Community

The 40 billion was per year, and covered all brands, while the 19 million is per month, and may or may not be only Visa transactions.  So the market share of contactless is somewhere around between 0.5% and 1%. 

The total number of card transactions in Europe is currently about 40 billion a year, so a contactless volume of 19 million per month represents about a 0.5% share of the total which is less than your criterion of 1%.  Still, that's a very healthy rate of growth and a lot more than a couple of years ago.  For the first time I'm beginning to think contactless may be getting traction.

Note the countries where the fraudulent transactions took place - the sooner we have 100% EMV chip and PIN worldwide the better.

I agree with Harin.  A separate member-owned Visa Europe was always an anachronism so this move is good for all parties and nothing to do with an alternative scheme which has been talked about for years but seems increasingly unlikely.

No, the original senior staffer was Richard Oliver - to be fair, Douglas King's article doesn't really say EMV is a bad idea - the headline is a bit one-sided.

@David.  Excellent points! To add a few of my own:

- EMV does have a solution for CNP fraud in the form of Remote Chip Authentication with 3D Secure (MasterCard CAP; Visa DPA) - now very convenient to use in the form of Authentication Display Cards.

- US fraud is growing fast as it migrates from chipped countries to the weakest link.

- The monetary value of the fraud itself is just the tip of the iceberg - there's also the cost of preventing it, the damage to the integrity of card payments, and the social costs of organised crime funded by card fraud.

- EMV does a lot more than just reduce fraud, through a raft of added value applications.

- Richard Oliver of the Atlanta Fed actually called for US EMV migration to reduce fraud back in 2010, as reported in Finextra at the time -

20 July, 2010 - 15:32: US risks becoming a global centre for card fraud warns senior Fed staffer

Yes, brilliant "nudge" advertising.  I see the agency is M&C Saatchi.  Weren't they the people behind the Blair "Devil Eyes" campaign?

Yet another way of looking at this method of payment is that it's just a conventional A2A credit transfer using a mobile phone rather than a PC to log on to your bank to initiate the transfer.  As far as I'm aware every UK bank now uses strong, two-factor, EMV-based Remote Chip Authentication (or its equivalent in the case of HSBC) to authenticate this type of payment.  For example Barclays' PIN Sentry.  Some, Nat West, for example, go further and insist on Transaction Data Signing by getting you to enter the beneficiary's account details in the card reader.  So it just would not be logical to have less security simply because you're using a mobile phone rather than a PC.

You don't really believe "EMV wasn't worth it" do you Ketharaman?

Nice blog Alexander - you raise a serious concern.  Presumably this new service is a form of "push" payment running on top of Vocalink's Faster Payments.  But as you point out, if authentication is via mobile phone number plus a static passcode entered into the mobile phone, with no equivalent of an EMV chip, then that's completely insecure.

Does anyone know if the Payments Council is working on any stronger form of authentication?  Anyone like to comment?

With both of you on this.  NFC, mobile, it's mostly all hype.