Smart Card Talk : January 2011 : Executive Director’s Letter

Executive Director’s Letter

Dear members and friends of the Alliance,

My January 2011 letter is a look forward to what promises to be a very interesting year in the smart card industry and a preview of some of the important industry milestones on the horizon. Before looking ahead, let me briefly look back on 2010 and the successes, failures and unexpected events that occurred which will help shape the new year ahead.

Looking back, I predicted that the first U.S. bank-issued EMV credit cards for international traveler use outside of the U.S. would arrive in 2010. I was correct with the United Nations Federal Credit Union issuing EMV cards to their members and was caught by surprise by Travelex, a non-bank issuer known by most travelers as the airport currency exchange company, scooping the banking industry with a free prepaid chip & PIN debit card that travelers could use to exchange U.S. dollars into euros or British pounds. No need to change banks or apply for a new card that would only be used when traveling abroad–I can pick one up at the airport and use it, then get U.S. dollars back after my trip. On the mobile front, NFC technology proved to be stubbornly slow to arrive; even the much anticipated add-on devices that add NFC features to existing handsets were not available in 2010 except in limited pilots. However, the late year availability of the Nexus S phone at big box retailer Best Buy, pronouncements of NFC support by Google Android, RIM (maker of Blackberry), and widespread rumors about Apple’s iPhone 5 and iPad2 arriving this summer with NFC, have made the arrival of NFC phones and more add-ons in 2011 almost a guarantee. Lastly, my expectations that government policy leaders for healthcare IT reform would embrace smart cards for the two-factor authentication that was required in the original HITECH Act and HIPAA rules have not materialized. The pressures to show progress on meaningful use of electronic health records pushed the requirement for strong authentication for health record exchanges off the table for now.

Looking ahead, I see the mobile phone rapidly becoming the center of attention in 2011. Just look at the progress in the past few years–the iPhone didn’t exist 3 years ago and, in many ways, Android-based phones have already surpassed it. The mobile app store has become the delivery source for 10 billion mobile application downloads in less than 3 years. The dazzling rate of change that occurs in the mobile applications markets and the rapid growth of smart phones will result in new payments applications, along with new cross marketing opportunities among retail merchants, transit operators and payments providers. 2011 is also expected to be a coming-out party for mobile network operators becoming a major force of change for consumers viewing their phones as payment devices and social networking enablers. Innovative software providers will be delivering apps that use the mobile device’s integrated camera, GPS function, web browser, mobile wallet, and NFC reader to enable users to search, shop, and pay for things with their mobile device. We can expect the established payments networks–Visa, MasterCard, American Express, and Discover–to commercialize their mobile strategies after years of development and testing. New entrants like Isis (a joint venture between AT&T, Verizon Wireless, T-Mobile, Discover, and Barclaycard as the founders of a new mobile payments network for physical retail store purchases as well as cloud-based services) will compete with them and with alternate payments providers such as Google, PayPal, and BlingNation for a piece of the rapidly growing mobile commerce pie.

The other big story is going to be the effect the Federal Reserve Bank has on EMV and contactless payments adoption. With big changes possible in debit card interchange rates and with the Fed’s potential move to tie those rate reductions to better payments security, the Fed’s actions could provide the carrot and stick that finally pushes the market forward on a path towards the convergence of EMV in cards and mobile payments. At a minimum, the discussions have energized all of the stakeholders to seriously look at what the next steps will be. I expect one major commercial bank to be a first mover by issuing dual-interface technology (contact and contactless) EMV cards and this will set the tone for everyone else. Progress in the further acceptance of contactless open bank card payments by transit agencies will be measured by major contract announcements for such systems in Philadelphia, Chicago, Washington, DC, and Toronto.

On the identity and security front, we expect the Federal government to continue its efforts to align the usage of the Federal PIV card for logical security as well physical security. With over 3.4 million credentials issued to Federal employees and contractors (76% of the target population), agencies are being pressured to demonstrate the PIV cards are being put to use in protecting Federal communications and access. Recent interest by state CIOs looking to move more government services online have raised the interest in PIV- I (interoperable) IDs at the state and local government level. The National Strategy for Trusted Identities in Cyberspace (NSTIC), a federal cybersecurity initiative to form a public/private partnership to establish trusted identities to enable safer eCommerce, is also moving forward with the establishment of a program management office to begin laying out the framework of a new open standard, trusted identity platform. While these cybersecurity discussions are just getting started, the healthcare industry is finding out how difficult it will be to move electronic health record (EHR) exchange forward without a strong digital identifier and strong identity authentication for the patient records and the health providers entrusted to protect patient data at rest and in motion. ONC so far has kicked the can down the road in the interest of showing progress in establishing meaningful use for EHRs, despite the recommendations by privacy and security experts that future adoption will be filled with risks without a strong security and privacy policy.

So, how will industry followers know how all of this is going to shake out in 2011? By following the Smart Card Alliance, of course. With three major conferences scheduled (Mobile and Transit Payments Summit in February, 2011, Smart Card Alliance Annual Conference in May, and the Smart Cards in Government Conference in November), plus other webinars, workshops, and industry position papers and white papers planned, plus this monthly newsletter–we will keep you informed. I would also encourage organizations who have not joined the Smart Card Alliance to come on board this year. It’s also a great time for individuals to consider joining the LEAP individual professional development program this year and applying for the CSCIP smart card certification training course and exam so that you have the training and skills needed to maximize your potential as a smart card industry professional. The Smart Card Alliance is preparing the way, through its communications, education programs, conferences, industry councils, networking, and market-building projects, to having a prosperous year for the smart card industry in 2011.

Sincerely,
Randy Vanderhoof
Executive Director