[House Hearing, 114 Congress]
[From the U.S. Government Publishing Office]








                 THE DISRUPTER SERIES: MOBILE PAYMENTS

=======================================================================

                                HEARING

                               BEFORE THE

           SUBCOMMITTEE ON COMMERCE, MANUFACTURING, AND TRADE

                                 OF THE

                    COMMITTEE ON ENERGY AND COMMERCE
                        HOUSE OF REPRESENTATIVES

                    ONE HUNDRED FOURTEENTH CONGRESS

                             FIRST SESSION

                               __________

                            DECEMBER 1, 2015

                               __________

                           Serial No. 114-105



[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]




      Printed for the use of the Committee on Energy and Commerce
                        energycommerce.house.gov
                                  ______

                         U.S. GOVERNMENT PUBLISHING OFFICE 

20-159 PDF                     WASHINGTON : 2016 
-----------------------------------------------------------------------
  For sale by the Superintendent of Documents, U.S. Government Publishing 
  Office Internet: bookstore.gpo.gov Phone: toll free (866) 512-1800; 
         DC area (202) 512-1800 Fax: (202) 512-2104 Mail: Stop IDCC, 
                          Washington, DC 20402-0001














                    COMMITTEE ON ENERGY AND COMMERCE

                          FRED UPTON, Michigan
                                 Chairman

JOE BARTON, Texas                    FRANK PALLONE, Jr., New Jersey
  Chairman Emeritus                    Ranking Member
ED WHITFIELD, Kentucky               BOBBY L. RUSH, Illinois
JOHN SHIMKUS, Illinois               ANNA G. ESHOO, California
JOSEPH R. PITTS, Pennsylvania        ELIOT L. ENGEL, New York
GREG WALDEN, Oregon                  GENE GREEN, Texas
TIM MURPHY, Pennsylvania             DIANA DeGETTE, Colorado
MICHAEL C. BURGESS, Texas            LOIS CAPPS, California
MARSHA BLACKBURN, Tennessee          MICHAEL F. DOYLE, Pennsylvania
  Vice Chairman                      JANICE D. SCHAKOWSKY, Illinois
STEVE SCALISE, Louisiana             G.K. BUTTERFIELD, North Carolina
ROBERT E. LATTA, Ohio                DORIS O. MATSUI, California
CATHY McMORRIS RODGERS, Washington   KATHY CASTOR, Florida
GREGG HARPER, Mississippi            JOHN P. SARBANES, Maryland
LEONARD LANCE, New Jersey            JERRY McNERNEY, California
BRETT GUTHRIE, Kentucky              PETER WELCH, Vermont
PETE OLSON, Texas                    BEN RAY LUJAN, New Mexico
DAVID B. McKINLEY, West Virginia     PAUL TONKO, New York
MIKE POMPEO, Kansas                  JOHN A. YARMUTH, Kentucky
ADAM KINZINGER, Illinois             YVETTE D. CLARKE, New York
H. MORGAN GRIFFITH, Virginia         DAVID LOEBSACK, Iowa
GUS M. BILIRAKIS, Florida            KURT SCHRADER, Oregon
BILL JOHNSON, Ohio                   JOSEPH P. KENNEDY, III, 
BILLY LONG, Missouri                 Massachusetts
RENEE L. ELLMERS, North Carolina     TONY CARDENAS, California
LARRY BUCSHON, Indiana
BILL FLORES, Texas
SUSAN W. BROOKS, Indiana
MARKWAYNE MULLIN, Oklahoma
RICHARD HUDSON, North Carolina
CHRIS COLLINS, New York
KEVIN CRAMER, North Dakota

                                 _____

           Subcommittee on Commerce, Manufacturing, and Trade

                       MICHAEL C. BURGESS, Texas
                                 Chairman
                                     JANICE D. SCHAKOWSKY, Illinois
LEONARD LANCE, New Jersey              Ranking Member
  Vice Chairman                      YVETTE D. CLARKE, New York
MARSHA BLACKBURN, Tennessee          JOSEPH P. KENNEDY, III, 
GREGG HARPER, Mississippi                Massachusetts
BRETT GUTHRIE, Kentucky              TONY CARDENAS, California
PETE OLSON, Texas                    BOBBY L. RUSH, Illinois
MIKE POMPEO, Kansas                  G.K. BUTTERFIELD, North Carolina
ADAM KINZINGER, Illinois             PETER WELCH, Vermont
GUS M. BILIRAKIS, Florida            FRANK PALLONE, Jr., New Jersey (ex 
SUSAN W. BROOKS, Indiana                 officio)
MARKWAYNE MULLIN, Oklahoma
FRED UPTON, Michigan (ex officio)

                                  (ii)
                                  
                                  
                                  
                                  
                                  
                                  
                                  
                                  
                                  
                                  
                                  
                                  
                                  
                                  
                                  
                                  
                             C O N T E N T S

                              ----------                              
                                                                   Page
Hon. Michael C. Burgess, a Representative in Congress from the 
  State of Texas, opening statement..............................     1
    Prepared statement...........................................     3
Hon. Janice D. Schakowsky, a Representative in Congress from the 
  State of Illinois, opening statement...........................     4
    Prepared statement...........................................     5
Hon. Fred Upton, a Representative in Congress from the State of 
  Michigan, opening statement....................................     5
    Prepared statement...........................................     6
Hon. Frank Pallone, Jr., a Representative in Congress from the 
  State of New Jersey, opening statement.........................     7
    Prepared statement...........................................     8

                               Witnesses

John Muller, Vice President, Global Payments Policy, PayPal......     9
    Prepared statement...........................................    12
    Answers to submitted questions...............................    96
Jessica E. Deckinger, Chief Marketing Officer, Merchant Customer 
  Exchange.......................................................    20
    Prepared statement...........................................    24
    Answers to submitted questions...............................    99
Sarah Jane Hughes, University Scholar and Fellow in Commercial 
  Law, Maurer School of Law, Indiana University..................    33
    Prepared statement...........................................    35
    Answers to submitted questions...............................   101
Sang W. Ahn, Chief Commercial Officer, U.S. Samsung Pay, Samsung 
  Electronics America............................................    48
    Prepared statement...........................................    50
    Answers to submitted questions...............................   105

                           Submitted Material

Statement of the Electronic Transactions Association, December 1, 
  2015, submitted by Mr. Lance...................................    80
Statement of the National Association of Convenience Stores and 
  the Society of Independent Gasoline Marketers of America, 
  December 1, 2015, submitted by Mr. Lance.......................    85
Statement of the National Retail Federation, December 1, 2015, 
  submitted by Mr. Lance.........................................    91
 
                 THE DISRUPTER SERIES: MOBILE PAYMENTS

                              ----------                              


                       TUESDAY, DECEMBER 1, 2015

                  House of Representatives,
Subcommittee on Commerce, Manufacturing, and Trade,
                          Committee on Energy and Commerce,
                                                    Washington, DC.
    The subcommittee met, pursuant to call, at 10:21 a.m., in 
room 2322, Rayburn House Office Building, Hon. Michael C. 
Burgess (chairman of the subcommittee) presiding.
    Members present: Representatives Burgess, Lance, Blackburn, 
Harper, Guthrie, Olson, Pompeo, Kinzinger, Bilirakis, Brooks, 
Mullin, Upton (ex officio), Schakowsky, Clarke, Cardenas, 
Welch, and Pallone (ex officio).
    Staff present: Gary Andres, Staff Director; Rebecca Card, 
Assistant Press Secretary; James Decker, Policy Coordinator, 
Commerce, Manufacturing, and Trade; Andy Duberstein, Deputy 
Press Secretary; Graham Dufault, Counsel, Commerce, 
Manufacturing, and Trade; Melissa Froelich, Counsel, Commerce, 
Manufacturing, and Trade; Paul Nagle, Chief Counsel, Commerce, 
Manufacturing, and Trade; Tim Pataki, Professional Staff 
Member; Olivia Trusty, Professional Staff, Commerce, 
Manufacturing, and Trade; Dylan Vorbach, Legislative Clerk; 
Michelle Ash, Democratic Chief Counsel, Commerce, 
Manufacturing, and Trade; Christine Brennan, Democratic Press 
Secretary; Jeff Carroll, Democratic Staff Director; Ashley 
Jones, Democratic Director, Outreach and Member Services; 
Caroline Paris-Behr, Democratic Policy Analyst; Tim Robinson, 
Democratic Chief Counsel; Diana Rudd, Democratic Legal Fellow; 
and Ryan Skukowski, Democratic Policy Analyst.

