
Card.io - fast and easy mobile credit card scanning - davidedicillo
https://www.card.io/
======
socmoth
(Full disclosure, I'm a stock holder in Square)

There are two good reasons Square doesn't do this that I can think of off the
top of my head.

First, CNP vs CP card processing rates.
<http://en.wikipedia.org/wiki/Card_not_present_transaction>

Every credit card has the CC number encoded in to the back of the card, but in
addition to that, it has a couple bytes of extra information. That extra
information qualifies the merchant for a lower processing rate if they SWIPE
the card. That means, when you take a picture, you are paying closer to 3.5%
instead of 2.75% for every transaction. (rates quoted are square's cp vs cnp
rates)

Some merchants are extremely sensitive to this, other aren't. The larger a
merchant is, the more likely they are going to care. On the other hand, no
merchant wants to lose a sale, 3.5% of a sale is still better than 100% of a
lost sale.

The other reason is based on UX. It feels really weird to have someone take a
picture of your credit card using their cell phone. The apps that use this
technology might be doing anything with that image.

Otoh, more people should take credit cards!

(edit: Sidenote, Square considered doing this before the swiper was invented,
during the very first month or so. Doesn't mean it is a bad idea, just that
Square moved away from it in favor of a swiper.)

~~~
richcollins
_Otoh, more people should take credit cards!_

We should be moving away from credit cards. They are becoming an archaic
technology.

~~~
chrisbolt
What do you propose we replace them with?

~~~
thinkcomp
<http://www.facecash.com>

------
mmettler
Hi gang, this is Mike from card.io.

socmoth, CrazedGeek, and tbgvi are right that this is considered a CNP
transaction and rates are higher. However, our focus is on mobile developers,
not retail merchants. By taking friction out of the mobile checkout flow for
those developers (because customers don't have to type out their cc number),
conversions are higher, and thus revenues are higher.

Regarding the user experience: folks are used to scanning barcodes with
RedLaser, business cards with CardMunch, and checks with PayPal and the Chase
mobile app. If we can make credit card purchasing easy and fast on the phone,
that's a good user experience.

Thanks for the feedback!

~~~
socmoth
CardMuch, Checks are both examples of me taking a picture of something I own
(check, biz card) using my own cell phone. Card.io is someone else taking a
picture of my credit card, using their cell phone. In the first two examples,
I have control and ownership. In the last example, I have ownership (of the
data/card) but no control of the software.

Anything that increases conversions is great! Best of luck! I look forward to
seeing it in the wild. In fact, are there any merchants in SF I can watch use
it yet?

~~~
timjahn
I may be wrong, but I believe the premise behind card.io is that you buy
something in an app (a good old in app purchase), and instead of typing in all
your credit card info, you simply take a picture of your credit card for
payment.

Doesn't seem that card.io is trying to get merchants to use this as a Square
replacement at this point.

~~~
ryanmickle
timjahn, you're right (I've seen it in action). Users will be scanning their
own cards for purchases made on third party apps. It's really slick.

------
gregschlom
Interesting. I was talking about this idea 2 weeks ago with some friends. Here
in France Square doesn't work since only chip cards are accepted, not magnetic
stripe cards. So card.io could have a greater market penetration worldwide
than Square.

------
jarin
This looks even smoother than Square, but I'm curious to see how it handles
credit cards with the silvery ink worn off of the numbers, or cards with
complex graphics on the front.

~~~
josharian
This is Josh, CTO of card.io. Those are definitely challenges, but we've put
quite a lot of effort into handling exactly those sorts of problems, and we do
pretty well with them (if I say so myself).

One interesting tidbit on this front, from someone who spends a lot of time
admiring credit cards: Only some cards have silvery ink on top of the numbers.
Some others have silvery plastic _underneath_ the main ink layer (usually part
of the card's overall graphic design), so the numbers become more silvery with
wear, not less. And yet others have no silver anywhere at all. TAANSTAFL. :)

------
marcamillion
This looks awesome. One thing I could see becoming an issue is in your best
case scenario.

Say things are wildly successful and people come to expect that merchants will
be taking a pic of your credit card with their phone. So you easily hand over
your card to some random person to take a pic of it - assuming they are using
Card.io.

However, what is to prevent nefarious people from just taking a pic with their
own app or their own camera ?

So what would be good would be if there is some way to indicate (quickly) to
the cardholder that the user is actually using Card.io to take the pic, rather
than the Camera app - so they are not paranoid about people stealing their
numbers.

Maybe turning the flash light red (is that even possible?) or something subtle
that is a unique indicator that Card.io is being used and not some other app.

With Square, it is that little dongle - although I know that once Square gets
big enough and the incentive gets large enough for people to create knock-offs
of that dongle, I think it's much harder than say using a Camera.

Otherwise, awesome app.

