Global payments company Visa has added 13 companies to its internet of things (IoT) payments programme, including Infosys, Mahindra Comviva, and Mumbai-based PayCraft. Through this, the companies will act as a token service provider (TSP) and will have to adhere to a standards-based approach for IoT payments. They will also get access to Visa’s network of tools and services for deploying digital and device-based payments.
This will include the Visa Token Service which provides tokenization service for cards. Tokenization is a security technology that replaces cardholder information, such as account numbers and expiration dates, with a unique digital identifier that can be used for payment without exposing a cardholder’s more sensitive account information. Through this, Visa can link a card to devices such as appliances, car key fobs or wearables with a token, which can be used for payments.
Other companies who are added as TSPs are Rambus, Digiseq, FOO, Pri-Num, Seglan,HST, Prosa, VeriTran, and YellowPepper.
Visa began the token service provider program in October 2016 with initial partners Giesecke+Devrient (G+D), Gemalto and Inside Secure.
IoT Payments in India: Meanwhile, in India, connected device payments got a heartbeat in 2016. GOQii’s new fitness tracker will allow NFC payments through Axis Bank. However, it is necessary for users to have an account on Axis Bank for the feature to work, and it will be available in over 1 lakh merchant establishments across the country.
MasterCard IoT payments: Note that rival MasterCard had a programme called Commerce For Every Device in 2015, where wearables and fashion accessories could be converted into a payment device as a foray into IoT payments. Similar to Visa, MasterCard provided tokenization services for existing cards and customers had to link your existing debit or credit card to the devices. MasterCard’s connected devices needed a special POS terminal with NFC to accept payments. It is unclear what Visa’s acceptance infrastructure is like at this point.
Interestingly, MasterCard’s CEO Ajay Banga was critical of IoT technology security, as indicated by this Diginomica report. He cited an example that a connected fridge should not be talking to a toaster, but it should probably be allowed to talk to an online grocery store to make purchases. When devices are connected without communication protocols they could be easily hacked and data might be lost in the process.
Banga said IoT will need specific identification of devices that are connected to the Internet, managing them in a way that their security is protected.
“But the whole authentication topic is the much bigger topic than what a payments company in its payment space will focus on. I just think there is a whole digital footprint, digital ID authentication issue that to me is also a business opportunity for companies like ours, if we use our skills and capabilities to extend into that space,” he added.