Zapp – a crazy idea that will probably work

Early risers will have heard Peter Keenan on the Today programme yesterday pitching Zapp – the new payment venture from Vocalink. Payment start-ups are everywhere right now but it takes boundless self-confidence to take on Visa head-on. Zapp has plenty of challenges but will very probably succeed.

You can read the detail about how it works on the Zapp website.

Essentially, it’s a new debit scheme in which the transaction is directed straight from the merchant to your current account and you approve the payment in your banking app. No need for Visa, Mastercard, 15 digit card numbers, CVV, 3D secure etc.

What’s better about Zapp?

The mobile payment experience is the best I’ve yet seen. You’ll see a Zapp button on at the checkout next to the Visa, Mastercard and Paypal ones. You hit the Zapp button, your banking app opens and you approve the transaction.

The bill payment experience is also pretty good. The gas bill arrives, you scan the QR code on the bottom and are taken straight to your banking app to approve the payment. This is so much quicker than sitting down at the PC and making an internet banking transfer.

You get to see your bank balance before pressing “confirm.” This is a big advantage for many cash-strapped shoppers today.

It’s fundamentally secure. Digitising the plastic card payment systems while locking down security has impacted customer experience. 3D secure. Enough said.  Zapp works with one-time tokens so can offer a great user experience without imposing a disproportionate security burden on acquirers and merchants.

Why should Zapp succeed?

Zapp is very well funded by Vocalink. I nearly fell off my chair when I saw the marketing budgets. It’s safe to say there’s enough to ensure all UK consumers and merchants will know why Zapp is good for them.

The Zapp management team is experienced but, more importantly, have the right attitude. They have set out from the beginning to work with the grain of the ecosystem and clearly understand that success requires consumers, acquirers and merchants all to benefit. The Zapp team have actively listened to feedback and modified the proposition accordingly.

The Zapp proposition is well researched. Unusually for a payment start-up, Zapp began with a major piece of qualitative and quantitative field work. It’s nice to see best practice consumer marketing applied to a technology play.

Zapp is the most bank-friendly payment option. It puts the banking app to the front of shoppers’ digital worlds and give the opportunity to add additional current account related services such as credit products or insurance at point of sale. And it gives UK banks an option in case Visa becomes too independently minded.

There are still plenty of challenges

Yesterday’s announcement of five banks committed to Zapp is a solid start and represents about one in three UK current accounts. But there’s a long way to go to reach the ubiquity required to make the payment type attractive to merchants. In particular, Zapp needs Lloyds (30% share) and RBS (16%).

Barclays is still doing its own thing with PingIt and related products. Barclays isn’t big enough to move the market on its own but having a major player with a unique perspective is causing confusion among the retailers and giving some of them an excuse to delay investments.

Consumers don’t seem overenthused on banking apps. Mobile banking has been around for some years but WorldPay research showed just 20% of people are regular users. Zapp may be the service that finally gets the public downloading and activating banking apps but it’s a risk.

Zapp’s overall user experience is hostage to the user experience of the banking app. You hit the Zapp button and then have to pass security to enter your banking app. This can be very elegant or painful. But that’s up to the bank, not Zapp.

Banks move slowly and yesterday’s news release omitted firm dates for launch. Zapp requires deep integration to banking apps and will involve technical and strategic decisions within the banks. These are large organisations and can’t move quickly. This problem is is not unique to Zapp; the same issues have slowed down

The competition is moving quickly. Paypal has rediscovered its self-confidence and Visa seems finally to have unstuck the programme.

80% of transactions are still made face to face. There is a Zapp use case for payment at point of sale but it’s not compelling. No disrespect to them. Nobody’s cracked this yet. Chip & PIN works fine in Tesco and this limits the potential market for any online-only payment type.

Consumer protection is still a grey area. The public knows that paying with credit cards is advantageous and know that Visa debit gives enhanced safeguards. Zapp is still working on its scheme rules but will need Martin Lewis, Moneysaving Expert, to give his seal of approval.


Six things we’ve learned from the Target data breach

Target, the US retail giant, suffered a major data breach in the run-up to the festive season with 40m card details said to be at risk. This is the largest data breach since TK Maxx was hacked in 2007 at a cost of  $256m in fines, legal settlements and IT upgrades.

