Google Wednesday updated its Walletcapability with significant changes. Instead of just a few Citicards and Google’s own prepaid card, Google Wallet now allows anycard to be added to its mobile wallet.
Looking a lot more like PayPal, Google’s new approach stores thecardholder’s card numbers in the cloud on its servers. GoogleWallet uses a prepaid virtual card as a wallet ID to connect itswallet to those cards that function as the eventual transactionfunding sources. This virtual card or wallet ID is a 16-digitnumber provisioned by Google over the air on to the secure elementof NFC-equipped smartphones on the Sprint and Virgin Mobilenetworks. MasterCard is the network behind Google’s prepaid virtualaccount and facilitates transaction routing to the other cardnetworks. As far as the merchant goes, the transaction proceeds tothe acquirer as usual. It then goes to Google where a look-up tothe linked card is performed and the message proceeds to the issuerfor authorization. The authorization is then passed back to themerchant.
Google is adding what it refers to as a lightweight API to easeissuer integration. One option is to include the ability to findand download Google Wallet from within an issuer’s online bankingand mobile banking portals. That’s a great idea to improve consumerawareness. The API also allows each issuer to insert a visualrepresentation of its card into the wallet but that level ofintegration is not required for a consumer to add any card – Visa,MasterCard, AMEX, Discover – into the Google Wallet. A digitalreceipt, produced by Google, that includes payment transactiontotals, is generated. The APIs also allow a merchant to send acoupon from a website or via a promotional email to the user’sGoogle Wallet where, with a single tap, the value of the incentiveis subtracted from the purchase price. This “Save to Wallet”feature can be added as button on the merchant’s webpage or placedwith an email.
A non-technical benefit for issuers is that Google does not chargeissuers for inclusion in the Google Wallet. That makes for a verydifferent proposition than Isis.
Google has also added some security features, including the abilityto disable the mobile wallet and remove payment informationremotely via a web portal interface. In the case of a lost orstolen phone, that’s a good thing.
Other aspects of this updated Google Wallet that are ofinterest:
First, Google Wallet continues to be an NFC-based scheme at thepoint of sale. In-store POS transactions use NFC’s card emulationmode via standard ISO 14443 contactless transactions. The Googleprepaid card / virtual wallet ID is a 16-digit PAN that isprovisioned over the air by Google to a slot in the secure element.Because of that, Google Wallet is limited to Sprint, its mobilevirtual network operator Virgin Mobile, and unlockedsmartphones.
The virtual card or wallet ID concept is a powerful one.Advantages include simplicity for issuers and flexibility forconsumers. It also conserves secure element real estate. Somehandset secure elements only have enough memory space to store nomore than three payment or identity credentials. That obviously isnot enough for many cardholders, who carry many more payment cards.It would also preclude the use of a secure element-based identityused for physical access at work, home, or a hotel room.
Google’s business model is all about the data it can collect andthe advertising it can deliver. For Google Wallet users, it seesthe overall payment transaction and has the ability to deliverincentives directly to the Wallet. At that level of granularity,Google may have found a data acquisition balance that doesn’tthreaten the merchant with SKU-level insight and the issuer withirrelevance and high costs. Time will tell if the consumerappreciates that combination-and if Google can scale the mobileoperator walls of Verizon, AT&T and T-Mobile.