The popularity of mobile payments has exploded in recent years. In China, it’s been commonplace to pay using your phone through WeChat and Alipay for a few years. The Asian country has the highest adoption rate for mobile payments, close to 90%, far ahead of the second in the ranking Korea which sits near 45%.
However, the pandemic has propelled the growth of mobile payments worldwide. 2020 added 900 million new mobile payment app users, which is the most significant annual increase in user numbers to date (Source). The dominating players in the mobile payment markets include ApplePay, GooglePay, Samsung Pay, and in China: WeChat and Al.
While mobile payments are highly convenient for their users, various parties have to work together in the backend to enable this theoretically seamless touch-and-go payment experience.
But before diving into how blockchain might address some of the challenges mobile payments face, let’s talk about what mobile payments are and how they work.
Mobile payments are any payment that’s made using a mobile device. While the first association might be a mobile phone, don’t forget the increasing range of wearables like smartwatches or rings that often include payment capabilities.
The first-ever mobile payment took place in 1997 in Helsinki. Coca-Cola created a vending machine that allowed customers to pay for Coke with an SMS. Another historic example of early mobile payment usage includes Speedpass. Speedpass was an RFID (radio frequency identification) device that consumers could use at the gas station. When fuelling, they’d place the device near the sensor on the pump and would then be able to pay the appropriate amount through SMS.
Fast forward to 2011, Apple and Google started issuing the first iterations of their mobile wallets. Since then, we’ve become more accustomed to using digital money, and most banks offer ways to add one’s credit or debit card to other digital wallets.
Underneath all this, different technologies power mobile payments.
Most modern devices use near-field communication (NFC) technology to facilitate payments. The phone interacts with an NFC-enabled machine that uses close-proximity radio frequency identification to recognize the phone when using NFC payments.
Sound wave-based payments use cutting-edge technology that works for most mobile phones. While phones require a specific hardware piece for NFC payments, sound wave-based payments can be enabled through a software installation, making them more accessible and affordable. Sound wave-based systems leverage sound waves containing encrypted data to facilitate payments.
MST — Magnetic Secure Transmission
Samsung Pay uses magnetic secure transmission (MST) to facilitate contactless payments. MST-enabled devices will emit a magnetic signal that imitates the magnetic stripe of credit cards and can then be read by the terminal.
While you might not even remember the last time you wrote an SMS, , SMS-based payment systems have thrived, particularly in developing countries. They work on the most basic phone and require only a connection to your mobile phone provider. Using SMS, people can pay for products and services via text message. The amount is usually then added to the mobile phone bill.
Online mobile systems
For the sake of completeness, we also include online mobile systems, as they, like the above technologies, facilitate payments. Online mobile payments like PayPal and Alipay work through an App, and QR code or Bar code which the merchant scans to complete a transaction.
All you do is swipe your mobile phone in front of the reader, wait for the beep to indicate it was read, and the checkmark that shows that your payment was approved. Without going into too much detail, more parties are involved when using mobile payments than during a traditional bank transaction. The graphic below illustrates all the parties working together to make mobile payments happen.
Depending on the type of transaction, the Merchant might have to settle with the mobile carrier or send a payment request to the Mobile Payment Service Provider, who then, in turn, taps into the card network to get the transaction authorized. The banks who ultimately settle the transaction with the merchant are missing in the graphic.
The sheer number of participants involved in settling mobile payments introduces inefficiencies and intermediary costs. But these aren’t the only challenges that mobile payments face.
Like other payment methods provided by TradFi (Traditional Finance) or Fintech companies, mobile payments work because of trust, consensus, and convenience. While consumers trust that all parties involved in the process will do the right thing, providers place trust that the identity provided is the identity of the person paying. Yet, sometimes that trust is misplaced.
As consumers increasingly spend money from their mobile, fraudsters are catching up. The ACI eCommerce Fraud index reports that mobile fraud attempts increased by 1.22% in the first half of 2020 and a further 1.32% in the first half of 2021. Methods used by fraudsters include account takeovers, spam, phishing, promo scams, and repetitive Bot attacks.
When people use mobile wallets for payments, their devices might be more vulnerable to malware and viruses. While merchants ensure that their Point-of-Sale device stays up-to-date, the same cannot be said for all mobile phone users. And not updating their phone can leave them open to vulnerabilities. In 2020 alone, more than 156,710 new mobile banking trojans were discovered — twice the number in the year before. In the same year, Kapersky also detected more than 20,000 new ransom Trojans targeting mobile devices.