OPENING STATEMENT OF HON. MICHAEL C. BURGESS, A REPRESENTATIVE 
              IN CONGRESS FROM THE STATE OF TEXAS

    Mr. Burgess. The Subcommittee on Commerce, Manufacturing, 
and Trade will now come to order. The Chair will recognize 
himself for 5 minutes for an opening statement, and I do want 
to welcome everyone to our hearing this morning examining 
mobile payments, which are poised to upend how consumers pay 
for goods and services in stores, online, in apps, and at the 
parking meter. This hearing is the latest in our disrupter 
series, covering a variety of technologies that are redefining 
our lives and improving our or economic condition.
    This past week, Black Friday, Small Business Saturday, 
Cyber Monday flooded all of our inboxes and took over the 
commercial breaks on television. As the holiday shopping season 
is in full swing, this is a good time to take a look at the 
consumer experience with mobile payments. This morning, we will 
hear from our witnesses representing a variety of innovative 
products and services in the mobile payments arena. This 
hearing is an opportunity to learn about the innovations that 
are available to consumers today and those that will be 
available in the near future, but we recognize that there are 
exciting innovations on the horizon for payments, including 
mobile currencies, which will be a topic for another day.
    Smartphones are increasingly an ever-present part of our 
lives. It is no surprise that they are also changing the way 
that we shop for goods and services. You can shop on your 
tablet in front of the television, compare prices on your phone 
as you browse in a store, and pay without ever pulling out your 
wallet. Consumers have access to more information, and more 
competitive options are at the tip of their fingers during the 
busiest shopping season of the year. There has not been this 
big an upheaval in how consumers pay for goods and services, 
from groceries to haircuts, since computers replaced the old 
knuckle-buster manual imprinters in the 1980s.
    In 2014, 22 percent of mobile phone owners reported making 
a purchase with their phone; 39 percent used their phones to 
make a purchase in the store. When you find that perfect 
Christmas gift, you may be able to pay by tapping your phone at 
checkout or clicking the PayPal checkout button on a mobile Web 
site. When you want to send your friend money for the concert 
ticket they bought for you, all you need is their email address 
or their mobile phone number. These mobile payment options 
include protections not available with cash and are easy to use 
for consumers who may be more likely to have their phone in 
their pocket than carry the exact change with them.
    Some basic questions remain top of mind for consumers when 
they think about mobile payments: Are they safe? Can I use my 
phone? This hearing is an opportunity to hear from companies 
implementing the cutting-edge technologies in mobile payments 
and how they are addressing these and other concerns raised by 
consumers.
    Two of the top security topics that are raised by mobile 
payments are authentication, how the device knows you have 
permission to make the payment with the device, and 
tokenization, protecting your payment data through the payment 
process. We all know passwords are difficult. They are 
difficult to remember. They are difficult to keep straight, 
which is why many people--myself not included, but many 
people--simply use their name for their user name and 1234 as 
their password. Mobile devices offer some alternatives to the 
traditional password that add an additional layer of protection 
for consumers.
    Authentication is the process that a system uses to verify 
the identity of a person that wants access to the system. The 
user name and password is the most typical authentication 
process used to log into a variety of Web sites. Mobile devices 
have changed. They have changed how people think about 
authentication. Fingerprint sensors, cameras are found in an 
increasing number of mobile devices; and instead of having to 
remember a separate password to unlock your phone or tablet, 
you may be able to use the fingerprint scanner to unlock the 
device with just a touch. This protects the information on the 
phone, including access to payment options.
    Another security feature that is regularly brought up in 
discussions about mobile payments is tokenization. We are all 
familiar with the tokens you get at the fair or the arcade. 
Tokens in a mobile payment system are similar in concept, 
replacing the valuable currency or payment information with a 
code that then becomes useless for another transaction if 
someone were to steal it.
    As has been the case throughout history, technology has the 
potential to solve problems and improve our lives. Mobile 
payments are no exception to that trend. So I look forward this 
morning to hearing from our witnesses and how they are 
leveraging the mix of technologies to provide an easy and 
secure experience for United States consumers as we make our 
way through this shopping season.
    [The prepared statement of Mr. Burgess follows:]

             Prepared statement of Hon. Michael C. Burgess

    This hearing is the latest in our Disrupter Series covering 
a variety of technologies that are redefining our lives and 
improving our economic condition.
    Over the last week, Black Friday, Small Business Saturday, 
and Cyber Monday flooded our inboxes and took over commercial 
breaks. As the holiday shopping season is in full swing, this 
is a good time to take a look at consumers' experience with 
mobile payments.
    This morning, we will hear from witnesses representing a 
variety of innovative products and services in the mobile 
payments arena. This hearing is an opportunity to learn about 
the innovations that are available to consumers today and in 
the near future, but we recognize there are more exciting 
innovations on the horizon for payments, including mobile 
currencies, which may be a topic for another day.
    Smartphones are increasingly an ever-present part of our 
lives and it's no surprise that they are also changing the way 
we shop for goods and services. You can shop on your tablet in 
front of the TV, compare prices on your phone as you browse in 
a store, and pay without ever pulling out your wallet. 
Consumers have access to more information and competitive 
options at the tip of their fingers during the busiest shopping 
season of the year.
    There has not been this big of an upheaval in how consumers 
pay for goods and services--their groceries or a haircut--since 
computers replaced the old knuckle-busting manual imprinters in 
the 1980s.
    In 2014, 22 percent of mobile phone owners reported making 
a purchase on their phone. Thirty-nine percent used their 
phones to make a purchase in a store.
    When you find the perfect Christmas present, you may be 
able to pay by tapping your phone at checkout or clicking the 
PayPal Check Out button on a mobile Web site.
    When you want to send your friend money for the concert 
ticket they bought for you, all you need is their email address 
or mobile phone number. These mobile payments options include 
protections not available with cash, and are easy to use for 
consumers who may be more likely to have their phone in their 
pocket than exact change.
    Some basic questions remain top of mind for consumers when 
they think about mobile payments: ``Are they safe?'' ``Can I 
use my phone?''
    This hearing is an opportunity to hear from companies 
implementing the cutting edge technologies in mobile payments 
and how they are addressing these and other concerns raised by 
consumers.
    Two of the security topics that are raised by mobile 
payments are authentication, how the device knows you have 
permission to make the payment with the device; and 
tokenization, protecting your payment data through the payment 
process.
    As we all know, passwords are difficult. They are difficult 
to remember and difficult to keep straight which is why many 
people have the same password for multiple accounts. Mobile 
devices offer some alternatives to the traditional password 
that add an additional layer of protection for consumers.
    Authentication is the process that a system uses to verify 
the identity of a person that wants to access that system. Your 
user name and password or passcode is the most typical 
authentication process used to log into a wide variety of Web 
sites.
    Mobile devices have changed how people think about 
authentication. Fingerprints sensors and cameras are found on 
an increasing number of mobile devices. Now, instead of having 
to remember a separate password to unlock your phone or tablet, 
you may be able to use the fingerprint scanner and unlock the 
device with just a touch. This protects the information on your 
phone, including access to payment options.
    Another security feature that is regularly brought up in 
discussions about mobile payments is tokenization. We're all 
familiar with the tokens you get at a fair or an arcade. Tokens 
in mobile payments are similar in concept--replacing the 
valuable currency or payment information with a code that is 
useless in another transactions if a hacker were to steal it.
    As has been the case throughout history, technology has the 
potential to solve problems and improve our lives. Mobile 
payments are no exception to this trend.
    I look forward to hearing from our witnesses about how they 
are leveraging a mix of technologies to provide an easy and 
secure experience for U.S. consumers as we make our way through 
the holiday shopping season.

    Mr. Burgess. And I will yield back the balance of my time 
and recognize the subcommittee ranking member, Ms. Schakowsky, 
5 minutes for an opening statement, please.

       OPENING STATEMENT OF HON. JANICE D. SCHAKOWSKY, A 
     REPRESENTATIVE IN CONGRESS FROM THE STATE OF ILLINOIS

    Ms. Schakowsky. Thank you, Mr. Chairman, for holding this 
hearing and the series of hearings on disrupters. I just 
learned that at my bank, I can now make a deposit by taking a 
picture of the front and back of my check, and my bank will 
take it, although it doesn't account for my husband's really 
bad handwriting and says that it can't verify that the number I 
put in is the number he wrote on the check. That is a problem.
    But I think this holiday shopping season, it is very 
important to hear from our witnesses about this important new 
technology. We do expect mobile payments to double from today 
to 2020. One of the fastest growing sectors of the U.S. 
economy, mobile payments do facilitate transactions with anyone 
from a food truck or farmers market seller or taxi driver, 
parking meter, and they have made buying and selling goods and 
services easier in many ways. But as this technology continues 
to expand, we definitely need to understand how the payment 
structure works, security, consumer protection vulnerabilities. 
How to address those issues is a responsibility of our 
subcommittee. We want to maximize benefits and minimize risks, 
obviously.
    Mobile payment technologies rely on a number of 
nontraditional identifiers such as geolocation, purchase 
preference, phone numbers, email addresses. Those features can 
enhance protections against payment fraud. However, they can 
also put consumers at greater risk if they are unprotected or 
if their use extends beyond managing payments. With regard to 
electronic communications generally, we need to ensure that all 
of the players engaged in mobile payments, hardware and 
software developers, businesses, banks, credit unions, and 
credit card companies, are taking reasonable security measures 
to protect the information that they are handling. We also need 
to make sure that consumers know how these payment structures 
differ from more traditional transactions. Consumers need to 
know how consumer financial liability for these types of 
payments differs from those made using credit or debit cards. 
They should also know how mobile payments can be used to cram 
consumers, running up bills that they never explicitly 
approved. And as the subcommittee responsible for consumer 
protection, we have an obligation to close those and other 
existing loopholes that leave consumers more vulnerable.
    So I look forward to hearing from our witnesses, getting 
their perspectives on opportunities, challenges, and the way 
forward with regard to mobile payments.
    And I yield back my time.
    [The prepared statement of Ms. Schakowsky follows:]

