK alone) can already pay with a tap of the card, at a cost to the retailer of a penny (for transactions under £2, 4p for anything under a tenner). PayPal will have to undercut that to attract retailers, and get the customers to take their PayPal accounts on the road, both of which will be huge, quite possibly insurmountable, challenges. ®

Reducing the cost and complexity of web vulnerability management

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
JINGS! Microsoft Bing called Scots indyref RIGHT!
Redmond sporran metrics get one in the ten ring
Driving with an Apple Watch could land you with a £100 FINE
Bad news for tech-addicted fanbois behind the wheel
Murdoch to Europe: Inflict MORE PAIN on Google, please
'Platform for piracy' must be punished, or it'll kill us in FIVE YEARS
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
Sony says year's losses will be FOUR TIMES DEEPER than thought
Losses of more than $2 BILLION loom over troubled Japanese corp
Show us your Five-Eyes SECRETS says Privacy International
Refusal to disclose GCHQ canteen menus and prices triggers Euro Human Rights Court action
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.