Starbucks Manager: 'Fan of NFC'; Keeping Bar Codes for Now

While the head of innovation for the popular Starbucks prepaid payment card declares that he is a "big fan of NFC," the giant coffee-shop chain is not about to wait for NFC phones before introducing mobile payment, the manager told NFC Times.

As the company continues to expand the trial of its Starbucks Card Mobile App for smartphones–this week announcing another 300 stores in the New York City area would join the test–Chuck Davidson, category manager for innovation for the Starbucks Card, said the 2-D bar code technology the app uses is delivering on its promise.

"Mobile payments could be powered by NFC someday, but bar codes are our proxy right now," Davidson told NFC Times. "My job is innovation, and while I’m a big fan of NFC, I feel a tremendous need to get to learning about mobile payments as quickly as possible. Our thinking was to get in the game and learn about this from a customer behavior standpoint, and the quickest way was through bar-code technology."

The introduction of the Starbucks Card Mobile App to New York City, announced Monday, comes after the Seattle-based chain has had nearly a year to evaluate its performance in 16 stand-alone stores in Seattle and northern California, and units inside more than 1,000 U.S. stores of mass merchandiser Target. 

As in the original test stores, Starbucks will equip the 300 company-operated stores in New York City and on Long Island with 2-D scanners capable of reading bar codes displayed on screens of customers’ iPhones, iPods and, more recently, BlackBerry handsets.

After the customer scans the bar code at the point of sale, Starbucks deducts the amount of the purchase from his Starbucks Card account over the network. The app also lets cardholders track the card balance, add to it with a major credit card, check the status of rewards points and locate nearby Starbucks outlets.

Customer Interest in App Grows
Davidson said stores in the initial test phase have seen customer interest in the mobile application grow steadily. While he wouldn’t provide hard numbers on the volume of transactions, Davidson said the trial has exceeded expectations in terms of customer use and performance of the system. The key to its success, he said, is upfront development work that focused heavily on user-friendliness.

"People say they love using it," he said. "It’s very intuitive and you don’t need to be a propeller head to get it. We wanted to provide customer utility with this, and we think we’ve also got the 'cool factor' working for us as well."

Davidson said he’s been surprised that customer use of the app continued to build well after its introduction. Customers have consistently reported how "fun" it is to use smart devices to pay, suggesting that users are comfortable with the mobile-payment concept. The app is also fast. Davidson said project team members have timed the mobile-payment transaction and found it to be speedier that either cash or plastic–whether debit, credit or Starbucks Card.

"I was afraid we’d drop off after seeing some big usage at the start," he told NFC Times. "But we didn’t see that, and instead saw the big bump followed by a gradual increase."

But is it Secure?
Some industry observers point out that bar-code-based payment is much less secure than NFC or cards using smart card technology. For example, a fraudster could make a copy or take a picture of a customer’s static bar code and simply put it in a PDF or JPEG file on his own phone to use.

Davidson said there have been no documented cases of the Starbucks Card Mobile app getting hacked. And while users are not required to enter a pass code when they open the app, it’s an option for those who don’t mind for the transaction to take a little bit longer.

Drew Sievers, co-founder and CEO of U.S.-based mFoundry, which developed the app for Starbucks, downplays the security issue as well. He said if bar codes are generated dynamically so that they could be changed on customers’ handsets frequently and if the application allows for their proper storage on handsets, security risks are minimal. Plus, the risk of losses from hacks is mitigated because the Starbuck Card is a closed-loop payment scheme. Of course, any dynamic updates to the bar codes on customer phones would require a mobile-network connection to complete.

The bar codes in the Starbucks Card Mobile app, however, are not dynamically generated, Sievers confirmed, so they remain static on the phone.

Einar Rosenberg, an NFC expert and chief technology officer for Narian Technologies, observed that despite the clear success of the Starbucks test, there is a security gap with bar codes that looms as a major hurdle to widespread adoption of bar-code mobile payments. And he said it argues for a quick transition to NFC phones, once the devices become available.

"The Starbucks product shows that mobile payments is not only accepted by consumers, but also is a benefit to retailers," he said. "What I don't agree with is using bar codes for payment since it’s less secure, and more importantly, it doesn't have the commitment from financial institutions and standardization for payments, like NFC does."