            Prepared statement of Hon. Janice D. Schakowsky

    Thank you, Mr. Chairman, for holding today's hearing on 
mobile payments. I look forward to hearing from our witnesses 
on this important subject, which is all the more relevant 
during the holiday shopping season.
    With mobile payments expected to double from today to 2020, 
this is one of the fastest-growing sectors of the U.S. economy. 
Mobile payments facilitate transactions with anyone from a food 
truck or farmers market seller to a taxi driver, and they have 
made buying and selling goods and services easier in many ways.
    However, as this technology continues to expand, we need to 
understand how these payment structures work, what security and 
consumer protection vulnerabilities exist, and how to address 
those issues to maximize benefits while minimizing risks.
    Mobile payment technologies rely on a number of non-
traditional identifiers such as geolocation, purchase 
preferences, phone numbers and email addresses. Those features 
can enhance protections against payment fraud. However, they 
can also put consumers at greater risk if they are unprotected 
or if their use extends beyond managing payments.
    As I have previously mentioned with regard to electronic 
communication generally, we need to ensure that all of the 
players engaged in mobile payments--hardware and software 
developers, businesses, banks, credit unions, and credit card 
companies--are taking reasonable security measures to protect 
the information they are handling.
    We also need to make sure that consumers know how these 
payment structures differ from more traditional transactions. 
Consumers need to know how consumer financial liability for 
these types of payments differs from those made using credit or 
debit cards. They should also know how mobile payments can be 
used to ``cram'' consumers--running up bills that they never 
explicitly approve. And, as the subcommittee responsible for 
consumer protection, we have an obligation to close those and 
other existing loopholes that leave consumers more vulnerable.
    I look forward to hearing our witnesses' perspectives on 
the opportunities, challenges, and the way forward with regard 
to mobile payments.

    Mr. Burgess. The Chair thanks the gentlelady. The 
gentlelady yields back.
    The Chair recognizes the chairman of the full committee, 
Mr. Upton, 5 minutes for an opening statement, please.

   OPENING STATEMENT OF HON. FRED UPTON, A REPRESENTATIVE IN 
              CONGRESS FROM THE STATE OF MICHIGAN

    Mr. Upton. Good morning. And today we continue our 
Disrupter Series. We have previously examined the Internet of 
things, the sharing economy, and, most recently, drones.
    Today we discuss the growing trend of mobile payments. No 
matter where folks choose to travel or shop, whether it be in 
Michigan, the Nation, or even across the globe, their 
smartphones are ever-present, always at the ready to provide 
direction, daily news and scores, and even make payments. Early 
estimates show that, for the first time ever, more people 
shopped online than in stores over the Thanksgiving holiday. 
Cyber Monday estimates are still being tallied, but we are no 
doubt seeing a fundamental shift in how people are buying the 
goods and services available to them throughout our economy. 
Consumers have more choices than ever before about when and 
where to shop. These choices open up opportunities for 
innovations to take root and spread throughout the economy.
    We have seen this sort of disruption throughout this series 
of hearings, and mobile payments are certainly no different. 
They are impacting how the Internet of things and the sharing 
economy develops. The Disrupter Series remains important as we 
work to better understand how innovations impact consumers, job 
creation, and our economy as a whole.
    Mobile payment technologies have opened up opportunities 
for individuals and businesses alike, so businesses small and 
large can benefit from these disruptions as we have seen with a 
hardware like Square and software like Venmo, which make 
payments easier for small businesses and between respectively. 
These are just two examples in an ecosystem that is bursting 
with growth as more and more Americans get smartphones, 
tablets, and other mobile devices. New technologies and 
competition are responding to consumer needs.
    Mobile payment innovation is happening all over the 
country. However, adoption across the ecosystem continues to be 
a challenge that all businesses in this space are working to 
address. There are a lot of facets to the mobile payment space, 
and I am pleased that today we are going to learn more about 
the options that consumers have, particularly how these options 
can and will continue to improve security for consumers and job 
creators.
    [The prepared statement of Mr. Upton follows:]

                 Prepared statement of Hon. Fred Upton

    Today we continue our Disrupter Series. We have previously 
examined the Internet of Things, the Sharing Economy, and most 
recently drones--and today we discuss the growing trend of 
mobile payments. No matter where folks choose to travel or 
shop, in Michigan, the Nation, and even abroad, their 
smartphones are ever present, always at the ready to provide 
directions, daily news and scores, and even make payments.
    Early estimates indicate that for the first time ever, more 
people shopped online than in stores over the Thanksgiving 
holiday weekend. The Cyber Monday estimates are still being 
tallied, and we are no doubt seeing a fundamental shift in how 
people are buying the goods and services available to them 
throughout our economy.
    Consumers have more choices than ever about when and where 
to shop. These choices open up opportunities for innovation to 
take root and spread throughout the economy.
    We have seen this sort of disruption throughout this series 
of hearings and mobile payments are no different. They are 
impacting how the Internet of Things and the sharing economy 
develop. The Disrupter Series remains important as we work to 
better understand how innovations impact consumers, job 
creation, and our economy as a whole.
    Mobile payment technologies have opened up opportunities 
for individuals and businesses alike. Businesses small and 
large can benefit from these disruptions as we have seen with 
hardware like Square and software like Venmo, which make 
payments easier for small businesses and between friends, 
respectively. These are just two examples in an ecosystem that 
is bursting with growth as more and more Americans get 
smartphone, tablets, and other mobile devices.
    New technologies and competition are responding to consumer 
needs. Mobile payment innovation is happening all over the 
country. However, adoption across the ecosystem continues to be 
a challenge that all businesses in this space are working to 
address.
    There are a lot of facets to the mobile payments space and 
I am pleased that today we will learn more about what options 
consumers have and particularly how those options can and will 
continue to improve security for consumers and job creators.

    Mr. Upton. And I yield the balance of my time to Marsha 
Blackburn.
    Mrs. Blackburn. Thank you, Mr. Chairman.
    And I am so appreciative that we are doing this hearing 
today, and I thank our witnesses. You all are the experts, and 
we have plenty of questions that we are going to have for you. 
Wireless and mobile devices and quick purchases are changing 
things. And this past weekend, my 6-year-old grandson got into 
the app store on my iPhone, found something that he wanted to 
buy, handed me the phone and said, ``Marcia, you need to pay 
for this,'' and, of course, I did not. But I use this 
illustration to make a point of the simplicity and also the 
assumption of our kids and grandkids that it is going to be at 
the scan of a screen or a touch of a button or with great ease 
that you are going to be able to make these purchases on the 
go, in realtime, paid in realtime, and with great convenience 
and security.
    And that is where much of our focus is going to be, whether 
it is the multifactor identification or tokenization or what I 
want to hear from you, the ``what is next?'' Where do you think 
we are going with this? Because convenience, yes, people want 
it. Security, they are going to demand it because they want to 
be able to protect their virtual presence online just as they 
are able to protect their presence in the brick-and-mortar 
relationship with those that they are choosing to do business 
with. So I thank you for the time that you are going to spend 
with us today, your preparation in coming to the committee, and 
I look forward to your thoughts on what is next.
    I yield back.
    Mr. Burgess. The gentlelady yields back. The Chair thanks 
the gentlelady.
    The Chair recognizes the gentleman from New Jersey, the 
ranking member of the full committee, 5 minutes for an opening 
statement, please.

OPENING STATEMENT OF HON. FRANK PALLONE, JR., A REPRESENTATIVE 
            IN CONGRESS FROM THE STATE OF NEW JERSEY

    Mr. Pallone. Thank you, Chairman Burgess.
    During today's hearing, we will discuss the new ways 
consumers are paying for goods and services through their 
mobile devices. At a time when it seems like virtually 
everything is tied to our smartphones, it should come as no 
surprise that we are now able to store credit cards 
electronically, transfer funds directly to our peers, and make 
purchases by simply tapping our phones to a terminal at the 
point of sale.
    These exciting innovations hold promise for consumers. 
Imagine the convenience of being able to send money instantly 
to a friend or family member regardless of location or 
proximity to an ATM. For consumers who forget their credit 
cards at an outing, a mobile peer-to-peer payment could be the 
difference between being squared away and an IOU. The ability 
to store credit cards in your phone may also offer consumers 
some peace of mind that in the event of a lost or stolen phone, 
their information is safe behind a pass code, and a physical 
card is not compromised.
    Perhaps most encouraging for consumers with limited or no 
access to a bank, mobile payments can be a welcome alternative 
for purchasing the goods and services they need. For example, 
the use of mobile payments has skyrocketed in Kenya, where 
access to banking is quite limited.
    With all these new products that involve consumers' 
personal information, however, privacy concerns must be raised. 
In general, mobile payment apps can access a wealth of personal 
data through a user's smartphone, such as phone numbers, 
geolocation, email addresses, and detailed purchase histories. 
Consumers do not know who has access to their information or 
with whom it is shared. This data may be used in ways the 
consumer never intended, including by merchants sending 
unwanted advertising tailored to consumers through their mobile 
devices. And that personal information could also be sold, so 
consumers' location and other private matters are shared with 
the highest bidder. That is why privacy protection should be 
baked into these new mobile pay applications.
    It is also important that consumers are ensured a secure 
transaction through a mobile payment system. As with any mobile 
device or application, digitally stored or transmitted 
information is hackable. With the major data breaches of the 
past few years still fresh in consumers' minds, mobile payment 
users will understandably be hesitant about using an app if 
there is no protection from hackers who may try to intercept 
their personal information. It has been made clear through this 
series of hearings on disrupters, innovation, and consumer 
protection must go hand-in-hand for these new technologies to 
flourish. Mobile payments present an exciting opportunity to 
make e-commerce a more seamless experience for consumers, and I 
look forward to hearing from today's witnesses on this topic.
    Thank you, Mr. Chairman, and I yield back.
    [The prepared statement of Mr. Pallone follows:]

             Prepared statement of Hon. Frank Pallone, Jr.

