The War Over Encryption

Time and time again, we find that competition drives innovation and brings new and better products to the people. It is in evidence foremost in the field of technology where invention is sparked seemingly every day. That competition is obvious in the area of smartphones but, deeper still, there is a battle going on over the encryption involved with these mobile devices, specifically in mobile payments.

War Games

Awhile ago, you may have heard of Verifone releasing an app that illustrated how easy it was to skim someone’s credit card info with the dongle from mobile payment company and competitor, Square. “Skimming” basically involves the theft of credit card information from a legitimate transaction to use towards illegitimate transactions.

Square evolution
Square recently upgraded their dongles to meet proper security measures.

Verifone also happened to write an open letter to Square illustrating the possible hazards involved with the small device and its lack of security. Likewise, online payment giant PayPal delivered on a new “digital wallet” called PayPal Here that directly challenged Square, touting its own strong hardware encryption.

And so it was obvious what came next, as it is now being reported that Square has updated its credit card reader to support hardware encryption, now in concert with its competitors. Square’s devices will encrypt credit card data, turning it into audio after a card is swiped, before it is finally sent to the given mobile phone.

With this addition, only the Square app will be able to decipher the data, reducing the viability of using Square dongles to skim. Moreover, Square has decided to replace old dongles (that lack the security) in use already. Competition pulls us up.

Tokenization

Higher still is something called tokenization. Like encryption, it secures one’s credit card data and in effect makes it useless to any third party attempting to skim. Tokenization, relative to other types of encryption, happens to

Tokenization
Tokenization makes for a safer transport of credit card data.

be a more secure way of traveling payment data across digital platforms. Tokenization is also the most effective way to simplify PCI reporting and minimize a service provider or merchant’s compliance footprint. Added together, reducing the risk and reducing the burden, the tokenization diminishes the costs associated with the handling of credit card data.

TokenEx, founded in 2010 by Dr. Jerald Dawkins and Alex Pezold, seems to be the lap leader with this technology and has already been implemented in storefronts.

With credit card payments becoming more ubiquitous and more digital, fraud, too, has become increasingly more pervasive. Tokenization, then, provides the next technological wave forward.

Forward

Indeed, the next battles to be waged over payment security will be fought on these new soils of innovation and technology. Press conferences will be called. Letters will be written. Patents will be established and sued over – then sued over again.

New devices, new apps, new services. After all that, finally, as the dust settles and battlelines are drawn elsewhere, we can feel complacent in our knowing of this thing most of all: the customer will always win out.