Professional Documents
Culture Documents
of autonomous
and invisible
transactions
White Paper
Contents
3. Forewords
4. Executive summary
5. Introduction
16. Conclusion
Drs Henkkuipers
“Thanks to its well-structured and thorough approach, this white paper gives you an excellent
overview of IoT payments. It explains many of the different types of technology that are applied
within this field, and it also discusses the varying business opportunities that arise.
Not only does it bring you up to speed with what IoT payments are about, but it also highlights
which developments can be expected in the coming years and what challenges lie ahead.”
Franck Leveque
Partner & Mobility Practice Head for Europe, Founding Member of Mobility Practice Frost & Sullivan
“This white paper provides insightful, practical perspectives into IoT payment
solutions, and highlights the core necessity for trust and accountability.
These trusted automated payment solutions will be a fundamental component
of the transformation of the automotive industry as its business model shifts from a one-time
sale to value creation throughout the vehicle life cycle, whether one talks about electric vehicle charging,
the download of new vehicle features on demand and other connected services, or shared mobility.”
Executive summary
Given this backdrop, perhaps it is not surprising that the IoT payments market is expected to be :
worth $27.6 billion by 2023, impacting every industry and disrupting the current payment model
landscape. Indeed, we believe that the IoT Payment Revolution is no longer a mere possibility,
but a certainty, driven by the significant benefits that it will deliver:
There has
estimated 200 million globally in the
AI being used to make decisions on
year 20004 up to 38.5 billion in 20205.
behalf of people or organisations and
Twenty years ago, a small percentage
been a huge
to take actions fully autonomously6.
of households may have had a single
device connected via a modem or
In this paper, we explain how
growth in the
router. Now, a vast range of objects are
these three trends are combining
connected, from toasters and watches,
to create what we call “The IoT
to light bulbs and thermostats, through
number of
Payment Revolution”. With electronic
to cars and trains.
payments already ubiquitous, and
with increasingly powerful connected
connected
In the last decade, we have also seen
devices able to run AI algorithms,
a rise in the use of Artificial Intelligence
we are on the verge of a world in
(AI), fuelled by the increased availability
devices, from
which these devices will autonomously
of compute power coupled with readily
trigger payments to organisations,
available state-of-the-art open source
people and even other devices.
an estimated
algorithms. We are now starting to see
Increase in digital payments The question now facing business
200 million
leaders in all sectors is not whether
IoT payments will become pervasive,
but rather how this change will impact
their products and services, and
what they need to do now to prepare globally in the
year 2000 up
for this future.
1. https://www.telegraph.co.uk/finance/businessclub/money/11174013/The-history-of-money-from-barter-to-bitcoin.html
2. https://blog.forte.net/electronic-payments-history/
3. https://www.capitalontap.com/en/blog/posts/the-rise-of-digital-wallets/
4. https://paxtechnica.org/?page_id=738
5. https://www.juniperresearch.com/press/press-releases/iot-connected-devices-to-triple-to-38-bn-by-2020
6. https://worldline.com/content/dam/worldline-new/assets/documents/whitepapers/hyperautomation_in_payments.pdf
We define IoT payments as payment transactions that are triggered by IoT devices
with a certain degree of autonomy (requiring low or zero human interaction), as shown in Figure 2.
of autonomy.
For example: a system in a smart city
that manages an annual repair budget
initiating prioritised purchases and
payments to suppliers based on the
elements that need attention or repair
7. https://www.arm.com/glossary/iot-devices
in the city at any moment such as
8. First published by Worldline here: https://worldline.com/en/home/knowledgehub/blog/2020/march/from-automatic-
to-autonomous-payments-can-things-pay.html streetlights, garbage containers, etc.
Full autonomous
Conditional Level 3
Event-driven Payments
Payments based on pre-programmed deterministic conditions set by
humans (e.g. smart contract clauses enforcement).
Example: Smart printer ordering ink. Smoke alarm ordering battery
Permissioned Level 2
Pay-per-Use Payments
Pre-programmed periodic payments based on metered
business model from IoT.
Example: Connected Appliance. Tolling/Pay-as-you-drive.
Informational Level 1
Access to accounts
Leverage on PSD2 directives to consult
user’s bank account.
Example: Bank’s voice assistant.
Figure 3: Model developed by Worldline for the four levels of increasing autonomy for IoT payments.