    Thank you Chairman Burgess. During today's hearing, we will 
discuss the new ways consumers are paying for goods and 
services through their mobile devices.
    At a time when it seems like virtually everything is tied 
to our smartphones, it should come as no surprise that we are 
now able to store credit cards electronically, transfer funds 
directly to our peers, and make purchases by simply tapping our 
phones to a terminal at the point of sale.
    These exciting innovations hold promise for consumers. 
Imagine the convenience of being able to send money instantly 
to a friend or family member regardless of location or 
proximity to an ATM. For consumers who forget their credit card 
on an outing, a mobile peer-to-peer payment could be the 
difference between being squared away and an I.O.U.
    The ability to store credit cards in your phone may also 
offer consumers some piece of mind that, in the event of a lost 
or stolen phone, their information is safe behind a passcode 
and a physical card is not compromised.
    Perhaps most encouraging, for consumers with limited or no 
access to a bank, mobile payments can be a welcome alternative 
for purchasing the goods and services they need. For example, 
the use of mobile payments has skyrocketed in Kenya, where 
access to banking is quite limited.
    As with all new products that involve consumers' personal 
information, however, privacy concerns must be raised.
    In general, mobile payment apps can access a wealth of 
personal data through a user's smartphone, such as phone 
numbers, geolocation, email addresses, and detailed purchase 
histories. Consumers do not know who has access to their 
information or with whom it is shared. This data may be used in 
ways the consumer never intended, including by merchants 
sending unwanted advertising tailored to consumers through 
their mobile devices. That personal information also could be 
sold, so consumers' location and other private matters are 
shared with the highest bidder. That is why privacy protections 
should be baked into these new mobile pay applications.
    It is also important that consumers are ensured secure 
transactions through a mobile payment system. As with any 
mobile device or application, digitally stored or transmitted 
information is hackable. With the major data breaches of the 
past few years still fresh in consumers' minds, mobile payment 
users will understandably be hesitant about using an app if 
there is no protection from hackers who may try to intercept 
their personal information.
    It has been made clear through this series of hearings on 
disrupters, innovation and consumer protection must go hand in 
hand for these new technologies to flourish.
    Mobile payments present an exciting opportunity to make e-
commerce a more seamless experience for consumers, and I look 
forward to hearing from today's witnesses on this topic. Thank 
you and I yield back.

    Mr. Burgess. The gentleman yields back. The Chair thanks 
the gentleman.
    And this concludes Member opening statements. The Chair 
would remind Members that, pursuant to committee rules, all 
Members' opening statements will be made part of the record.
    And we do want to thank our witnesses for being here this 
morning and taking time to testify before the subcommittee. Our 
witness panel today--and we do have a good and great group--our 
witness panel for today includes Mr. John Muller, the senior 
vice president for global payments policy at PayPal; Ms. 
Jessica Deckinger, chief marketing officer at the Merchant 
Consumer Exchange; Ms. Sarah Jane Hughes, university scholar 
and fellow in commercial law at the Indiana University School 
of Law; and Mr. Sang Ahn, chief commercial officer at U.S. 
Samsung Pay.
    We appreciate all of you being with us this morning. We 
will begin the panel with you, Mr. Muller.
    And each you of will be recognized for 5 minutes for a 
summary of your opening statement.
    Mr. Muller, you are recognized.

  STATEMENTS OF JOHN MULLER, VICE PRESIDENT, GLOBAL PAYMENTS 
POLICY, PAYPAL; JESSICA E. DECKINGER, CHIEF MARKETING OFFICER, 
   MERCHANT CUSTOMER EXCHANGE; SARAH JANE HUGHES, UNIVERSITY 
  SCHOLAR AND FELLOW IN COMMERCIAL LAW, MAURER SCHOOL OF LAW, 
INDIANA UNIVERSITY; AND SANG W. AHN, CHIEF COMMERCIAL OFFICER, 
         U.S. SAMSUNG PAY, SAMSUNG ELECTRONICS AMERICA

                    STATEMENT OF JOHN MULLER

    Mr. Muller. Thank you, Mr. Chairman and Ranking Member 
Schakowsky, and the other members of the committee. Thank you 
for the opportunity to testify on behalf of PayPal. My name is 
John Muller, and I am vice president of payments policy for 
PayPal. And PayPal has been involved in mobile payments now for 
16 years and started with the cutting-edge payments mobile 
device of its time, which was the PalmPilot, you may remember, 
the personal digital assistant without phone capability, but a 
very portable device. And PayPal was actually built to beam 
payments from one PalmPilot to another. At that point, we 
quickly realized that more people had email and Internet access 
than owned a palm pilot palm pilot, but we have now come back 
full circle to a focus on mobile payments to the point that 
last year we processed 1 billion payments from mobile devices 
all around the world, and just in the last quarter of this 
year, the growth rate continues, and we processed 345 million 
mobile payments. I have some more information on PayPal in the 
prepared statement, so I wanted to shift a little bit and just 
make a few high-level points about mobile payments and where we 
stand today.
    One point is payments follows commerce, and it follows 
where people spend their time. Very few people, maybe the 
people on this panel excepted, make a payment just for fun or 
just to try it out. There is always a purpose behind it, and 
for most of us, the purpose is commerce, or the purpose might 
be to pay back a friend. And increasingly, we are doing our 
shopping on mobile devices, and we have our mobile devices with 
us when we are out with a friend or contacting a friend, so it 
is only natural for payments to be part of that broader mobile 
experience.
    Another point is that payment has been mobile for quite 
some time. There are few things more portable than paper 
currency and coins or a plastic card. What is really new about 
the new generation of mobile payments is the opportunity for 
all of us in the payments industry to take advantage of what 
the technology makes available, namely increased security 
through things like the device identifier or geolocation on the 
device or biometrics on the device--the thumbprint being the 
first live version of that, but certainly more to come in that 
arena. And then, to that security, add a better user experience 
compared to just paying with cash or a card: things like 
automatically recognizing my loyalty program, giving me points, 
giving me choice of funding methods. So if I have a card, a 
plastic card, then I have to use that card. If I have a digital 
wallet like PayPal or the other wallets, I can use my mobile 
device in realtime to switch among all the different payment 
methods that I have available. So those are some of the reasons 
why we see the growing popularity of mobile payments.
    Another point I wanted to make is we often use the term 
broadly mobile payments, and it really covers to a large degree 
three different fields. One--and certainly the one that 
predominates for PayPal and many other payment companies--is 
using the mobile device as a substitute for what a few years 
ago would be a transaction on the laptop or desktop computer, 
so just communicating with a new kind of device but really very 
similar to the kind of e-commerce transactions we were doing in 
the early 2000s.
    The second type--and certainly the one that gets a great 
deal of attention for good reason now because the opportunity 
to touch not just e-commerce but physical commerce--is using 
the phone as a substitute for the plastic card and paying at a 
physical point of sale.
    And then the third type, certainly not to diminish it in 
any way, equally important, is using the mobile device as a way 
of enabling businesses, mostly small businesses, to accept 
cards and other payment methods electronically in a mobile 
business environment, whether it is a food truck or a farmers 
market or any of the other many opportunities that small 
businesses use for devices, attaching a small reader to their 
device and using it usually to swipe a card or enter another 
payment method. Companies like Square and PayPal have made that 
available to small businesses all over the country. And all of 
those are different types of mobile payments, but it is 
important to recognize that there are distinctions among the 
three.
    And then, finally, also important to recognize that the 
field is already regulated. We have to give credit to the 
drafters in particular of the Electronic Fund Transfer Act. 
When they created consumer protections for what at the time was 
primarily the ATM card quite a few years ago, they drafted the 
statute in terms of access devices and financial accounts, not 
limited to plastic cards or any other kind of specific 
technology. So an access device can be a password or a phone or 
any other device, and the consumer protections remain in place 
supplemented by the zero liability programs that Visa and 
MasterCard and PayPal all offer to buyers. So I just wanted to 
make those broader points.
    And, with that, I will conclude my remarks. Thank you, and 
I look forward to the questions.
    [The prepared statement of Mr. Muller follows:]
    
    
    [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
    
    
    
    Mr. Burgess. The Chair thanks the gentleman.
    And, Ms. Deckinger, you are recognized for 5 minutes.