Target has given a textbook example of crisis communications. It has been clear and open with its customers. There is a comprehensive and regularly updated website with much detail, even including lists of each state’s law enforcement policies. Target is also paying for its customers to have a free credit check.

Payment card theft is still huge business. In a remarkably candid blog, security expert Brian Krebs showed how the card details stolen from Target were on open sale for $20 – $100 each, with foreign cards particularly in demand.

US retailers will now be even keener on mobile wallets. Relations between US retail and the card schemes remain frosty despite the apparent ending of the “swipe wars.” Rather than invest in estate-wide point of sale upgrades to Chip & PIN or EMV as it’s more correctly known, many US retailers are looking to mobile payment concepts, such as the Wal-Mart inspired MCX wallet to leap a generation and make plastic cards redundant.

Direct Implications to the UK are limited. Target’s data breach was caused by malware on the point of sale systems that was intercepting the card details from the magnetic stripe.  The incident is big news in the US but the rest of the world uses EMV which is much harder both to hack and clone.

UK retailers still need to check the security on their till and payment systems. Fraudsters are getting cleverer and, given the awful financial and reputational implications of a data breach, it’s a false economy not to invest in the latest and most secure payment services.

You are only as strong as your suppliers. Target hasn’t revealed what involvement, if any, its technology partners may have but retailers should always undertake due diligence regarding their suppliers accordance with Payment Card Industry (PCI) standards. Remediation should be available in case of non-compliance.

This was underlined before Christmas by the data breach at Loyalty Builder, an Irish supplier of white label loyalty programmes to Supervalu and Clearlys and others. 376.000 customer records were stolen including CVV codes. These are the three numbers on the back of the card and should never be stored. The Irish data commissioner was swiftly involved and Affinion (LoyaltyBuilder’s US owner) has already agreed a settlement of €22m – equivalent to 5 times Loyalty Builder’s annual profits.

Seven reasons retailers don’t need to be excited about iBeacons

The central problem for retail is not how to communicate with customers but what to say to them. iBeacons offer just one more option for the former but don’t make any contribution to solving the latter.

It’s certainly true that many retailers would like to be able to automatically identify customers (via their smartphones) as they enter and move around stores. This would allow them to offer personalized, location based communication. Ideally, these messages would be helpful for customers.

To do this, there needs to be a virtual connection made between the customer’s smartphone and the retailers’ systems.  There are a number of existing ways of doing this:

  • Customer scans a barcode
  • Customer taps an NFC tag
  • Customer checks in using a generic service like 4square or from within the retailer’s own app
  • Retailer geo fences customer using service from MNO
  • Retailer prompts customer to register for in-store WiFi

The latest idea is an iBeacon. Here’s a picture of one that’s part of a pilot installation at an Apple Store in New York. One vendor is offering them for around $40 each with another $10/month for analytics.


iBeacons are low-powered Bluetooth devices that talk to the store’s LAN. Shoppers who have enabled this on their smartphones (currently only iOS7 and the latest Android software) automatically connect when in proximity to the beacon. The retailer’s systems now know that you are in store and can push messages to the phone. The only catch is that the shopper needs to have downloaded an app that can “listen” for the iBeacons. This could be a generic loyalty app like Shopkick or the retailer’s own app.

Here’s why a lot of people are excited about iBeacons.

  1. It’s a push communication technology that doesn’t require customers to “check in.” This means that a greater proportion of shoppers are likely to receive whatever messages the retailer sends..
  2. It’s very short range so if you put multiple iBeacons in the store, you can send different messages depending on which department or aisle the customer is standing in. This is particularly attractive in grocery which is where vendors are pitching the technology.

US mobile loyalty start-up inMarket is funding the deployment of iBeacons in a number of large grocery stores – initially at American Eagle and Safeway. It has produced a helpful video that shows the vision.

Like many technology videos, these shoppers and scenarios make you wonder whether anybody involved in the making had ever visited a real supermarket on Saturday afternoon.

Here are a seven reasons not to be excited about iBeacons.

  • iBeacons don’t solve the central problem of what manner of intelligent dialogue a retailer’s systems might have with customers. If retailers had cracked this, we’d all be checking in to stores today using one of the other technologies listed above.

One commentator noted following a visit to New York: “I recently took a few laps around the Macy’s store in Manhattan, and all the app did was welcome me to the store each time I got near an entrance.”

