Mobile payments: How do they work?
YOU go for lunch with a friend, armed with nothing but your mobile. As you head back to work, you pay them back for the sandwich and coffee, and arrange to meet again next week.
Mobile payments like these, between individuals, have been leading the way in the UK - research carried out for the Co-operative in April 2016 suggests that 65% of us still don't want to use our phones to pay for things in store.
And yet, with the right app, and a little reassurance about the security required, it's entirely possible to pay for everything from a coffee to a pair of shoes to work done on our homes by mobile phone. This guide explains how.
Beginners should keep reading to find out about the various apps and how to make mobile payments, while the more advanced can skip ahead to learn about apps that reward mobile payments.
Alternatively, the security-conscious can always click here to read up on the safeguards being used, and what they can do to keep their phone and payment details safe.
A quick note
While Apple Pay may have grabbed all the headlines when it finally arrived in the UK last summer, it wasn't the first app to offer the ability to pay in store. What it did change was how we paid - previously existing mobile payment apps required us to log in and transfer funds.
We'll start by looking at the apps that make paying by phone just like paying by card, before looking at the alternatives that allow us to make truly mobile payments - that is, when we're on the move.
NFC technology, while increasingly popular when it comes to using an actual card, took a long time to catch on when it came to waving a phone about near a till.
There was talk of Apple Pay being the tool that finally overcame our reluctance - and although its audience is limited by the fact that it's only available iPhones from the 6 onwards and Apple Watch, it has had the effect of making paying by phone seem much more mainstream.
It's hard to believe that at the time of this update, it's not even been with us for a full year; Apple had hoped to get it rolled out here somewhat earlier, but negotiations with British banks proved a little sticky and pushed the launch back to July 2015.
Once Apple Pay users have registered a card on the phone, they can use it to make payments from that account wherever there are contactless card readers, and when shopping through a compatible app - denoted by the Apple Pay option appearing at checkout.
There's more on the technical details of Apple Pay here.
Transactions are limited to £30 or less, using cards from American Express and the following banks:
|Bank of Scotland||Barclays (and Barclaycard)||Halifax||HSBC and First Direct|
|Natwest, RBS, and Ulster Bank||Santander||Tesco Bank (credit cards only)||TSB|
Note that Barclays are now included in that list, having resisted until April 2016.
A combination of demand from their customers and the fact that Apple don't allow third parties access to the all important NFC chip required for mobile payments meant that Barclays had little choice about coming on board in the end.
They didn't have the same access issue when it came to Android Pay, Google's answer to Apple Pay - and they've said they have no intention of joining the list of banks and card providers that support it:
|Bank of Scotland||Halifax||HSBC and First Direct||Lloyds|
Most Mastercard and Visa credit and debit cards should be supported - but if a bank that offers a Visa debit card isn't listed above, check with them to be sure.
Note the absence of not only Barclays from that list of providers, but American Express.
That's not going to help with the somewhat undeserved reputation the cards have for not being very widely accepted.
Where Android Pay does score points, however, is in the range of mobile devices it can be used on.
To account for the fact that the vast majority of Android handsets - some three quarters of the smartphones in use globally - don't have fingerprint scanners, Android Pay will accept a PIN, password or pattern to authenticate transactions.
And, as it's from Google, it can support the odd offline payment: in the same way that users can generate and store a handful of authentication codes in order to log into their Google accounts when they can't get to their phone, Android Pay stores a limited number of authentication tokens on the device for use when there's no signal.
Like Apple Pay, it's supported by a large number of retailer apps, so it can also be used to pay online - just look for the "Buy with Android Pay" button.
Barclays contactless mobile
Barclays have a long tradition of striking out alone when it comes to developing alternative payment methods - Barclaycard was the UK's first credit card, and was one of the founding members of Visa in 1977.
So while they may have been thwarted when it came to developing their own version of Apple Pay, they've had no such issue creating their own mobile payment system for Android devices.
Unlike bPay and Pingit, Contactless Mobile is only available to people with a Barclays current account or credit card.
For the most part it works just like other contactless payment methods - simply tap and go - but there's one big difference: the transaction limit is £100.
Payments up to £30 are handled normally, but more expensive purchases can be made by tapping the phone to the terminal, entering a PIN on the phone, then tapping again.
The truly mobile
As we've touched on above, payments between individuals have accounted for a significant proportion of the mobile payments made to date.
Research from T-Sys suggests that as recently as last year, 49% of people using mobile payment systems (including mobile banking and services such as Paypal) were doing so to send money to other people - although shopping for both clothes and groceries were fast catching up.
So for those of us who don't trust our friends and relatives enough to give them our sort code and account number, what are the options?
Paym - pronounced "Pay 'em" - is an initiative run by the Payments Council.
Between its launch at the end of April 2014, and the end of December 2015, more than 3.2 million people had signed up - and the number of payments being sent via the service is almost doubling every six months.
By February 2016, the Payments Council say Paym had been used to send more than £146 million.
With the involvement of 16 of the UK's banks and building societies, it has the potential to be useful to some 40 million people.
One of the advantages Paym has is that people who don't have smartphones can register to use it.
All they have to do to receive money is register their mobile number with their bank, and ask for it to be linked to the particular account they want money to go into.
The sender can then use whatever mobile banking or payment app they happen to use to start the payment. They enter the phone number of the person they want to pay - either by using their contacts list or doing it manually - and the amount they want to pay.
The app will ask the sender to verify the name of the recipient before confirming payment - so there's less chance of the money going to the wrong place. They'll then receive a message confirming the payment has gone through.
Pingit has been around since 2012. There are more than 2.9 million registered users, and people have used it to make payments of more than £2 billion.
It's available to anyone with a smartphone and a UK mobile number - not just Barclays customers - although those without smartphones can register to receive payments.