               STATEMENT OF JESSICA E. DECKINGER

    Ms. Deckinger. Thank you, Mr. Chairman, Ranking Member 
Schakowsky, and distinguished members of the subcommittee. 
Thank you for the opportunity to testify on behalf of Merchant 
Customer Exchange for MCX. We appreciate the invitation to 
appear before the subcommittee to discuss the rapidly 
developing and evolving mobile payment space. The 
subcommittee's interest in the topic is welcome as mobile 
payment solutions are rapidly moving to the forefront of 
consumer technology innovations, both in the United States and 
globally.
    Who is MCX? So the Merchant Customer Exchange was founded 
by a leading group of U.S. merchants in 2012 to create a 
broadly accepted mobile commerce platform. MCX's members 
include retail leaders in the big box, convenience, fuel, 
grocery, quick service, full dining, and specialty retail 
travel categories. MCX is focused on creating convenience for 
consumers by allowing them to securely pay for goods and 
services from their handheld mobile device while also providing 
opportunities for merchants to directly connect with consumers 
to provide offers, loyalty programs, and more direct 
interaction with the merchants they shop with. I prepared a 
short video for you to get a sense of what CurrentC, our app, 
is all about.
    [video shown.]
    Ms. Deckinger. This new network will benefit a wide range 
of consumers in three ways: One, delivering a better shopping 
and payment experience by enabling customers to interact 
directly with merchants through virtually any smartphone; two, 
safeguarding consumers and merchants by maintaining the direct 
relationship that merchants have with customers and protecting 
customer data; three, bringing balance to the payments 
ecosystem.
    Together MCX's member companies process in excess of $1.2 
trillion in payments annually, giving MCX scale and ubiquity 
that will allow consumers to use their smartphones wherever 
they may shop. MCX brings together the best-in-class technology 
and mobile payments partners to create an unparalleled network 
in the mobile space. To achieve this goal, MCX has launched its 
own proprietary application called CurrentC that can be 
downloaded to any smartphone a customer may choose.
    We have conducted private rollouts with leading retailers 
and their employees, and as of September 15, 2015, this year, 
we are currently in a public beta operating in Columbus, Ohio. 
The purpose of our beta in Columbus is to gather additional 
learnings from consumers and merchants to continue to refine 
and improve the product to meet the needs of both consumers and 
the merchants. Expansion of the rollout will continue as 
additional merchants and partners go live in Columbus through 
the balance of 2015 with national public availability currently 
anticipated in 2016.
    Today consumers' experiences with payments can differ 
fairly drastically depending on where they are shopping. At a 
fuel station, they may be asked to dip their card or type their 
ZIP Code in to begin fueling. At a sit-down dining 
establishment, consumers wait for the server before physically 
relinquishing their card to the establishment. Other merchants 
have more self-service experience, where consumers swipe their 
own cards at checkout. And we have specifically designed our 
technology platform to support the best, most progressive 
technologies to deliver an optimal payments experience at any 
merchant to serve their customers in the best way possible.
    To deliver that best consumer experience at merchants, we 
are leveraging several types of technology solutions. We remain 
open to new technologies and are always looking to source the 
very best options for consumers and our merchants. At present, 
we are working with several different innovative technologies, 
including QR codes, Bluetooth low-energy beacons, and 
geolocation, providing the best user experience regardless of 
location.
    Fundamentally the current payment system works well from a 
consumer's perspective. Swiping a credit or debit card is 
widely accepted, easy to do, and familiar. MCX and its 
merchants are focused on providing consumers new, more 
convenient, and more rewarding, and safer ways to shop.
    CurrentC provides incentives to consumers in four important 
ways. Wide acceptance: Our owner-merchants already include 
national leading retailers and regional leaders in large-
format, convenience, pharmacy, fuel, drug, grocery, quick, 
full-service dining, specialty retail, and travel categories. 
We are focused on acceptance in the places where consumers shop 
every day. Developing that network will give consumers the 
ability to shop with frequency and to develop muscle memory 
using CurrentC, allowing it to replace the card swipe over time 
while providing additional security and convenience.
    At MCX, we are technology agnostic. CurrentC is available 
on any smartphone regardless of model. We believe the consumer 
should have the convenience of mobile payments regardless of 
their hardware choices. And because CurrentC is cloud-based, it 
is easily transferrable should a consumer choose to change 
their chosen mobile device solution.
    We have also partnered with merchants to provide CurrentC 
payments network to consumers within the merchant's own 
priority apps. This means a consumer can choose to access 
CurrentC directly or have the ability to garner the same 
benefits if they wish to use the merchant app which they use 
every day.
    Merchants value their relationships with their customers 
and want to enhance those relationships, adding value that 
motivates consumers to shop in store with faster, safer, and 
more secure way to transact. CurrentC delivers by including 
consumer loyalty cards and accounts, empowering consumers to 
apply offers, coupons, promotions, and when they pay in a 
single transaction. Our solution is designed to combine all 
those benefits instantaneously together in one QR code read so 
that a consumer no longer has to remember a phone number to 
activate their loyalty account or use their key chain to get 
discounts.
    Because CurrentC is tied directly into the POS terminals at 
our merchants, we have the ability to deliver additional 
benefits, such as item level coupons, which alleviates the need 
to either clip or carry paper coupons or discount offers, all 
in an effort to provide flexibility, choice, and the ability to 
benefit from offers and loyalty directly from their handheld 
device.
    Currently, we are testing several discount and incentive 
programs in Columbus. Two of our most popular are a coupon for 
a free Frosty, which is an ice cream cone, with every purchase 
at Wendy's, and a $5 bonus extra care box with a first purchase 
using CurrentC at CVS. What we are seeing is that to the 
average consumer, these are tangible motivators.
    Consumers will have the freedom to pay using a variety of 
financial accounts, including personal checking accounts, 
merchant gift cards, private label credit and debit cards, and 
general purpose credit and debit cards.
    MCX recently signed a partnership with JPMorgan Chase which 
will increase options available in the CurrentC wallet by 
enabling Chase customers to use their Chase cards wherever 
CurrentC is accepted. It is anticipated that additional general 
purpose credit and debit cards will be available in the future.
    At MCX, we are always open to adding new forms of payment 
that will provide greater convenience to consumers and allow 
them to realize the benefits and incentives of moving to paying 
with their favorite merchants using CurrentC mobile payments 
platform. At MCX, we are focused on leveraging innovative and 
secure technology.
    Consumers are inundated with headlines around data breaches 
and identity theft. As a result, they have become more aware of 
the vulnerability of various payment methods and technology. 
However, many consumers remain in the dark about how to 
leverage the latest security technologies in their everyday 
lives. At MCX, we believe it is incumbent on mobile payment 
technologies like ours not only to use the latest security 
technology but to help educate consumers on how it is working 
for them. We are leveraging cloud technology to avoid storage 
of any sensitive consumer information on the phone or 
transferred at the POS. Our app uses secure dynamic tokens 
uniquely generated for each individual transaction to 
facilitate transactions instead of constantly passing data 
between the consumer, merchant, and financial institution. In 
the simplest term, using a dynamic token means that the 
consumer can feel assured that their personal financial 
information or payment information is never stored on the 
device, is never stored on the merchant POS, and even if the 
dynamic token was stolen, it is worthless because it can never 
be used again.
    CurrentC was designed to ensure consumers are in control of 
their own personal security. It provides visual evidence to 
demonstrate that our security measures are working for them.
    Mr. Burgess. Ms. Deckinger, let me ask you to please wrap 
up. We have other witnesses to hear from.
    Ms. Deckinger. OK. Thank you. I will just finish this 
section and then finish. Our registration process includes 
several security questions, a four-digit PIN, and consumers can 
disable their phones easily and quickly.
    We want to reiterate our appreciation for your interest in 
mobile payments technologies and providing Merchant Customer 
Exchange the opportunity to share about our innovation and 
currently underway in the mobile payments space. We truly 
believe that mobile payments will provide a better opportunity 
for merchants and consumers to experience an improved 
experience overall. Thank you.
    [The prepared statement of Ms. Deckinger follows:]
    
    [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
    
    
    
    Mr. Burgess. The Chair thanks the gentlelady.
    Ms. Hughes, you are recognized for 5 minutes, please.