Sievers, whose company develops mobile apps with an emphasis on financial services, sees NFC as the most popular mobile- payments platform of the future. But such companies as Starbucks that want to get their feet wet in m-payment aren’t willing to wait for the various members of the NFC ecosystem to iron out their differences.

"This bar-code technology is being used in mobile applications that were envisioned as being managed by NFC, but since there’s been no agreement on a business model to take this to market, with too many stakeholders trying to figure out how to get something out of it for themselves, innovative companies have made the decision not to wait and instead get cracking via bar code technology," Sievers told NFC Times. "Bar codes are ubiquitous and easily adaptable to any handset. They’re a logical stepping stone to contactless open-loop payments."

Until NFC-enabled phones and other contactless-mobile payment options become available, Sievers said closed-loop bar-code applications like Starbucks is deploying are poised to help both merchants and consumers get more comfortable with mobile payments.

"It takes less time to shift customer behavior now because of the pervasiveness of technology," he said. "Comfort with using ATMs took longer than mobile banking; mobile banking was taken up faster than online banking, which was taken up faster than ATM usage. Now, there’s a direct correlation between the penetration of smartphone technology and a shift in consumer behavior for seeing phones as something more than just a phone. What Starbucks is doing further validates mobile payments and benefits the entire industry."

Adding Features, Android App
Of course, Starbucks Card Mobile transactions will remain a minuscule percentage of total Starbucks Card spending for some time to come. The chain recently released some figures on customer use of the card, noting that users are on track to load more than $1 billion in their card accounts this year. As of the end of the third quarter, sales of cards were up by 17% compared with last year and reloads on existing cards increased by more than 59% from last year.

Davidson told NFC Times that plans call for expanding the exposure of the mobile-payment service, including adding features, though he did not elaborate.

"For now, it's all about adding more stores and making sure that we're letting more people try this,” he said. “We have a smartphone platform we're tethered to now, and we'd like to add more to it, and maybe extend it to other areas besides mobile payment and add more features and functionality."

And he indicated Starbucks would offer a payment app for Android smartphones, noting that the chain has been “hearing quite a bit” from customers that they want it. Starbucks introduced an app for BlackBerrys early last month and said the iPhone and BlackBerry users account for a combined 71% of its smartphone-packing customers.

As for NFC and other forms of contactless-mobile payment, Starbucks will be fully engaged in evaluating what they bring to the mobile-payments picture, Davidson said.

"NFC is appealing, but we’re very comfortable with the bar-code platform," he said. "I’m responsible for the innovation pipeline with the Starbucks Card, and so I’m looking at everything. But it’s a matter of where NFC is sequenced on the roadmap. When do customers have NFC phones whether they know it or not, and when do they not have to contend with dealing with multiple handset makers and new carrier accounts? We don’t know how far out that is, but when it meets our criteria for helping people to pay with their phones, let’s think about it."

Article comments

 
BrianJames Oct 29 2010

I think Mr Rosenberg should be asked to elaborate on the security concerns and how any that he points out are compared to that of NFC. NFC ambassadors are using this security fear tactic regarding mobile barcodes because NFC is failing while mobile barcodes are expanding rapidly. IF there are were legit security issues that were isolated to mobile barcodes as a form factor, they would be pointed out....

 
Narian Nov 3 2010

I appreciate BrianJames points. The truth is, that this would take hours to explain every point, but I'll start with just a few. First off, security concerns are not limited to just stealing information, they run the gambit and can include everything from stability, reliability, standardization, redemption/denial procedures, and more.

A side example to elaborate the following points is denial of service attacks on the internet. It doesn't steal your money, but it can stop you from using your money, and it's considered a security threat. So please keep an open mind on what security means and not limit it.

Let's just touch on a few points. NFC is a standard that is fully accepted by the card associations, financial institutions, and security groups. It's a single standard. 2D is not accepted as the key standard by any of the above, who currently are the only true nationwide infrastructure for payment. Not to mention there is one standard for NFC, but over a dozen variations of 2D ranging from datamatrix, microsoft tag, semacode, etc.

