Risk
1/4/2011
11:19 AM
Connect Directly
RSS
E-Mail
50%
50%
Repost This

Google Prepping Retail Mobile Payment Service

The service, based on near-field communication, would allow consumers to wave smartphones to pay for goods, use discount codes, say reports.

Top 10 Google Stories Of 2010
(click image for larger view)
Slideshow: Top 10 Google Stories Of 2010
Google reportedly this year will debut a payment and advertising service for retail mobile payments.

Based on near-field communication (NFC) technology, the service would let consumers pay for items merely by waving or tapping their smartphones near a register at checkout, according to Bloomberg Businessweek, which cited two people familiar with the plans. Google's plans include a phone chip that would include a shopper's financial information, as well as any coupons or gift and store-loyalty cards, Businessweek said.

NFC wireless transmits and receives data from a distance of 4 inches.

"You'll be able to walk in a store and do commerce. You'd bump for everything and eventually replace credit cards," Eric Schmidt, Google CEO, said of NFC at the Web 2.0 Summit in November.

Google is not alone in targeting mobile payments, a market expected to be worth $1.13 trillion by 2014, according to IE Market Research. Visa, MasterCard, PayPal, Bank of America, AT&T, and Verizon also are vying for dominance in this arena. Online auction site eBay, parent company of PayPal, may launch its own commercial NFC service in the second half of 2011 and is open to partnering with companies like Google, Laura Chambers, senior director of PayPal Mobile, told Businessweek.

On November 16, Verizon Wireless, AT&T, and T-Mobile USA formed Isis, a national mobile commerce network.

"We plan to create a mobile wallet that ultimately eliminates the need for consumers to carry cash, credit and debit cards, reward cards, coupons, tickets, and transit passes," Michael Abbott, Isis CEO, said at the time.

In December, Visa approved DeviceFidelity's In2Pay MicroSD for smartphones such as some BlackBerry models, the iPhone, and the Samsung Vibrant Galaxy S.

"In addition to issuing plastic magnetic stripe or chip-enabled payment cards, financial institutions can now consider offering their account holders a new technology that enables them to transform their existing phones into fully functional mobile payment devices," said Bill Gajda, head of Visa Mobile.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-5704
Published: 2014-04-15
The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such."

CVE-2013-5705
Published: 2014-04-15
apache2/modsecurity.c in ModSecurity before 2.7.6 allows remote attackers to bypass rules by using chunked transfer coding with a capitalized Chunked value in the Transfer-Encoding HTTP header.

CVE-2014-0341
Published: 2014-04-15
Multiple cross-site scripting (XSS) vulnerabilities in PivotX before 2.3.9 allow remote authenticated users to inject arbitrary web script or HTML via the title field to (1) templates_internal/pages.tpl, (2) templates_internal/home.tpl, or (3) templates_internal/entries.tpl; (4) an event field to ob...

CVE-2014-0342
Published: 2014-04-15
Multiple unrestricted file upload vulnerabilities in fileupload.php in PivotX before 2.3.9 allow remote authenticated users to execute arbitrary PHP code by uploading a file with a (1) .php or (2) .php# extension, and then accessing it via unspecified vectors.

CVE-2014-0348
Published: 2014-04-15
The Artiva Agency Single Sign-On (SSO) implementation in Artiva Workstation 1.3.x before 1.3.9, Artiva Rm 3.1 MR7, Artiva Healthcare 5.2 MR5, and Artiva Architect 3.2 MR5, when the domain-name option is enabled, allows remote attackers to login to arbitrary domain accounts by using the corresponding...

Best of the Web