                 STATEMENT OF SARAH JANE HUGHES

    Ms. Hughes. Thank you, Mr. Chairman.
    Mr. Chairman, Ranking Member Schakowsky, Representative 
Brooks from Indiana, and other honorable members of the 
subcommittee and committee who are present today, I am very 
pleased to be here with you to talk about mobile payments 
generally, and with the microphone, it will be even better--
yes--and to talk about consumers in today's marketplace, and I 
am especially pleased not only to be here with you but to be 
here with my longtime professional acquaintance, John Muller of 
PayPal.
    I have three disclaimers that are unique to me and a couple 
of others that relate to mobile that I think I should say. 
First, I am not here as a representative of Indiana University, 
so the trustees don't stand behind what I say. This is my 
personal opinion. I am also not here as a representative of the 
Uniform Law Commission, although I am currently working on a 
virtual currency project with them. And I am not here as a 
representative of the Federal Reserve System's Faster Payments 
Task Force, even though I am also working with them on that. So 
those are the formal usual disclaimers.
    Now the personal ones. I do use PayPal, and I use PayPal on 
my phone. I do use Square, particularly to buy tickets and buy 
things, as Mr. Muller said, at farmers markets and at arts and 
crafts fairs and to make ticket purchases, and I use both 
Square and PayPal to make charitable contributions because it 
is not just the Christmas shopping season that we have right 
now; it is also the end-of-year charitable fund drive, and 
mobile payments are very important to charities. And as John 
segregated, even stationary e-commerce payments are very 
important to charities.
    I don't use Apple Pay or Samsung, and the reason is because 
I don't have a new enough phone to make an Apple Pay, and I 
don't happen to be carrying Samsung.
    So the committee asked us to look at four questions, and in 
the interest of time, the first was whether mobile payments 
were disrupting other forms of payments. And I personally 
believe the answer is not yet. And I am not certain when that 
moment will come when that will happen, but I think that it is 
a question of a level of adoption, and I am not positive, given 
that mobile payments will continue to rely on credit, debit, 
and other traditional sources of the funds for clearing and 
settlements, the degree to which mobile payments will disrupt 
in the way that we typically use the term. I would prefer to 
say that mobile payments can augment.
    The second question the committee asked me to discuss was 
the security and what the technologies are. And while I agree 
that there have been some significant upturns in security, I 
like multifactor authorization, which we do not yet have with 
plastic cards in this country, but in other countries, we do. I 
like the tokenization options, and I like the geolocation 
options from a security perspective. I must be honest: from a 
privacy perspective, I don't like the geolocation option quite 
so much, but that is because I am really a privacy hawk, and so 
I think that that is a significant issue.
    The hurdles that are existing to widespread consumer 
adoption of mobile payments include something that MCX is going 
to solve by allowing ubiquitous types of utilities. But the 
other hurdle I believe requires significant consumer education 
expenses on the parts of the companies that are engaged in 
this, and I don't know whether you noticed, but yesterday, I 
saw an ad, I thought, for Samsung on this score. And I know 
that there have been others, but I think that there is an 
absence of consumer education which could be significantly 
enhancing the opportunities in this field.
    Security depends in part on the contract between the user, 
me, and the providers. And so in addition to the Electronic 
Fund Transfer Act, which is older than my oldest child, who is 
37, I think it also depends on the degree of supervision of 
payment processors who are not the providers and not chartered 
financial institutions to take good care of security in the 
middle.
    And the next question that you asked involved privacy in 
this ecosystem. Many years ago now, by comparison, the privacy 
was put into place in the Gramm-Leach-Bliley bill, and the 
banks live with other privacy opportunities and 
responsibilities that they believe are considerable.
    I would welcome any questions that the committee may have. 
Thank you.
    [The prepared statement of Ms. Hughes follows:]
    
    [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
    
    
    
    Mr. Burgess. The Chair thanks the gentlelady.
    Mr. Ahn, you are recognized for 5 minutes, please.

                    STATEMENT OF SANG W. AHN

    Mr. Ahn. Chairman Burgess, Ranking Member Schakowsky, and 
distinguished members of the subcommittee, thank you for the 
opportunity to testify on behalf of Samsung Electronics 
America. For today's hearing, I would like to introduce you to 
Samsung Pay, which combines security, simplicity, and 
widespread acceptance like no other mobile payment solution. 
Whether it is fighting fraud or helping consumers zip through 
Black Friday checkout lines, Samsung Pay benefits consumers, 
retail merchants, and financial institutions.
    For consumers, Samsung Pay is accepted virtually anywhere 
you can swipe or tap a card. It is secure, easy to use, and 
simple. Swipe up--I will demonstrate on my phone. Swipe up to 
launch the application. Confirm your identity with a 
fingerprint. Hover the device over the payment terminal and 
pay. It is that simple and has the widest acceptance of any 
mobile payment service.
    For merchants, Samsung Pay helps merchants provide a 
secure, innovative, and fast payment experience. Samsung Pay 
supports all payment terminal types, including magnetic stripe, 
NFC, and EMV terminals. For financial institutions, Samsung Pay 
has security features, including tokenization and fingerprint 
authentication, that limit fraud and reduce liability. So those 
are Samsung Pay's benefits in broad strokes.
    Importantly, our innovation was made possible by the 
Government's decision to have consumers pick the winners in the 
mobile payments space without additional regulations. Going 
forward, Congress should continue to allow consumer choice to 
drive innovation and differentiation in this space.
    Before diving further into Samsung Pay, it might help if I 
highlighted Samsung's presence in America and how our U.S. 
employees are contributing to Samsung Pay. Headquartered in New 
Jersey and with facilities in Dallas, Palo Alto, Austin, South 
Carolina, New York, and Massachusetts, Samsung Electronics 
America is a recognized innovation leader in smartphones, 
consumer electronics, IT, and home appliances. We employ 
approximately 15,000 people in America, and our $15 billion 
investment in our Austin semiconductor plant is the largest 
single site foreign direct investment in America. In regard to 
Samsung Pay, our U.S. employees have driven much of Samsung 
Pay's development and success.
    Several years ago, Samsung Pay's R&D teams examined mobile 
payments. We found that consumers would transition from plastic 
cards to mobile payments if the technology solution is, one, 
secure; two, simple to use; and, three, widely accepted at most 
merchants nationwide. We concluded that many companies can make 
a secure and easy-to-use mobile payment solution, but the trick 
is making the payment solution widely accepted by merchants. 
Current solutions rely on NFC, near field communications. 
Although NFC shows great promise, only a small fraction of 
merchants in the United States have adopted NFC-equipped point-
of-sale terminals. Without the infrastructure in place for 
accepting NFC-based transactions, consumer acceptance of NFC-
only mobile payment services has remained low.
    Enter Samsung Pay. Unlike other mobile wallets in the 
market, Samsung Pay lets you pay at most any terminal where you 
can swipe a credit card. To accomplish this, we are using an 
innovative new technology known as MST, magnetic secure 
transmission. MST leverages magnetic stripe technology already 
accepted by more than 30 million merchants around the world. 
Specifically, MST emulates a swipe transaction thanks to a tiny 
coil in our phones that transmits the same magnetic data and 
code that magnetic stripe readers normally get from a credit 
card or debit card. By including both MST and NFC technologies 
in our phones, Samsung Pay enables customers to make secure 
payments almost anywhere regardless of the merchant's point-of-
sale equipment.
    Because of Samsung Pay's wide merchant acceptance, we can 
make a meaningful contribution to payment security by enabling 
the largest footprint of secure, tokenized payments. With 
tokenization, Samsung Pay never provides a consumer's personal 
account number to a merchant. Instead, Samsung Pay provides 
merchants with tokens yielded created by the consumer's credit 
card company that enable the merchant to process the 
transaction without exposing sensitive customer information to 
potential data thieves.
    Samsung Pay utilizes biometrics as well, which allows users 
to apply a fingerprint to the phone's built-in sensor to 
authenticate a transaction. Additionally, our smartphones 
incorporate the Samsung KNOX security platform, keeping all 
payment data locked and secure.
    Finally, getting user privacy right is critical. For 
Samsung Pay, we do not and cannot monitor user purchases. The 
transitional details areencrypted and can only be decrypted on 
a consumer's device.
    Samsung wants all consumers, regardless of income, to make 
secure payments. No other mobile manufacturer reaches as 
diverse an audience as Samsung or offers its consumers such a 
wide array of innovative products at different price points. 
Accordingly, we closely are examining how to include Samsung 
Pay in a greater range of devices. As we do so, we would 
welcome your thoughts any input from your constituents.
    Thank you, again, for holding this hearing and allowing 
Samsung to share our thoughts and benefits about mobile 
payments.
    [The prepared statement of Mr. Ahn follows:]
    
    [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
    
    
    