Standards are important to security because they creates reliability. I'm secure as a consumer that it will work. Now let's also more on the reliability aspect of security–such as NFC is a more dependable technology for environmental issues. To read 2D, you need an optical scanner, which requires proper lighting and no distortion issues from the phone screen. Small things like smudges from a cheek can actually distort images on the screen, thereby limiting reading, and other subtle but environmental aspects.

Optical scanners are expensive and are not even being considered as standard integrated options on POS terminals, unlike NFC, which is being pushed by the major POS players.

Security isn't just about stealing your info, it's also about me making sure it works, over and over. Money in my phone is useless if someone steals it, or if someone stops me from using it.

Cold and heat can also effect optical scanners, but NFC terminals in POS are less likely to have that issue, and with no true mechanical parts, are less likely to break, unlike optical scanners that can be damaged, scratched, painted on, etc. Are you going to replace an optical scanner every time some kid with a permanent marker destroys the lens?

Let's talk another aspect of security, the redemption/denial aspect. It's the part where if someone steals my info and uses my money, with NFC, which is accepted fully by the card associations, it allows me to call up Visa or my bank and dispute charges and have laws to back me up and protect me.
If someone steals my Starbucks card, is there truly a standard method to argue charges or any laws laid out to make sure I get my money back, or that I only get charge no more than 50 bucks for the money used?

Let's look at another aspect of what I see in security such as securing me in that I can use it in as many places as possible. This technology (and application) is specific to just Starbucks, but I want a payment technology on my phone that doesn't require me to setup 20 accounts and download 20 2D barcode apps to use in 20 different retailers. Security is not just about stealing information, it's about making sure it works, making sure no one else can use it, making sure i can use it in as many places as available, making sure as a retailer I have the lowest liability of damage and the highest reliability of usage, making sure there is a standard dispute process to get my money back, making sure its easy to use and not cumbersome to get registered to use everywhere, and the list can go on.

Now to point out on 2D aspects that you might worry about as a general case of security: If it's a static image, I have to worry that someone can copy my screen, and reload it on their own phone. But let's say it's a dynamic screen, on which the barcode changes. I either have to make sure I have an Internet connection to communicate with a server that will give me a new barcode each time–and you know how reliable Internet connections on phones can be in some places–or I have to have an application that is secure, that allows me to generate a new one that is accepted and known by the payment server. Now with NFC, we have a secure element, certified by global platform specs. I don't hear 2D payment being integrated into a secure element, so if it is on the OS, it leaves it open to hackers and because it's on the OS, it would require payment providers to develop that secure application for generating secure dynamic 2D barcodes for dozens of phone OS's–and possibly have to modify them each time each OS is updated.

I could go on and on and on. But if you limit security to just stealing my information, you're limiting your view of security. I want to be secure that it works, works everywhere, works always, works easily, works if i lose my money, works if a dozen other issues arise.

I have to admit, this is a quick response so I know there are some points that might need elaboration. But I'd like to add that we've develop 2D products, nfc products, Bluetooth, WiFi, GPS, SMS, etc. We might be known as specific to NFC, but trust that NFC is only part of what we do, so I do know 2D. When it comes to payments, NFC is the best technology, and it might take a bit longer to get into the market than 2D, but it will be better than 2D and don't bet on 2D for payments in the long run, bet on NFC.

 
richsr Nov 24 2010

Both technologies will be critical to the future: NFC and dynamic, open standard QR codes at the register and dynamic QR codes in reverse for eCommerce - a different method than the way Starbucks has currently deployed barcodes (patents pending).

P.S. Reading 2D codes at the register is being done not only with expensive optical scanners but with low-cost, versatile smartphones and Android devices as well.

Please register or login to post a comment.

HEADLINE NEWS

Apple Pay Enables Ventra Closed-Loop Fare Card in Chicago after Long Delay

NFC TIMES Exclusive Insight – Apple has finally made good on plans to enable fare payments through Apple Pay with the closed-loop Ventra card from the Chicago Transit Authority, or CTA, the latest major closed-loop card the tech giant has enabled in recent months.

Visa Rolls Out SoftPOS technology as It Seeks to Promote Acceptance of Contactless by More Small and Micro-Merchants

NFC TIMES Exclusive Insight -  Visa is rolling out what it calls “Tap to Phone” technology to 15 global markets, as it seeks to enable millions of small and micro-merchants that now mainly take cash to also accept contactless EMV credit and debit cards and credentials on NFC devices.