  • If you’ve got compelling content, shoppers will be happy to check-in using geo-location. If you just want to say it’s 3 for 2 on beans, it’s cheaper and more flexible to put up a poster.
  • iBeacons are yet more hardware to maintain. They will take scarce LAN capacity and steal Wi-Fi bandwidth from other applications. They will need monitoring and a maintenance contract. They are battery powered and will need replacing annually.
  • Funding an iBeacon project is going to be difficult. It’s a cross-department problem. Marketing will get the benefit but will want IT to run the project and find the cash. A model is developing in the US in which generic app vendors (eg InMarket, Shopkick) bear the cost but that way lies madness. No self-respecting UK retailer will risk losing control of the in-store customer experience.
  • There’s actually no evidence that shoppers want to use smartphones to help them shop in supermarkets. Most of the time, shoppers know what they want and have visited the store often enough to know where to find it. They would like price comparisons and digital (not paper) coupons but you don’t need iBeacons to provide these.
  • Shoppers may be unwilling to leave their low-powered Bluetooth on. There are long-standing concerns around security and it’s yet another drain on the battery.
  • Marketers have a habit of abusing communication channels they see as “free”. We’ve seen this with email. There’s a limit to how many messages a shopper is likely to be willing to absorb before turning off. A couple of over-enthusiastic retailers could ruin a whole town for the technology.

UPDATE: in addition to the above, it seems that iBeacons are not secure. They just broadcast a number. This could be easily programmed into another iBeacon which could hijack the traffic. “It’s no different to a QR code,” I was told by a well-informed source.

Innovating new products to sell to large enterprises – a personal view

Business buyers are people just the same as  you and me but behave very differently when buying for their employers than when choosing products for their family.

Business people are considered purchasers and highly risk averse – the opposite of impulse buyers. They value long-term relationships with a small number of suppliers. They have long buying cycles policed by their procurement teams.

Essentially, if you’re doing a decent job as a supplier, you stand a good chance of keeping your customers long-term and the longer you keep them, the more profitable they become.

The converse is that getting new customers is hard. In fact, most large enterprises have procurement teams dedicated to reducing the number of suppliers and “encouraging” the business to look first to existing suppliers for anything new.

In my experience, innovation plays a critical role in both winning and retaining customers. There’s no doubt that the best way into a new account is to have a product that nobody else can supply. Even so, business buyers  typically mistrust new suppliers and will first ask their existing ones if they can match the new product or service within a reasonable delay.  Thus the existing supplier gets a strong incentive to innovate – the need to keep an account – but also a less risky business case as the first order is in the bag.

The key to successful B2B innovation is to stick close to your customers, to understand what their needs really are – at a business level, not just a technical one – and to ensure you give them a say in your product development.

One good way of doing this it to maintain a small consulting team. At BT Expedite, our CRM consultants got wider and deeper into accounts than anyone else and brought back both ideas and customers willing to pay for them. Clienteling (assisted service in luxury retail) is a great example.

Another is to formalise customer involvement in innovation through Customer Councils or other user groups. Used wisely, these not only help prioritise scarce development resources so that they can be targeted on new features that bring the most benefit, but they can also assist in avoiding one of the most common pitfalls – mistaking client demand for a market one.

I helped set up BT Auto-ID Services. We built a business around using RFID tags to help retailers manage their supply chain. Marks & Spencer were a world leader in adopting the technology and we were delighted to beat IBM to win their business. The project went well and delivered real benefit to M&S. We were in the papers. We made a really cool video and waited for the phone to ring. Surely all the retailers would want this?

Well, no they didn’t. It turned out that our solution solved a business problem unique to M&S and we’d not stopped to check whether other fashion brands would buy our services. I pitched our proposition to Simon Wolffson, CEO of Next. He was very polite but you could see he thought M&S were crazy to invest in our technology.

Innovation doesn’t have to be at the cutting edge of technology, of course. Business buyers respond equally well to a good service proposition. I’ve just launched WorldPay Total, the first time businesses can buy a complete payment service from a single supplier, serviced 24/7 from the UK with a dedicated account manager.  The component parts were each available before but never packaged together. We’ve already sold our first big deal.

This post was first published as a guest blog at Incite.