    Mr. Burgess. The Chair thanks the gentleman.
    The Chair thanks all of our witnesses for providing 
testimony today and food for thought.
    We will move into now the Member question part of the 
hearing. I will begin recognizing myself for 5 minutes for 
questions.
    Ms. Deckinger, let me just ask you, obviously, we have 
heard from Mr. Ahn about some things that are rather device-
specific, but you talk about being agnostic as to the type of 
device. So how does that interplay into the consumer experience 
having a device, any device, which is then able to use your 
product?
    Ms. Deckinger. Thank you so much for your question. We are 
very focused at MCX on creating consumer choice and enhancing 
that, making it available to all consumers. We feel like it is 
very important to have consumers have the option to use 
whatever device they would like to. Therefore, we have designed 
our technology to work on all devices, all smartphones. 
Virtually any smartphone that a consumer has can leverage our 
technology pretty easily.
    Mr. Burgess. I have got to ask the question. What about a 
flip phone? Some of us still have them.
    Ms. Deckinger. We are not quite there yet.
    Mr. Burgess. Not quite there yet. Mr. Ahn, you bring up 
some great points, and I think you heard Ranking Member Pallone 
talk about providing services to the unbanked in places where 
the infrastructure for check to bank does not exist, whether it 
be because of civil strife or warfare or poverty. So you 
actually could to some degree bridge that gap, could you not, 
with the devices that you are talking about?
    Mr. Ahn. That is right. We have the opportunity through our 
phone ecosystem--and remember we have over 700 million devices 
in market around the world, and we are a global company--we 
have the opportunity through application to provide payment 
solutions that are relevant for consumers. What we are doing in 
the United States with our recent launch of Samsung Pay is 
providing an opportunity for the user, the consumer, to pay at 
any merchant location, whether it is a big box retailer, like 
many of the MCX merchants, or small mom-and-pop shops.
    MCX, as you remember, there are many partners within MCX 
that we are very close with; we are in discussions as partners. 
MCX is designed to be a large consortia of the largest 
merchants, and they are relevant and important from a consumer 
experience point of view. However, we think that we need to go 
beyond just large box retailers into mom-and-pop stores. 
Anywhere there is a transaction, we want to be there for the 
consumer. So that is our near-term opportunity.
    Having said that, I think it is the early stages of this 
payment ecosystem, and all innovations are helpful. As a rising 
tide lifts all boats, we want all innovations to succeed and 
move the payment ecosystem forward, primarily creating 
additional security for the user moving forward.
    Mr. Burgess. Very good. Mr. Muller, let me just ask you, 
PayPal, one of the originals and I think when I ran my first 
campaign 13 or 14 years ago, I actually had a PayPal option as 
far as for people who wanted to support. You have probably had 
more experience in this space than almost anyone else. How do 
you leverage the security? How do you add layers of security to 
or additional layers of security for the transactions for the 
consumers?
    Mr. Muller. So it is always a matter of trying to add 
security with user convenience and the user experience, and 
that is what the mobile device offers in a somewhat unique way, 
is the way to improve both the user experience and security, 
and that is a rare thing in the payments field, through the 
kinds of technologies we have already mentioned, like the 
device location or unique device identifier, and do it in a way 
where the user controls what information they are sharing. So 
that is the Holy Grail we are all trying to achieve. And I also 
want to emphasize that all the same risk programs are still 
running in the background, so we don't assume that there is a 
silver bullet type solution in security. So even if we do have 
a customer who is taking advantage, say, of the fingerprint 
authentication or device location and they pass that test, we 
are still running all these other tests in the background 
looking for risk variables in the transaction. So it is a 
matter of adding to risk-reducing programs that already exist, 
not substituting them purely with new types of authentication 
or security.
    Mr. Burgess. Well, thank you. This is not a question. It is 
an observation. We had a hearing here not too terribly long ago 
about senior citizens who were taken advantage of by various 
phone solicitations. And as this technology becomes easier and 
more ingrained, I would just ask you to be thinking about, you 
have always got to stay one step ahead of the very clever thief 
out there, so to help protect senior citizens against this type 
of activity, do be thinking about what type of safeguards may 
be incorporated into the technology.
    With that, I am going to recognize Ms. Schakowsky for 5 
minutes for questions.
    Ms. Schakowsky. So, Ms. Deckinger, we celebrated Small 
Business Saturday. I went to a number of small businesses, took 
selfies, in my neighborhood. So your technology right now 
really favors larger operations. Right?
    Ms. Deckinger. At the moment, yes. We are in the early 
stages of a pilot at the moment. So we are still developing our 
technology and working to build a network that consumers can 
use CurrentC in places where they shop every day, yes.
    Ms. Schakowsky. I wanted to ask some questions about 
consumer privacy.
    Professor Hughes, what kind of data is collected by these 
apps, and is that data different from what a more traditional 
means of payment might collect, like a credit card?
    Ms. Hughes. Thank you, Ms. Schakowsky. I think it depends a 
great deal on the system. Mr. Ahn has just said that Samsung 
Pay which was relatively recently introduced in the United 
States, does not have, does not allow the merchant to see any 
of the information, and so the authentication device does not 
share that information with the merchant. It operates in a more 
traditional way, like an escrow service, if I understood you 
correctly, for that information. You keep it, and you are 
passing the payment through, but you are not passing the 
consumer's information through. PayPal----
    Ms. Schakowsky. Is that a correct description?
    Mr. Ahn. That is correct. The way we implement today is we 
send a data package over that is completelyencrypted, and no 
one sees what is inside.
    Ms. Schakowsky. Is that unique to your company?
    Mr. Ahn. No, it is not.
    Ms. Schakowsky. But it is not mandated in any way right 
now. Right?
    Mr. Ahn. This is one implementation of tokenization that is 
prevalent in the market by leading technology companies.
    Ms. Schakowsky. OK. Go ahead.
    Ms. Hughes. I was about to say, but I think your 
clarification was extremely helpful, that PayPal also operates 
in an escrow mode because the transaction flows into PayPal, 
and then PayPal processes the payment transaction in a way that 
is lots more like an escrow than many people believe. That is 
not true of every app that might be available, which is one of 
the reasons why I said when it comes to security and, indeed, 
to privacy also, it really depends on who the provider is, 
whether it is a branded company like PayPal and Samsung, 
whether it is an app for another purpose.
    The manner in which tokenization is employed is also very 
random at this stage, so there are a number of alternatives 
that do not have the same levels of security and/or customer 
privacy as Samsung and PayPal have.
    Ms. Schakowsky. You know, my experience with these kinds of 
things is that they ask you to accept the deal. And that is 
preceded by a lot of stuff on a very small device that you have 
to figure out in legalese whether or not you push accept. I 
would challenge almost anyone whether or not they carefully 
scrutinize those things before pushing ``I accept'' and then 
moving on to use. I am just wondering if since there are 
alternatives, some more secure than others, should there be 
some standardization? Should there be some requirements to 
protect consumer privacy?
    Ms. Hughes. I had mentioned earlier that I am a privacy 
hawk, but I believe very firmly that everybody should have the 
privacy protections that Congress and many States have already 
provided, basically Congress has provided. I believe that 
everybody should have the same access to those privacy 
protections, but I also believe that one of the dynamic forces 
in mobile payments is the ability to compete to provide better 
than other people do. So the companies that are working with 
multifactor authentication, working with tokenization, that are 
doing, as Mr. Muller suggested, continuing to run their risk 
platforms, which are old-fashioned, artificial intelligence 
operations in the background that are monitoring the payments 
transactions that are coming through their systems. As long as 
there is a floor, then I believe people should be able to 
compete to offer better tokenization, more extensive or 
unique----
    Ms. Schakowsky. That is something we are going to have to 
consider if we think competition based on level of risk and 
protection for consumers is a legitimate way to compete.
    I have actually run out of time, so I am going to I yield 
back.
    Ms. Hughes. Would you like me to answer the question?
    Ms. Schakowsky. Yes, sure.
    Ms. Hughes. I think the answer is right now among the 
various payment systems in the United States, there is already 
a broad array of risk that relates to privacy and security. And 
because we have silos around different kinds of payments, this 
has been the constant in the marketplace back to the 1970s or 
the early 1960s. And efforts to harmonize that were not 
successful in the past, and whether they can be successful in 
the future remains to be seen.
    Ms. Schakowsky. Can I just say, I am not talking about 
necessarily harmonizing the method or the technology, but I am 
talking about setting a level of risk that is acceptable in the 
marketplace. So I need to move on.
    Mr. Burgess. The Chair thanks the gentlelady.
    The Chair recognizes the vice chair of the full committee, 
Mrs. Blackburn, for 5 minutes for questions, please.
    Mrs. Blackburn. Thank you, Mr. Chairman.
    Ms. Schakowsky might be moving on, but I will just kind of 
put a comment to the end of her words. We have had a privacy 
and data security working group here at Energy and Commerce, 
and we all are focused on making certain that consumers are 
safe in the marketplace. And Mr. Welch and I have worked on a 
data security bill. And we continue to try to push this forward 
so that we can do some preemption, establish some breach 
notification, and bring some certainty to bear. So I appreciate 
the questions that are being asked around this issue this 
morning, and we hope that you appreciate them too.
    Ms. Deckinger, I want to come to you. Those of us who 
appreciate the virtual marketplace and want to see people in 
it, and then we see articles like this, and it makes you go 
``ouch.'' It is the ``Apple Pay Rival and Walmart-Backed MCX 
Hacked, User Emails Snatched.'' And this was in your beta test 
period. It was October 2014. That was a Forbes article that was 