Frictionless and complete the payment. For example, At the same time, merchants are
invisible payments they may simply connect their electric looking for ways to increase conversion
vehicle to a charging point and then rates in their stores, whether bricks-
Consumers and merchants are drive off when the charge is complete; and-mortar, online or omnichannel.
expecting payment experiences to payment is handled fully automatically. Amongst the top five reasons for why
be increasingly frictionless, or even customers abandon their shopping cart
invisible. Frictionless payments Driving this expectation, on the are if their preferred payment option is
are where the transaction can be consumer side, are the attitudes of not offered or if the payment process
completed easily by the customer with Gen-Z, who are expected to increase is perceived as unsafe10. Merchants
limited additional interactions beyond their per-capita spending by more than are increasingly accepting payment
those already needed to access the 70% over the next five years9. via mobile applications such as Apple
product or service. An example of this Gen-Z is characterised as the first Pay, AliPay, PayPal, Samsung Pay and
is an in-app purchase authorised by “digitally native” generation, which WeChat Pay. At Worldline, we have
facial recognition. Invisible payments means they expect a smooth digital developed WL Scan & Pay11, which is a
take this one step further: here the customer experience, and that digital self-checkout that puts cashier
customer does not need to take any payments become increasingly functions into any smartphone with a
specific additional action to trigger and frictionless and invisible. camera. This solution offers benefits to
retailers by addressing this need for a
seamless omnichannel shopping with
an integrated payment experience.
9. https://www.bcg.com/publications/2020/how-marketers-can-win-with-gen-z-millennials-post-covid
10. https://www.b2ceurope.eu/how-to-avoid-lost-ecommerce-sales-at-checkout/
11. https://worldline.com/content/new-worldline-com/en/home/solutions/pos-and-terminals/scan-and-pay.html
12. https://www.pymnts.com/news/retail/2020/how-amazons-cashierless-tech-will-or-wont-change-the-physical-retail-landscape/
13. https://www.intellias.com/iot-payments-what-s-ahead-for-contextual-commerce/
The payment landscape is shifting towards a new world where a variety of models that support payment
will co-exist, mixing domestic payment schemes, international card schemes, digital wallets,
and distributed cryptocurrency networks. Figure 514 illustrates three alternative payment models
that can potentially be used for IoT payments, which we describe in more detail below.
Payment
card scheme payment model bank credit model Digital currency model
Card scheme owner Card payment processor Instant payment processor Central bank Digital currency network
Issuer Acquirer Customer bank Merchant bank Customer bank Merchant bank
IoT devices
Service provisioning
Card scheme payment model Bank credit transfer model Digital currency payment
Major international card schemes have Instant Payments are currently an One of the most discussed
been successfully deploying non-card exciting development in many parts technologies for IoT payments
payment through payment tokenisation, of the world. With Instant Payments, today are cryptocurrencies, based
which is the process of replacing banks are able to execute money on a distributed ledger, which bring
sensitive data with a unique identifier transfers in near-real-time. This means attractive technical features to an
that refers to, but does not disclose, that, if a payer wants to pay someone IoT environment. Since the ledger is
confidential data. in Europe, the beneficiary is able to distributed, it allows IoT devices to
Today, one of the most common uses receive the money within seconds, perform peer-to-peer transactions with
of debit and credit card tokenisation assuming that both the payer and the or without the involvement of a trusted
is to emulate a payment card with beneficiary are customers of banks third party. It is still uncertain whether
a mobile phone, using Near Field participating in the SCTinst or how the current development of
Communication (NFC) to initiate a (SEPA Instant Credit Transfer) numerous digital currency initiatives
transaction, where the tokenisation scheme. The SCTinst covers both will lead to some becoming mainstream
replaces the Primary Account Number person- to-person payments and in the future. Nevertheless, a possible
(PAN). As an extra security measure, person-to- business payments. scenario would be a move towards
the card emulation software (that Payment Initiation Services (PIS), regulated digital currency networks
resides in a smart phone or in the enabled by PSD2- mandated third where central banks will play a
cloud) can generate a dynamic card party access to accounts (XS2A), crucial regulating role, and where the
verification value, which is uniquely bring tremendous opportunities with exchange of different currencies will
bounded to a single transaction. This or without Instant Payments and be possible. Another scenario could be
card tokenisation can also be used to support most of the IoT payment use multiple closed loop cryptocurrencies
turn IoT devices into payment-enabled cases that are already feasible via that optimise both transaction handling
devices. For example, a connected car card scheme payments. and cost inside one or multiple IoT
can host a tokenised payment card, payment ecosystems, ideally in an
which enables payments from the car. interoperable way.
The standardisation of this model is
mainly driven by the card schemes.
