IN recent years, e-commerce has really taken off. One can buy almost anything on the Internet from any part of the world.
But digital commerce is no longer restricted to just computers and smartphones. With the Internet of Things (IoT), there are now a plethora of things, including connected devices, appliances and various other instruments, that have the potential to disrupt commerce and usher in new payment form factors.
“As a result, payments are becoming more of a commodity in the commerce experience. Consumers expect frictionless checkout experiences combined with the same level of security across all devices as exists today with other more established payment forms,” says Euromonitor International global head of digital consumer research Michelle Evans in a report.
The report notes that consumers are shifting from type to voice interfaces with personal assistants powered by the established smartphone and emerging wireless speaker categories driving this uptake.
Euromonitor International estimates that nearly 81 million wireless speakers, such as Amazon Echo, will be sold globally in 2017, with that category expected to expand 84% from 2017 to 2021.
It adds that Artificial Intelligence is also likely to transform many industries in the next decade, including payments.
Infinitium Group chief executive officer Ho Ching Wee is, no doubt, excited about such developments.
“I like technology,” he says sheepishly.
“One of the things that got us very excited is IoT payment. Some of these will be coming quite soon,” he adds.
In the authentication space, Ho explains that authentication is currently done on the cardholder, whereby the payment is initiated by the cardholder who wants to make a purchase online.
“When it comes to IoT, it is no longer the human being that initiates the transaction. Now, it could be a machine or the device. So it could be your fridge, your car, washing machine, any device. Your house could be initiating these transactions.
“So the questions now is, how do we then authenticate that this machine belongs to you and that you have authorised this machine to do this transaction. As you know, the more automated it is, the higher the risk of compromise,” he says.
This is one of the areas that Infinitium is currently doing a lot of research and development in to identify the best process for machine authentication and how to protect that machine authentication.
Ho opines that it may take some two to three years before such payment methods take hold in Asia.
He notes that in the US, some of the voice assistance like Alexa have been embedded with payments capability.
“So if you tell a voice-activated assistance to book cinema tickets and whatnot, payment is kicking in already and they are actually sending the data over,” he says.
Another area that tickles Ho’s fancy is tokenization.
Tokenization is the process of replacing sensitive data with unique identification symbols that retain all the essential information about the data without compromising its security. For example, payment data like your card number will be converted into a one-time use type of payment.
“So that if it ever gets compromises, it only gets compromises one time, rather than your full account,” he says.
If you were to ask how ready is the local market for such payment methods, Ho will tell you that Malaysia has always been at the forefront of payment innovations.
“In the early 1990s, when there was no authentication method here yet, Visa and Mastercard created a protocol called secure electronic transaction (SET). They created it in the US. But do you know that Malaysia is one of the pioneers in this?
“At that time, we had about four banks that embarked on this. Of course, it didn’t really take off, because it was based on public key infrastructure (PKI) technology. The implementation was too troublesome. You’ll be given one CD and four diskettes. You need to load it and a key will be generated into your device every time you buy using your notebook. And every year, you have to go back to the bank to get a new PKI key.
“Because of that, it was too costly and it didn’t really take off. But Malaysia was one of the early adopters. There was no other countries in Asia that adopted it,” he recalls.
Likewise, in 2009, Malaysia was one of the first countries to adopt the dynamic one-time password (OPT) as mandated by the centra bank, says Ho.
At that time, e-commerce transactions were mostly authenticated with a static password.
“So is Malaysia ready for all these innovations? I think so. We have always been early adopters of these technologies. So for mobile payments, or contactless, scan-and-pay or tap-and-pay, I believe the market will be ready,” he concludes.