MasterCard Details Open Source Plan
Suppose your bank's retail customer wants to use a mobile phone to accept credit cards at a garage sale she's planning. MasterCard Inc. has an app for that.
The Purchase, N.Y., company says it will soon have other novel applications as well, courtesy of the independent developers it is hoping to recruit to incorporate its payments systems into their products.
MasterCard showed off the garage sale tool last week during a conference for analysts and media at its headquarters (see story) — the first detailed look inside its efforts to get third-party developers to create payments applications since it announced in May that it would open its software platform.
Though the app was built by a MasterCard employee, and the company does not plan to release it to the public, it shows the kind of innovation that could help make payments systems more widely used on mobile phones and other devices.
"The advantage of this whole concept is that you are relying on others to do some of the development and some of the innovative thinking that will build on the resources that you have already," said Beth Robertson, the director of payments research at Javelin Strategy and Research.
Garry Lyons, the head of MasterCard Labs, said that opening its payments technology could significantly expand the reach of its network.
"This is not just about a technology play to us," he said at the event. "It's about building the ecosystem."
The program is set to go live by yearend.
The garage sale card acceptance application runs on mobile phones that use Google Inc.'s Android operating system.
Developers that want to use MasterCard's systems will be able to register online to gain access to the payments company's application programming interface — or API — which will let them use MasterCard's network.
Lyons said applications using the API will be able to incorporate MasterCard's payments capabilities and could potentially weave in technology from other companies.
But MasterCard will be in control of the entire process, he said. It will dictate the elements of its payments network that programmers can design around, and it will be able to block any specific applications or developers that might seem shady.
However, MasterCard offered few details on how it plans to maintain security after opening up its technology to outsiders, prompting some analysts to express concern.
Lyons said there will be no screening process to block certain programs that could steal a user's personal information before such apps go live.
"We are not opening up the network to hackers," Lyons said, however.
"We don't have a process similar to Apple, so you don't have to wait for MasterCard to approve your application," he said. "We've deemed that that's not necessary at this time."
But some observers disagreed with this approach.
"If they are going to have a direct MasterCard website that is going to make these applications bundled, then they should be screening the applications, and they should be offering security services," said Avivah Litan, a vice president and distinguished analyst at the Stamford, Conn., market research company Gartner Inc.
Aaron McPherson, a research manager for payments at IDC Financial Insights in Framingham, Mass., said MasterCard's security strategy is unclear.
"It just seems like there [are] a lot of missing pieces here," he said, "which makes it difficult to determine how real it is."
He also said that MasterCard's efforts to recruit developers might be overly simplistic.
MasterCard is taking a build-it-and-they-will-come approach, McPherson said. That might work for other major technology companies, such as Apple Inc., but it might not work as well for MasterCard.
"There is this balancing act. They are trying to build their debit network, and they don't want to be angering the banks," McPherson said.
MasterCard is trying to increase its debit market share and entice banks to switch their debit portfolios, McPherson said, and the last thing it wants to do is upset its bank issuers. (MasterCard has long lagged behind rival Visa Inc. in the debit market.)
Lyons said MasterCard has not yet decided how it will distribute any payments tools that the program yields, though it is considering an "app store," similar to the one Apple operates for iPhone users.
Litan said that model typically requires the app store to take on the job of maintaining security for apps.
"It's the app store that has to screen the applications. Certainly you don't see that with Android and other open platforms, and there are security issues there."
Litan said MasterCard will most likely supply "back-end" payments functions to programmers who are unsure how to design tools that can process credit card transactions.
She said she suspects that MasterCard's API will function much the way an e-commerce website does and that there will be little difference between an online check-out cart and a piece of the MasterCard network woven into an app.
Still, MasterCard might not be showing its full hand at the moment.
"I think this is big enough that they can't just cobble it together, so they have to be careful about network security and their brand, and they don't want to do anything that will blow either one of those," Robertson said.
"I didn't think it sounded tentative, though. I would have liked more specificity, but I also think they may have their reasons" for keeping some details under wraps.
And despite all the uncertainty, Lyons appeared confident that developers will soon have a crack at creating MasterCard payments applications.
"We want to launch a number of innovations, without having to come up with these innovations ourselves," he said.