INTERVIEW: Natural Security Alliance CEO Cédric Hozanne on mobile payments
17 October 2014 12:00 GMT

Natural Security Alliance CEO Cédric Hozanne wants to promote a new user experience for transactions

By Craig Guthrie, deputy editor

With Apple Pay's launch imminent, and rivals implementing and developing their own biometric-based mobile payment strategies, the way we view our devices, and wallets or purses seems set to change forever.

It is a landmark change that could be compared to the arrival of the Diners Club card in 1950 – or perhaps even currency itself in ancient Mesopotamia, and many consumers appear eager to move on and accept it.

But what about the people behind the till? Some retailers are excitedly expecting quicker, more secure transactions, but others are concerned about a payment system that represents a major shift from what they’ve known for decades.

The Natural Security Alliance has been working on these issues since its formation in late 2013. Despite its relative youth, the body has already attracted 61 influential members from the retail, banking, payment provider, and IT communities and more are joining every month – including firms such as Visa, Mastercard, BNP Paribas and Bio-key.  

Planet Biometrics talked to the Alliance's CEO, Cédric Hozanne, about the future of mobile payments and how his organisation is shaping it.

CG: What is the Natural Security Alliance's role in the mobile payments industry?

CH: The mission of the Natural Security Alliance is to promote a new user experience for transactions based on biometrics and wireless communication. We want to avoid the need for users to manipulate smartphones or tablets when making payments.

We are similar to organisations like the Bluetooth association, because we promote our standards and best practices for vendors like banks or retailers.The alliance relies on specifications, available to all vendors, to implement the Natural Security Alliance standards. 

CG: How do you feel about the rapid development of mobile payments systems like Apple Pay?

CH: It is very intelligent for Apple to use technology based on NFC and biometrics. This makes it possible for them to roll out the Apple Pay system quickly in the US, and possibly in Europe and other countries. It is also a great opportunity for us, because Apple is a trendsetter. But will it provide a great user experience?

For customers, it is very interesting to use because it is new and it uses biometrics, but the next step will be transactions where the customer does not need to manipulate their device.

Apple Pay is interesting but key questions remain regarding deployment in regions like Europe – as we don’t have the same interchange rate like in the US. It will be very interesting to see how the business model evolves in Europe.

CG: What are the challenges raised by Apple Pay?

CH: Today, Apple provides a great user experience to the customer, but in our point of view it would be better if users did not have to manipulate their devices. We want to provide a different kind of value proposition to the retailer, because today, for retailers, it is very interesting to reduce the time spent by users for payments.

In Apple’s case, it does not reduce the time spent paying, because you have to manipulate the smartphone. You present your smartphone to the target NFC, you put your finger on the scanner and then place it back in your pocket. So it is not so convenient for consumers and it takes time.

Mobile payments are very important for retailers as the Mobile phone is becoming a ‘de facto’ form factor standard for payments. The key issues for them are both to speed up the payments and to develop new services based on mobiles such as mobile coupons, loyalty points. Speed and convenience are very important for merchants, but privacy and security are also key. Because if a solution is not compliant with the local regulator – the merchant is taking a high risk. Breaches can destroy consumer confidence as happened with Target in the US.

CG: Why is it important to have an authentication standards for online and offline transactions?

CH: Large actors such as Apple are creating proprietary / non-standard environments. It is better to use standards because these can be shared by a large number of actors. This makes authentication technologies easier to implement and easier to manage. Organisations like Google and Apple can simply change their rules after a large rollout, so in some ways it is a threat for vendors to back companies like Apple.

It will be better for retailers to turn to another solution like Natural Security Alliance because we are not a large actor aiming to shape the business environment. Rather, we just provide some specifications that the whole industry can support and then return to business as usual.

The very interesting point about Apple Pay is that it uses a tokenisation system to avoid the use of personal account numbers. But right now the main issue is not the transaction, but the authentication of the customer, just before the sale.

CG: Tell us more about the secure storage of biometric data?

CH: The key point is to assess how the authenticator is designed, and how it deals with the biometric data, because if you deal with this data in a non-secure environment, then it is a privacy issue. This is the key issue for the customer.

All authenticators based on Natural Security have to be approved by us following testing in labs like UL and based on certification from independent third parties that prove the implementation is secure and privacy compliant. Today, Apple is not able to do that.

CG: How does your alliance interact with the Fast Identity Online (FIDO) Alliance?

CH: We are a member of the FIDO alliance. The difference between us is that FIDO provides specifications to provide a protocol between a server and an authenticator – this can be PIN-based, biometrics-based or something else. Natural Security provides the specifications to implement authenticators. So you can combine Natural Security and FIDO and we both bring an advantage to organisations. We are fully complementary.

CG: Can you tell us about some recent developments at Natural Security?

CH: Well last week we welcomed certgate, a global leader in mobile security technology located in Germany and this week we are excited to have been joined by Japan’s JCB, which is a major global payment brand and a leading credit card issuer and acquirer.

Related articles

New Alliance to promote wireless biometric transactions