Consumer resistance wallet with a fixed limit. For example, Securing payment credentials
the concern that the system may be
As described earlier, many people fooled by someone intending to steal The frictionless payment experience
(especially younger generations) are from it may be very significant. In the created by payment card tokenisation
positive about the smooth payment longer term, understanding and trusting has made it the preferred approach for
experience that IoT payments can these systems will be key; auditability securing payment account information
enable. However, others will be and interpretability of machine in IoT payment transactions, thanks
resistant to such a change, perhaps decisions is required in order to make to its standardisation and its adoption
due to a fear of new technologies them transparent17 and win the trust of in the payment industry. EMVCo19
that is often deeply linked to the local the user. Even with such transparency, mandates a user identity and
historical and/or societal context. ultimately the factor that increases verification step before granting any
acceptability and adoption may be token request. A similar mechanism
Beyond this fear of technology, many the ability to easily roll back those is necessary to ensure that device
unbanked consumers have a justified transactions that consumers owners are aware of token requests
concern about the proliferation of such are not happy with. originating from their devices and that
“unmanned services” because they are such requests are legitimate. Major
excluded if only digital payments are Not only do customers need to trust payment companies and card scheme
accepted15. In response to this, we have the device to make an autonomous owners are beginning to address these
already seen states in the US legislating payment on their behalf, they also concerns. For example, Visa secures
against cashless businesses16, requiring have to trust that the device is secured payment functionality for IoT using their
these stores to accept cash payments. against malicious threats. Given the Visa Token Service20 for provisioning a
Furthermore, even customers who have huge variety of devices potentially token to a device to activate payments.
bank accounts may prefer to have the involved in IoT payments and that the
option to use cash, for reasons exchange of data often takes place in Ensuring strong authentification
of privacy and anonymity. an open Internet environment, assuring
security is especially challenging. The basic requirements of PSD2 state
In cases where there is no resistance to Fraudsters are targeting IoT devices that strong customer authentication
autonomous digital payments per se, a more aggressively than ever before18. (SCA) has to be based on the use of
consumer still needs to trust a device In particular, in IoT payment use cases, two or more possible authentication
with their financial assets (i.e. have where there is not a visible human elements, categorised as:
confidence in its purchase decisions control, cyber criminals could try to
and spending control) even if it is a seize an advantage. It is therefore Knowledge
up to the payment ecosystem as a
whole to ensure that the security of (i.e. something only the user knows,
IoT payments can be guaranteed, that such as a password).
the consumer is able to easily control
what devices do with their payment Possession
credentials, and that the consumer is
Auditability and fully aware of the security and control
that is provided to them.
(i.e. something only the user has,
such as a token).
interpretability The key aspects that need to Inherence
of machine be considered are how payment
credentials are stored securely on (i.e. something only the user is,
decisions is a device, how access to the device
is controlled (to prevent hacking),
such as a fingerprint or face scan).
15. https://www.pymnts.com/wp-content/uploads/2020/03/Commerce-Connected-Playbook-Mar20.pdf
16. https://www.wsj.com/articles/philadelphia-is-first-u-s-city-to-ban-cashless-stores-11551967201
17. https://www.cnil.fr/sites/default/files/atoms/files/cnil_rapport_garder_la_main_web.pdf#page=58
18. https://blog.f-secure.com/attack-landscape-h1-2019-iot-smb-traffic-abound/
19. https://www.emvco.com/
20. https://usa.visa.com/partner-with-us/payment-technology/visa-token-service.html
The key
4-digit password (e.g. 0000), which multimodal biometrics and contextual
remains unchanged during operation. information checking, where several
challenge is
The lack of a common security sources of biometric information (such
framework poses serious problems as gait, face, etc.) are combined with
to apply the
for device manufacturers, service other information (such as where the
providers and consumers. person is and what they are doing) to
most convenient
provide a more rigorous and harder-to-
Existing payment authentication fool authentication of the individual.
authentication
methods are not suitable for many IoT
devices due to resource constraints Objet-initiated transactions
method to a
such as low power and limited storage
capacity. It is important to determine PSD2 defines two ways for initiating
specific
and to reach the desired level of trust a transaction: Merchant- Initiated
without overburdening the computing Transaction (MIT) and Customer-
payment
capacity of IoT devices. Today, there Initiated Transaction (CIT).
is an increasing adoption of standard
use case.
authentication methods such as PKI, With MIT, the user has enrolled their
OAuth and OIDC to serve IoT use cases credit card, IBAN or other payment
of a specific scope and scale. Further instrument with the merchant, and then
standards from OAM DM, LWM2M and the merchant initiates the transaction,
TR-069 are also being deployed to for example for one-click orders or
secure the communication between recurring orders. This is not always
nodes in an IoT network21. appropriate for IoT payments as the
consumer may want to pay for services
Consumer authentification for which they have not yet enrolled,
such as toll fees in a foreign country.