~~~
true_religion
> Say things are wildly successful and people come to expect that merchants
> will be taking a pic of your credit card with their phone. So you easily
> hand over your card to some random person to take a pic of it - assuming
> they are using Card.io.

When you're sitting in a restaurant and hand over your credit card, the waiter
is now in _total_ posssesion of it.

They could take a picture of it.

They could go to their laptop and make purchases from China.

They could run out the backdoor and never return it.

Handing over your credit card is a common enough thing, because you are
protected from fraud by the credit card companies policies---not by your own
regard for if the person you're giving your card is trust worthy or not.

~~~
marcamillion
That may be true, just saying....it could provide another avenue of fraud if
the best case scenario does play itself out.

Not saying other avenues of fraud don't exist or cardholders aren't as
vulnerable without it.

Just stating what I think will likely be a side-effect, that these guys should
at least pay attention to.

------
modeless
Can you scan the back to get the CVV2 code? All the information you need from
the front is embossed so you can read it on the back too.

------
dave1010uk
When I buy stuff online then I always make sure the browser's sending data
over HTTPS (both on my mobile & desktop). I don't think I'd trust a 3rd party
app to safely store and transmit my credit card data. Even non-technical
people know to "look for the padlock". Have there been any usability studies
to see if users are happy scanning their card from an app?

------
jvandenbroeck
Looks pretty cool, but wouldn't apple screw you? I don't think they'll like
this, they want users to buy with the app store.

~~~
VanceRefrig
Thats true. I don't think anyone yet has thought about that. Nonetheless, it's
a interesting idea. For me, I don't know if I'm comfortable with taking a
picture of my card. But who knows.

------
baconface
Is anyone aware of any direct competition in the credit card "scanning" space?

~~~
avree
I mean, there's Square... but they use a hardware piece. I'm interested to
understand why the hardware piece is better than the photo scanner. Is it more
secure? More reliable?

~~~
CrazedGeek
I might be wrong, but I seem to recall that credit card companies charge less
in fees for magnetic strip readings than just entering in the number, which
the photo scanner would be analogous to.

~~~
tbgvi
No, you're right :) Swiping a card makes it a card present transaction, which
have lower rates than keyed entry. Some processors will even shut you down if
too many of your transactions are keyed (worried about fraud).

From what I can tell, this just does the scanning and doesn't actually process
the transaction though? Could be wrong on that. Also, 15 cents per scan seems
expensive.

~~~
davidedicillo
At the same time it's possible that they cut deals with the processors to be
certified in some way, so that if the numbers are retrieved using their
service the card is considered present.

------
kyleslattery
I'm a little unclear on this--does Card.io handle the payment processing too,
or just the card capture itself? If they don't handle the payment processing,
how does the card number get passed along?

~~~
mmettler
Hi Kyle, we're just doing the card capture today. Many of our developers
already had merchant accounts and were just looking to get rid of the pain of
having their customers type in the card number. We scan the card and return
the number via SSL to the developer who finalizes the transaction.

-Mike from card.io

------
pud
Constructive criticism: This is an example how how the illusion of a
beautifully designed, professional-looking site is easily burst by an amateur
how-to video.

~~~
mmettler
Hi Pud, Mike from card.io here. I totally agree, and thanks for the criticism.
This video goes up tomorrow, courtesy of @zumpangofilms:
<http://youtu.be/7lg0nMH4NFk?hd=1>

------
pclark
How reliable is this? I can barely read my american co-founders credit card
numbers on his card.

------
brevityness
Gaaahh! Shaky camera action!

~~~
mmettler
Mike from card.io here. Sorry about that. Try this one:
<http://youtu.be/7lg0nMH4NFk?hd=1>