Trip-Planning Apps Moovit and Transit Enable Ticketing and Payments for Another Transit Agency

NFC TIMES Exclusive Insight – Multimodal trip-planning apps Moovit and Transit have introduced ticketing and payments in their apps for another North American transit agency, following an emerging trend for trip-planning apps to enable users to plan, book and pay for their rides all in one place. The app providers are offering the extra service as they seek ways to give users a better mobility-as-a-service experience.

Australia’s Commonwealth Bank Seeks to Expand Involvement in Public Transit and Other Mobility Payments Projects

NFC TIMES Exclusive Insight – Commonwealth Bank of Australia, the acquirer and processor for the open-loop payments service rolled out by Transport for New South Wales in Sydney, says it is negotiating with transit officials in other Australian states to help launch similar payments services. It also hopes to be involved in payments for mobility-as-a-service platforms.

Report: Nearly Two-Thirds of Survey Respondents Say They’ve Used Contactless Cards During Pandemic

NFC TIMES Exclusive Insight – There’s more evidence that the Covid-19 pandemic is helping to change the way that consumers pay, with more use of contactless cards, mobile wallets and e-commerce channels, according to the “World Payments Report 2020” published Tuesday by global consulting firm Capgemini.

UK Public Transit Officials in Midlands Seek to Replicate London’s Success in Pay-as-You-Go Contactless

NFC TIMES Exclusive Insight – Transit officials in the Midlands in the UK today are calling on the government to fund a London-style contactless fare-payments system across this large section of the country, which would enable riders to tap to pay for trips on rail, bus and tram networks with either closed- and open-loop cards and credentials on smartphones.  

Post-Lockdown, Transit Riders Want Agencies to Run Vehicles More Frequently, Provide Real-Time Arrival Information and Offer Contactless and Mobile Payments

NFC TIMES Exclusive Insight - Up to a third of transit riders in several cities say contactless payments and mobile ticketing would encourage them to return t

New York’s OMNY Project Completes Major Milestone, as Transit Officials Point to Steady Growth in Adoption

NFC TIMES Exclusive Insight – New York’s Metropolitan Transportation Authority says it is seeing steady growth in use of its OMNY open-loop fare payments system by customers–though overall open-loop payments remain small–as the agency continues its phased rollout of acceptance of contactless EMV bank cards and NFC Pays wallets. 

In-Depth: Trip-Planning Giant Moovit Begins to Enable Ticketing and Payments, as Rivals Make Similar Moves

NFC TIMES Exclusive Insight – Moovit, which bills itself as the world's largest “urban mobility app,” has begun to enable public transit ticketing and payments from its platform, as it seeks to deliver what it says is a true mobility-as-a-service experience for users.

Los Angeles Transit Authority Follows Through with Plans to Enable TAP Card for Apple Pay; Google Pay to Follow

NFC TIMES Exclusive Insight – Another major U.S. transit agency has introduced a virtual closed-loop card for Apple Pay this week, with the Los Angeles County Metropolitan Transportation Authority, or Metro, announcing the move Thursday. It comes a couple of days after the Washington (D.C.) Metropolitan Area Transit Authority, or WMATA, announced it had put its SmarTrip closed-loop card on Apple’s NFC-enabled devices, as well.

Apple Enables Virtual SmarTrip Fare Card for Apple Pay in Washington, D.C., with More Closed-Loop Transit Cards Expected This Year in U.S.

NFC TIMES Exclusive Insight – Apple added support for its latest closed-loop transit card for Apple Pay, enabling customers of the Washington Metropolitan Area Transit Authority, or WMATA, to tap their NFC-enabled iPhones and Apple Watches to pay for rides with WMATA’s SmarTrip virtual card.

Insight: Apple’s Long Game Pays Off, Conquering Resistance to Apple Pay from Banks in Europe and Beyond

NFC TIMES Exclusive Insight – It’s coming up on six years since Apple announced its groundbreaking digital-payments service, Apple Pay. And while consumer adoption remains a work in progress, Apple has had considerable success gaining participation from banks and other issuers in what is now more than 50 countries worldwide.