As stated earlier, an IoT payment IoT payment fraud prevention
transaction must be trusted and With CIT, PSD2 requires strong
accountable. An IoT device by itself authentication and, as described As previously discussed, IoT devices
cannot be held accountable: ultimate previously, this is not something an are particularly vulnerable to cyber-
accountability will instead rest with object can do autonomously for us. attacks and therefore the continuous
the person or organisation that has monitoring of IoT payment transactions
delegated payment tasks to it. This As a result, a new kind of transaction is essential to detect and prevent
necessitates consumer authentication. initiation with its own authentication fraud. As IoT devices also have the
The key challenge is to apply the most requirements is needed. We believe potential to offer many more data
convenient authentication method to a that regulations will be updated sources, fraud detection algorithms
specific payment use case. to cater for these Object-Initiated can have a more complete picture of
Transactions (OIT). Failure to do so user actions (including before, during
As illustrated in Figure 6, there could see a proliferation of entities and after the payment is made). For
are various forms of customer providing services by acting as third example, by knowing that an individual
authentication methods and, parties using MIT. These could become has travelled to a shop in their car and
depending on the type of usage and de-facto standards for Object-Initiated then used their phone to scan products
the acceptable level of risk, certain payments, but they may not ultimately in the store, the legitimacy of the final
methods are more suitable than protect the best interests of consumers payment transaction could be assured
others. When it comes to customer and merchants. with greater confidence.
convenience, biometric authentication
is becoming increasingly acceptable,
as long as privacy is assured.
For example, voice recognition is a
good candidate for in-car payment,
since voice control is already a common
technology used in connected cars.
In retail, we are seeing examples of
contactless palm scans being used
to authenticate a payment22. Figure 6: Various biometric authentication methods.
21. https://www.muutech.com/en/iot-device-management-protocols-lwm2m-oma-dm-and-tr-069/
22. https://www.a3bc.org/carrefour-green-court-first-store-in-romania/
So far, we have described why we secure elements, trusted execution three authentication protocols that
foresee a rise in IoT payments and how environments (TEE) or white boxes. The could prove useful for application in
this will potentially impact the dominant first two require hardware components IoT environments. The first option is
payment models. We have also and are not always available on IoT the FIDO Universal Authentication
discussed the challenges associated devices, while software-based white Framework (or UAF)24, which provides
with trust and accountability. Now boxes may not offer sufficient security strong authentication through public
we will describe some of the key for payment applications23. key cryptography. The second option
technology enablers that businesses is the recently published EMVCo
wishing to leverage IoT payments will Identity of an IoT device can also be specifications for 3-D Secure (3DS)25,
need to master. These are illustrated in provided by a Physically Unclonable which is a messaging protocol that
Figure 7, which shows our view on how Function (PUF) enclosed in trust zones enables consumers to authenticate
soon they will need to be adopted and or secure elements. These functions themselves to a card issuer when
also the potential impact they will have provide a unique identity to each performing card-not-present (CNP)
on the IoT payment landscape. specific device. They rely on small transactions. The third candidate
variations during the manufacturing is OpenID Connect, which is an
Trusted Iot devices process and give unique features that identity layer on top of the OAuth
can be used to derive private and 2.0 authorisation protocol26. It allows
As seen in the previous section, IoT public keys to authenticate the device. devices to verify the identity of the
devices that trigger payments must Because the device does not store the end user based on authentication
be secure. Therefore, we see a strong private key, rather it is derived from performed by an authorisation server.
need for these IoT devices to have an unclonable feature of the device,
embedded cryptographic hardware and the security and the integrity of such Device lifecycle
enough computing power to ensure devices is greatly improved.
the integrity of data generated in the An IoT payment device must ensure
device itself before it is transmitted. Authentification that all communications and processes
are secured end-to-end, from the
To guarantee device identity we must As already discussed, in order to device’s own security component to
ensure integrity and confidentiality process payments on behalf of the the payment issuer back-end system.
of information. This can be achieved device owner, there is a need to Device manufacturers and service
with different levels of security: authenticate the IoT device. We see providers need to be aware that, even
after the device has been delivered
to the end user and the payment
credential has been provisioned, there
is still a need to manage the lifecycle
Explore
of the payment application and the IoT
device itself. Key considerations include
changes of ownership, expiration of
payment credentials, application end-
of-life and device end-of-life.
Interoperability
Assess
The diversity of IoT platforms and
IoT interperability
network protocols complicates
system interoperability between
IoT applications, preventing the
Device life-cycle Device authentication IoT from reaching its full potential.
