Cashless payments are more popular than ever. This trend was also accelerated in particular by Covid-19. In Germany, for example, an increase of 20 % was recorded in the first half of 2020. Every second payment was even made contactless. Nevertheless, there is still some catching up to do in Germany compared to other countries that already have a higher rate of cashless payments.
In addition to the “classic” variant of cashless payment via bank card, contactless payment via smartphone is also becoming increasingly popular across Europe. As a recent survey shows, around 12 % of the Europeans surveyed already prefer paying by smartphone.
Contactless payments will gain further momentum
With contactless payment, the card is held against a card reader at checkout and does not need to be inserted anymore. For small amounts it is even not necessary to enter the PIN. In view of the pandemic retailers have been encouraging customers to pay in this way to avoid contact and a possible infection.
With contactless payment by smartphone, the app on the smartphone replaces the bank card. For further strong growth two requirements will play an important role:
- Retailers, small merchants, market, and street vendors must be enabled to accept mobile payments, without the need to invest in traditional card readers.
- Mobile payment for small sums must be supported, as demanded by customers.
At this point the question arises as to how the first requirement can be implemented in an affordable and simple way.
PCI standards are paving the way
The PCI Security Standards Council (PCI SSC), founded 2006 by American Express, Visa, MasterCard, among others, is a “global forum that brings together payments industry stakeholders to develop and drive adoption of data security standards and resources for safe payments worldwide”. They are the governing body for payment standardization, technical requirements, and certification of payment solutions.
PCI has already recognized that contactless payment must be available for everyone, means by using the smartphone or tablet, which PCI calls in their own language a COTS (commercial off-the-shelf) device. Therefore, two standards are available now: the SPoC (Software-based PIN Entry on COTS) and the CPoC (Contactless Payments on COTS) standard.
Learn more about these standards and how Build38 can ensure the security of payment apps in our next blog post.