Data Leakage & exploits
As visible in the graphic above on the parties involved in transactions, the more parties keep sensitive data, the more potential points for data breaches exist. To settle payments, all parties from the Mobile Phone Payment Provider to the Card Provider up to the bank will keep transaction data, and while all of them have to implement strict security measures, breaches still occur. In August this year, 53 million customers of T-Mobile had their data breached after cyberattacks on the third-biggest wireless carrier in the US. This is particularly worrying, as this marks the 7th such incident within four years.
With all the risks mentioned above and the ever-increasing use of mobile payments, providers have to spend time and money on securing their centralized database. The more customers they serve, the more attractive they become as a potential target for attacks, requiring further cybersecurity spending. Unfortunately, though, even then, hacks are not a rarity.
Blockchain provides a transparent, immutable ledger that facilitates transactions between parties worldwide in a trustless manner. Mobile payments currently rely heavily on managing centralized databases from various providers, so the technology could offer a few benefits when implemented correctly.
While centralized databases have to be secured externally through firewalls, antivirus software, and internal security awareness training (social engineering continues being one of the most common types of cybersecurity attack); security in blockchains is inherent. Thousands of nodes power blockchains which makes them incredibly hard to attack. To overtake the Bitcoin blockchain, an attacker would have to accumulate more than 50% of the current Hashrate. The current Hashrate is 180 EH/s so, even with one of the most powerful mining machines on the market, achieving that threshold would require renting or buying more than 1.6 million Antminer S19 pro machines
And it’s not just blockchain’s computing power that makes it harder to attack. Unlike in a centralized database, a copy of the complete transaction history is stored on each full node. This makes it nearly impossible to tamper with records. Keeping copies across a network of nodes that share a public ledger comes with another benefit.
Reduced book-keeping efforts
Since the invention of the financial bookkeeping practices known as double-entry accounting in the 15th century, businesses have relied on it to measure the worth of their business. In mobile payments, all entities involved in making transactions will store information on the transfer and the sender and receiver. If three entities are involved in the process, the data is stored thrice on separate databases that are not visible to other participants.
By its nature, blockchain is an open and transparent ledger that facilitates transactions between parties that don’t trust each other. Implementing a blockchain that all participants have equal access to could reduce the need for each company to keep records of all transactions while simultaneously lowering their expenses on storage. With advances in zero-knowledge-proof cryptography, one could envision a blockchain-based system where all entities only gain access to the information on a need-to-know basis.
A more drastic approach of implementing blockchain could cut down the number of intermediaries involved in mobile payments and route them directly from the customer to the merchant or between peers. In El Salvador, we’re already seeing this play out where customers can directly pay using their Lightning Wallet to buy burgers from McDonald’s.
Lightning is a Bitcoin Layer-2 that facilitates the transfer of small amounts of Bitcoin without the usually with Bitcoin transactions associated waiting time and costs.
The legacy payment and banking infrastructure consists of various layers that have been patched together over time. Developing and maintaining this network costs billions of dollars, which results in long transaction settlement times, and costs. On the other hand, Blockchain-based mobile payments offer a comprehensive ledger that can act as a complete banking solution. This approach is less expensive and consolidates various functions such as settlement and messaging in one. This could potentially make pure messaging platforms such as SWIFT obsolete, as discussed last week.
Overall, blockchain has the potential to address some of the challenges that mobile payments face, such as high intermediation, security risks, as well as inefficient bookkeeping efforts. Suppose the native tokens on a blockchain-based mobile payment system started being accepted as currency, they could potentially lower the barrier to entry, as many mobile payment providers such as ApplePay still rely on the user having a standard bank account.
A few challenges remain, such as making decentralized IDs easy to use for mainstream users, and ensuring that compliance procedures like AML and KYC can be adhered to when implementing them. Additionally, most blockchain protocols in existence, simply lack the scalability to host mobile payments that process hundreds and thousands of transactions each second.
Hard Forks such as the recent Taproot Upgrade on Bitcoin, could pose huge challenges for any businesses deploying their applications on them. For mobile payments to sustainably run on-chain they require a complete network that is easy to deploy, quantum secure, and energy-efficient. A network where any user could run their own node to be in complete control over their funds and keep track of their transactions.