April 24, 2017
Authored by: Stan Koppel
On April 20, 2017, the American Banker reported that U.S. Bank’s new high-end credit card features an interesting differentiator from the high-end cards recently introduced by other large credit card issuers. U.S. Bank’s new high-end credit card significantly incents mobile usage over conventional swipe or chip dip for purchases. While the other card offerings typically provide triple miles for travel and entertainment purchases, the U.S. Bank “Altitude Reserve Visa Infinite” card puts its money on getting cardholders to enroll their cards in mobile wallets – Apple Pay, Android Pay, Samsung Pay and Microsoft Wallet.
For a generation of customers who want to do everything, or as much as possible, on their phones, millennials have not adopted mobile payments as quickly as expected. Personally, I constantly encourage everyone to enroll their cards in the mobile wallet on their phone ASAP and use it that way at every opportunity.
I do that for two reasons – 1) it is much more secure than swiping your stripe or dipping your chip and 2) it is much faster than inserting your chip card at the terminal to complete the transaction.
Plus, it looks really cool to wave your phone at the terminal and “boing” you’re done. I smugly watch the people in line behind me watching this transaction with interest.
The transaction is more secure because the phone wallets keep card credentials in a secure element on the phone, which is highly resistant to hacking, and more importantly, does not transmit real card credentials to the merchant. Instead, the merchant only receives a one-time use tokenized version of your card credentials. This means that if the merchant’s database is hacked, the tokenized version of your card credentials that are exposed are just useless gibberish.
This saves the card issuer from eating losses under Reg Z for unauthorized transactions and crediting your account for charges the hacker racked up on a spending spree for fenceable goods. Actually, most of those unauthorized charges flow back to the merchant who was hacked, but the issuers whose cards are exposed typically do not recover their full costs.
Unfortunately, tokenization may not yet save the cardholder the inconvenience of having his or her card replaced. It is not clear whether issuers have implemented the ability to recognize and selectively avoid replacing cards when the credentials were exposed only in tokenized form in a hacked database. This benefit to cardholders, and to issuers and merchants who would avoid costly chores and lost sales, may not be realized until tokenization is much more widespread.
U.S. Bank has made the decision to lead the way in driving customers toward mobile wallet use. We view this as a smart move and one that we hope to see widely adopted by the industry and consumers.