It's got more functionality than Paym: there's a built-in business directory and charities tab, payments can be made to India and several countries in Africa, and users can also input short codes or scan QR codes to start a payment to a business or shop.
But the social aspect of Pingit is reflected in the fact that it's possible to use not only someone's mobile number but their twitter handle - and since February 2016, their BBM ID - to make a payment.
Cleverly, Pingit also integrates Paym, which means people whose banks haven't signed up to the newer service can send and receive money from those whose banks have.
The daddy of the online payment services, Paypal has let people pay others using just their email address since it launched. It's also undeniably great for dealing with online payments while we're on the go.
But there's also a smartphone app that allows users to make mobile payments; they say they processed $66 billion of them globally in 2015, and UK customers are now able to use it in more than 2,000 shops.
On opening the app, users are presented with a list of nearby retailers who accept payment by Paypal - among them are familiar names like Oasis, JD Sports, Snow & Rock, and GBK, Prezzo, and Wagamama, as well as plenty of smaller and independent businesses.
There's an order and takeaway option that's just like online ordering - but in some restaurants there's also the ability to spilt the bill and pay at the table.
We know why it took Apple so long to enter the field - but that doesn't explain why Google didn't sweep in to claim the market. We can expect them - and others - to appear soon.
The fully functional version of Google Wallet is still only available in the US, where it's had something of a bumpy ride, and it's possible that we may never see more than the limited version of the payments system over here.
That's been available in the UK since early 2015, when the eagle-eyed among British Gmail users will have noticed the appearance of a pound sign in the options bar along the bottom of the compose window.
Hovering over the symbol brings up a dialogue box offering to send and request money in sterling using email addresses.
It doesn't matter if the other person doesn't have a Gmail account, but both parties need a Google Wallet account.
Anyone who's ever bought something from the Google Play store will already have a Google Wallet - so it may just be a case of signing in and verifying identities.
Before the arrival of Android Pay, it had been suggested that the contactless payment system could give Google Wallet a bit of a boost - but that idea seems to have been shelved.
Nevertheless, while we wait for people to get over their nerves about using their phones to pay in the same way as they have with contactless cards, Google Wallet could be rather like Paypal in bridging the gap between paying on the go and contactless mobile payments.
Plenty of retailers have loyalty apps offering rewards for custom, and the mobile payment providers are keen to have us upload the details of our various membership and rewards cards into their apps.
But for the most part, all we're really doing when we add a loyalty card to Apple Pay or Android Pay is storing it somewhere different - we still need to scan then tap our phones at least a couple of times to register first the loyalty card, then our method of payment.
There are, however, some payment apps that completely integrate the process, automatically translating any eligible spend with participating retailers into points or stamps.
Droplet, available for iPhone and Android, has a friendly looking website with photos of some of the small businesses that support and accept it for illustration.
The site proudly announces that "Droplet is available near you" - but retailers, all of the independent variety, tend to be focused in a handful of towns and cities, from Exeter to Norwich to Edinburgh.
Once we've entered the details of our Visa or MasterCard credit or debit cards, we're good to go. Paying involves opening the app and selecting the correct merchant - and if the retailer has a loyalty programme, paying with Droplet will automatically update our stamps or points tally.
Once those now-virtual loyalty cards are full, it'll even notify us, so there'll be no more embarrassing searching through the wallet for that piece of card, only to find we're one stamp shy of a free latte.
Security is apparently "bank-grade", and they're regulated by the Financial Conduct Authority - but that's not quite the same as an online fraud guarantee.
Most useful for those who go out in London's more exclusive spots is Velocity.
It's designed as a combination of social networking site, payment app and loyalty scheme.
It suggests restaurants and clubs based on recommendations from friends, and keeps all the information from any we visit in one place.
It's an interesting set-up - when going as a group, whoever checks in to a venue first becomes responsible for settling the full bill, no matter how many in the party subsequently check in.
It also requires card details to be entered fresh each time - which allows the use of different cards, but removes some of the convenience.
Whoever has final responsibility for the bill, everyone in the group can keep tabs on how much it is in real time, and arrange to split and pay for their portion of the bill whenever they're ready.
Velocity say they'll only store enough digits from a card to enable users to recognise it and use it again in future.
But the full details will be stored by one of the two third party companies who process payments - Braintree, a division of PayPal, or Judopay - before they're sent to the venue.
Given the reliance of these two apps on third parties and inputting card details, it's worth having some concerns about security.
In fact, while a large number of us are still woefully bad at setting strong passwords, the Co-operative's research showed the three main reasons people weren't using mobile payments were concerns about security, perceptions of inconvenience, and preferring to deal with another human.
We can't do anything about how convenient or not individuals find paying by mobile, or how sociable an experience it is, but we can say a little about those security issues.
Every UK bank that offers internet banking has some kind of online fraud guarantee protecting customers from unauthorised transactions - there's more on what they should cover here - and if they offer an app, the same terms should apply to use of that.
While it can be used by anyone, Pingit is covered by Barclays' own Mobile Banking Guarantee, and as Paym is designed to be used through existing banking apps, it should be covered by each institution's security and guarantees.
However, that doesn't mean we can be complacent about our part in the process.
The precautions listed in the article linked to above apply just as much to mobile transactions as to online and in-person card payments.
Ideally, we should only ever use official apps, of the sort that can be downloaded via a link from our bank or building society. As we cover here, unauthorised apps don't come with the same fraud protection.
Those we've featured have decent reputations, but there's no way to know who designed other apps and for what purpose - which leaves us open to downloading malware that can steal our details.
We've a detailed guide to protecting mobile phones and the data they contain here.
Meanwhile, genuine honest mistakes do occasionally happen. It's worth knowing what to do if it turns out the money's gone to the wrong account - which we cover here.