Trial
Finger scan The interoperability issue and the
lack of standards lead to complex
Voice recognition and costly integrations between
platform applications and device
LPWAN Blockchain data, or the prevalence of proprietary
rather than open APIs (Application
5G Facial recognition
Programming Interfaces). To address
Adopt IoT interoperability it is necessary to
build middleware platforms or IoT hubs,
Artificial intelligence
enabling intermediary IoT services to
communicate in a common language
Impact and assure security levels for the
on IoT connectivity and exchange of data
payment
Low Medium High Transformational across different platforms.
23. For example, in this competition, all white boxes were cracked in 27 hours or less: https://eric-diehl.com/white-box-cryptography-an-open-challenge/
24. https://fidoalliance.org/
25. https://www.emvco.com/emv-technologies/3d-secure/
26. https://oauth.net/2/
27. https://worldline.com/content/new-worldline-com/en/home/knowledgehub/publications/download-ai-hyperautomation.html
28. https://atos.net/wp-content/uploads/2019/11/digital-vision-for-cyber-security-2-2.pdf
IoT payments
billions of additional IoT payment our assessment of the expected
transactions can be expected, yet adoption and business potential for
will help
most of these opportunities still remain many IoT payments use cases. You
untapped today. For example, a smart may find it useful to prepare your own
accelerate the
“personal shopper” could search for version of this radar for your company,
a specific product and close the deal taking into account factors like market
development of
automatically at the given permissible traction (as assessed thorough
price on behalf of the consumer. interactions and discussions with your
sharing economy
partners and your clients), market size,
Solar panels could sell spare energy expected transaction volumes and
platforms.
to other consumers/machines, with expected customer adoption.
dynamic pricing and corresponding
payment transactions being handled We will now describe in more detail two
autonomously between two devices, of the more promising examples of IoT
enabled by blockchain technology. payment use cases: electric vehicle
With so many potential use cases, charging and the sharing economy.
Tolling/PAYD
EV Charging
Sharing economy
Walk-in/Walk-out Mobility
Walk-in/Walk-out Store
Circular economy
Low
Business
potential
29. https://www.juniperresearch.com/press/press-releases/iot-connected-devices-to-triple-to-38-bn-by-2020
30. Source: Worldline authors of this paper
31. Information based on recent announcement of many public tenders for EV charging
32. https://www.finextra.com/blogposting/16658/blockchain-and-disruption-in-the-financial-world-will-banks-survive
33. https://www.mckinsey.com/industries/consumer-packaged-goods/our-insights/true-gen-generation-z-and-its-implications-for-companies
34. https://www.forbes.com/sites/emanuelabarbiroglio/2019/12/09/generation-z-fears-climate-change-more-than-anything-else
35. https://www.cise.network/
36. https://proofingfuture.eu/2021/03/15/sharing-e-mobility-an-interview-with-henk-kuipers/
37. https://bundles.nl/
38. https://makethingsfinn.com/
As we have seen, the IoT Payment Revolution is now a certainty rather than a possibility.
Stemming from the rise in digital transactions, the growth in the number of connected devices,
and advances in AI, we see that IoT payments will become a key enabler for increasingly sought
after frictionless and invisible payments.
This will impact payment models. In particular, we expect a rise in the use of bank transfers
and digital currencies for making payments.
Key to the increased adoption of IoT payments will be trust: in the device, in the environment
in which the transaction takes place, in accountability, in security, in retaining control,
and in being able to reverse a transaction if anything goes wrong.
At Worldline, we continue to research these new growth drivers together with our clients and partners,
exploring and testing innovative use cases and technical solutions. We hope this paper has
helped you to understand the potential that IoT payments can offer as well as helping
you to formulate the actions you need to take now to prepare for this future.
Key takeaways
Accountability
Technology enablers
Business impact
This paper was prepared by the Worldline Scientific Community and authored by the following experts
from across the business:
David Daly,
Worldline Scientific Community Editor-in-Chief, UK
Tony Ducrocq,
France
Louise Freer-Jones,
Competitive Intelligence, UK
Dalila Hattab,
Head of Financial Services Lab, France
Colombe Herault,
Research Development and Innovation Manager, France
Gregory Herpe,
Project Manager IoT, France
Santi Ristol,
Mobile Competence Center Director, Spain
Peter Timmermans,
Innovation Champion New Technologies, Belgium
We are also grateful to Gilles Grapinet, Wenlin Jin, Karim Jouhari, Yacine Kessaci, Nicolas Kozakiewicz,
Denis Lesieur, Olivier Maas, Johan Maes, Sebastian Ramatowski and Jeroen Vershuuren, who all provided
valuable insights and feedback during this paper’s preparation.
worldline.com