One of the advantages of this blog-on-blog world, where comments on comments on blog entries are commonplace, is that it’s hard to miss a news item. A recent blog entry on PCWorld picked up on an Oracle blog entry that discusses, in some detail, the performance characteristics of NFC in a test performed by the retail side of the database giant. In that test, the Oracle team found NFC to take some time to process three different applications – the payment, a coupon, and a loyalty app. It took so long that, for the consumer, it would be a “tap and hold” transaction, keeping the handset on the NFC terminal for eight seconds or more to complete a multi-step, read/write transaction.
Clearly, that isn’t going to work.
But, it’s not going to be the way NFC-mediated transactions will take place. First, we expect most of the application power to be performed in the merchant’s back end or in the cloud. That’s where all the data resides and there’s no shortage of computing power in those clouds. To grossly understate the obvious, Oracle has some expertise in that department.
Those functions that need to be on the handset will largely be user interface presentation, management and security functions, especially authentication. Both sides do what they do best.
This also means that the POS terminal has to be online – connected all of the time for payment authorizations as well as connection to the back end services managing loyalty, couponing, and other services. This is of little consequence in the U.S. – at least for large retailers who are already running IP terminals that are connected 24/7/365. The data pipe between the terminal and the back end data resources won’t be a bottleneck. We are an all-online ecosystem today as far as payment authorization goes. NFC and rich data to the smartphone only accelerate an existing trend.
Furthermore, even if the NFC link is a bit slower given complex transactions, optimizing slower communications links is a well-honed art. The analytical power merchants want to bring to a transaction should be performed in the back end so that a minimum of data is sent to the wireless device, regardless of which link it uses, the short-range NFC radio or the standard cellular link. It’s far easier to assemble a single message from multiple sources in the back end than ask an app on the handset to figure it all out locally.
One of the best uses of NFC is in authentication and security. NFC provides secure, encrypting hardware to the mobile device. That security hardware could be used to identify a mobile device and its owner. Security is always improved with hardware. Couple that with a security service layer that handles authentication and other security services in the cloud and we start to “harden the edge” of the network, making it far more difficult for hackers to suborn devices and inject bad data into the middle of a transaction.
As we’ve said before, NFC’s introduction is going to be messy. But the technology is not going to be the barrier. It’s the business relationships of the entities that will be the biggest hurdles for participants to jump over.
Mercator’s upcoming report, Authentication At the Edge: NFC, Smartphones, and a New Model for Payments Confidence, examines this topic in greater detail.