According to CCS Insight’s global forecast, by 2018, over 250 million smart wearable devices will be in use – 14 times more than in 2013. The shipments of smart wearable devices are expected to grow rapidly – from 9.7 million in 2013 to 135 million in 2018.
Traditionally, the provisioning of the wearable devices with the underlying payment account credentials has been a challenge. It can either be done by permanent coupling of the payment token to the underlying payment card account credentials during manufacturing, or via complex remote provisioning procedures, using trusted service managers or equivalent entities (yet another party in the value chain asking to be paid for the sophisticated and sensitive service), etc. What if a consumer wants to have another card linked to the same NFC wearable device a couple of hours later or wants to alternate between several underlying payment card accounts at his/her convenience? Can these provisioning flexibilities be achieved and the whole provisioning ecosystem greatly simplified? The good news is that the answer is a resounding YES, with decoupled tokenization.
The Decoupled Tokenization as originally described here is simple to implement payment innovation that enables fully flexible, very cost-effective, mass production of pre-tokenized NFC stickers, NFC wearable gadgets like NFC bracelets, NFC rings, NFC key-chains, etc., which is fully EMV-compliant and very secure.
For those new to the concept, the payment tokens in a “decoupled” payment tokenization framework can exist in two states:
- INACTIVE: When linked to a NULL underlying payment card credential inside the tokenization service provider (TSP) that is in charge of the linking. In this state, a payment token can’t be used for payments, i.e., all transactions initiated with an INACTIVE token will be rejected.
- ACTIVE: While linked to the real and legitimate underlying payment card credentials (PAN, expiry).
Consumers use their smartphone on-demand and securely manage the state of the payment token inside the NFC wearable. They “activate” payment token inside the NFC wearable by securely linking its payment token to the real underlying payment card PAN data of their choice. As part of the activation procedure, the consumer must prove to the underlying TSP, which is in charge of linking, that they are the legitimate owner of the underlying payment card by going through 3D Secure authentication steps (or alternative authentication of equal security level). Consumers are therefore fully in charge and control setting the parameters associated with the current linking:
- Maximum spending allowance for the current linking
- Maximum number of transactions allowed for the current linking
- Maximum duration of the current linking
After the payment token inside the NFC wearable device has been securely linked to the underlying payment card credentials, the device can normally be used for NFC contactless payments, as long as TSP – which is in charge of the de-tokenization step – confirms and guarantees the underlying payment card issuer that the payment token EMV cryptogram validation was successful and that all parameterized restrictions, attached to the current linking (i.e., maximum spending allowance, maximum number of transactions allowed, etc.) are in range and not exceeded.
Consumers can easily “deactivate” payment tokens inside NFC wearable devices using their mobile phone in a similar fashion. Deactivation instantly removes (invalidates) the current linking inside TSP Token Vault and relinks the device’s payment token back to the NULL underlying payment card credentials. TSP also automatically deactivates the payment token when any of the assigned parameter restrictions are exceeded. After the deactivation of the payment token, the device will be incapable of being used for payments until the next successful activation, which can be directed to the same or different underlying payment card.
Such NFC wearable devices, supported by decoupled tokenization-capable TSP Token Vault could easily be offered and sold at the regular store shelves since they will be manufactured as “inactive.” They could be offered as MasterCard, Visa or Amex-branded. Multi-branded wearable devices could also be offered as long as the PPSE file inside the wearable can be easily manipulated in order to set the NFC applet priority level, according to the underlying payment card brand which is currently actively linked to the payment token.
Multiple wearable devices can be linked to the same underlying payment card account at the same or different time – all with the specific spending restrictions assigned. Kids, for example, can have their own NFC-enabled bracelet, ring or sticker (inactive most of the time), and be privy to instant on-demand allowance whenever they need it, regardless of where their parents happen to be; as long as the parents have smartphones with them, the NFC wearable can be enabled in an instant. Parents, on the other hand, have full control of the kid’s spending since all transactions will be authorized from the parent’s payment card account.
I can only hope that the major payments industry players will take notice and embrace this type of innovation since wearable devices are clearly an exciting part of the future of payments; simplification of their manufacturing and provisioning – without sacrificing security – can enable a very bright future.