written about this.
    And, Mr. Chairman, I am going to pass this down so Ms. 
Schakowsky can see it because I know she is, like me on this 
privacy issue, very concerned about that.
    I want you to provide some information about that hack and 
what you did on resolving it.
    Ms. Deckinger. Yes. Thank you so much for the question. So 
a subcontractor of MCX, not MCX itself, had a security incident 
where some emails were released. That subcontractor was 
immediately terminated as a partner.
    Mrs. Blackburn. How long did it take you to isolate the 
hack?
    Ms. Deckinger. Immediately. We also opted to notify folks 
within hours of finding out, very rapidly after finding out 
that this occurred, and we have taken extensive precautions. 
Security is very important to us. Obviously, it is very 
important to our users. We have taken extraordinary precautions 
now to address any issues that we found with that subcontractor 
with additional subcontractors that we have then partnered with 
in the future. We continue to evolve our security platform and 
are always looking. There are always, as someone mentioned 
earlier, clever and creative criminals out there who will seek 
to look for data, and no security is perfect. But we are 
working hard to achieve a----
    Mrs. Blackburn. OK. Let me pick up on that evolution in 
this process. Talk to me about what precautions you are taking 
around data security when it comes to the multifactor 
authentication or tokenization. What are you moving toward, and 
are you pleased with those advances? And I am coming to each 
one of the rest of you on this panel, so get ready. The clock 
is ticking, 30 seconds.
    Ms. Deckinger. So we have a cross-functional security 
council internally within MCX. We work together regularly and 
meet regularly to discuss the latest technology innovations, 
the latest security innovations. We are always evaluating what 
is possible to make things more secure for consumers, to make 
them more secure for merchants and for the app. We are always--
always--implementing the state-of-the-art technology that we 
can, whatever is available for us to implement, and we will 
continue to do so. Obviously, the trust of consumers and their 
feeling of security when using an app is of the utmost 
importance, and we recognize that, and so we have worked to 
make sure that we are always sitting on the cutting edge.
    Mrs. Blackburn. OK.
    Mr. Muller?
    Mr. Muller. OK. I think for all of us, you will probably 
hear the theme that it is constant battle and constant 
investment in security because the fraudsters are out there 
also continually changing their methods of attack. And so we 
have tried to make that investment, and it is certainly a huge 
part of our cost base. And then we also try to do what we can, 
first of all, to minimize data collection, because, frankly, if 
we don't have the data, then even if we were somehow to be 
breached, it would be less vulnerable.
    Mrs. Blackburn. OK. Mr. Ahn, I am going to come to you. 
Talk about the Fast Identity Online Alliance and your 
protections.
    Mr. Ahn. So the security protocols we put in place are 
quite extensive. What we think about is putting multiple walls 
up such as the fraudsters have to hop over many, many steps to 
reach the information. One of the things that we do is we have 
at the integrated chip level, the microprocesser alone has a 
way for us through KNOX, which is our proprietary solution, to 
shut down in the event of a rooting event. The application must 
be authenticated by fingerprint or PIN to get into the 
application. If the phone is lost or stolen, we have the 
ability to remotely turn off payment credentials completely and 
turn them back on. And when the card networks----
    Mrs. Blackburn. So hold on. So you have got three tiers of 
encryption before you get to----
    Mr. Ahn. We have multiple ways of protecting the consumer 
information. The last one is that the card networks and credit 
card companies that we work with themselves have the ability to 
remotely turn on and off tokens. So what happens--and the last 
and most important piece is we purposely architected our 
solution to not store personal information and card transaction 
information. We only pass along a token. And so, for us, there 
is no central point to hack. The only information that is 
available temporarily is transaction history for the last 10 
transactions on your device, and this one device is not a rich 
enough target for fraudsters. So that is how we view security.
    Mrs. Blackburn. Thank you.
    I yield back.
    Mr. Burgess. The Chair thanks the gentlelady.
    The Chair recognizes the gentleman from New Jersey, Mr. 
Pallone, ranking member of the full committee, 5 minutes for 
questions.
    Mr. Pallone. Thank you, Mr. Chairman.
    I wanted to ask Professor Hughes, a consumer's ability to 
dispute unauthorized charges on a mobile payment varies 
depending on the payment method being used. For example, a 
consumer's liability for unauthorized charges on a credit card 
after a certain date is lower than on a debit card. Could you 
tell me what protections are available to consumers who do not 
have access to a credit or debit card and choose to link a 
mobile payment to their mobile phone bill?
    Ms. Hughes. I believe, Representative Pallone, that you 
have hit upon the single greatest challenge from the consumer 
perspective. And this particularly affects unbanked and 
underbanked individuals. So the persons who are using credit 
cards and debit cards have access to two Federal statutes that 
have been in place, in one case, for more than 40 years and, in 
the other case, for 37-plus years: the Fair Credit Billing Act 
and the Electronic Fund Transfer Act. You are correct that 
their standards are slightly different. You have to report 
faster on an EFT transaction than on a credit card transaction, 
and your liability can be different, although Visa and 
MasterCard on the credit card side have a no-liability policy. 
And PayPal, as I remember since I am a PayPal user, does have a 
no-liability policy, and there are other opportunities.
    The consumer, however, who is billing to a mobile phone 
statement, as opposed to using a financial institution for the 
clearing and settlement of the payment they are making, does 
not have the same level of protections because those are both 
either because there is a credit card present or a bank account 
present. And so the credit and debit cards are access devices 
to those two different kinds of accounts that many people who 
are unbanked--certainly they won't have debit cards--although 
they may have prepaid or payroll cards. And the prepaid and 
payroll cards are increasingly being brought under the 
Electronic Funds Transfer Act.
    So the key gap at the moment is the person who is billing 
something to their mobile phone account without some other 
financial services provider doing the clearing and settlement 
for the payments. And that is the gap that exists in Federal 
legislation right now, and that is a gap that also exists in 
the States.
    Mr. Pallone. So you said that with prepaid cards--and what 
about gift cards--there is some protection?
    Ms. Hughes. That is correct. Not all of the electronic fund 
transfer protections currently extend to gift cards. Some of 
the issues about dispute resolution do not extend all the way 
through the gift card family at this stage, but payroll cards 
have better protections than regular gift cards do in the same 
environment because of efforts to bring them under the 
Electronic Fund Transfer Act.
    Mr. Pallone. What do you suggest that we do legislatively, 
agency action, whatever, to have the strongest protections for 
all these different things, particularly the ones that have the 
lesser protection, based on what you said?
    Ms. Hughes. Well, one issue which this committee doesn't 
have is jurisdiction, so the Federal Trade Commission doesn't 
have jurisdiction over carriers for that purpose, for example, 
and I don't believe the CFPB does either. The States, because 
of the strength of the Federal Communications Act, I don't 
think the States have authority to do all of this work. If you 
wanted to do that, I think it would be up to Congress to 
instruct the Federal Communications Commission, giving them 
some additional authority to play in that realm, or to extend 
the reach, if you felt it was important, to extend the reach to 
persons who do not use financial institutions and access 
devices to accounts, either credit cards or debit cards, to 
have comparable protections. I haven't thought about exactly 
what those would look like, but I think it is an extremely 
interesting topic.
    Mr. Pallone. I have just a little time.
    With so many vendors and third parties involved in some of 
the mobile payment transactions, I was concerned that consumers 
could be given the runaround, in other words, each vendor 
pointing the finger at the other? Do you want to just comment 
on that? We only have just a little bit of time.
    Ms. Hughes. I think that the consumers may go to vendors 
for that purpose, but I think consumers largely go to their 
financial service providers, whether, it is Samsung and PayPal 
or their bank, to get resolution of disputes. The one gap you 
have identified, sir, is the one where they are not going to 
have that person to help them----
    Mr. Pallone. OK.
    Ms. Hughes [continuing]. Not in the same fashion.
    Mr. Pallone. All right. Thank you.
    Thank you, Mr. Chairman.
    Mr. Burgess. The gentleman yields back.
    The Chair thanks the gentleman. The Chair recognizes the 
other gentleman from New Jersey, the vice chair of the 
subcommittee, Mr. Lance, 5 minutes for questions.
    Mr. Lance. Thank you, Chairman Burgess.
    Ms. Deckinger, it is apparent that one of the biggest 
hurdles to getting consumers to adopt a certain payment method 
is scale. What steps need to be taken in order for a payment 
method to be accepted with enough ubiquity that consumers find 
it to be beneficial? And, from your perspective, are there any 
legal impediments in order to make sure that this is the case 
that we can move forward?
    Ms. Deckinger. Thank you so much for your question. We 
believe, fundamentally, that you have to have what I mentioned 
earlier, which is muscle memory for consumers. They are very 
comfortable with our current forms of payment. They are very 
comfortable going to a store and striping a credit card. It is 
not difficult for them. So getting them to change that behavior 
we believe requires having a presence at places where they shop 
every day and multiple times.
    We believe that our network includes that kind of scale and 
has that great reach. Consumers are gassing up at fuel stations 
several times a week if not at least once a week. They are at 
coffee shops. They are at their big retailers doing their 
grocery shopping. We feel like having that scale is really 
going to drive that adoption and regular usage that will create 
that muscle memory for consumers to get used to using a new 
form of payment.
    I don't currently feel that there are any legal 
restrictions that are keeping us from getting that kind of 
scale, but I would welcome other input on that.
    Mr. Lance. Yes. Anyone else on the panel?
    Professor Hughes?
    Ms. Hughes. I would agree with Ms. Deckinger that there are 
no legal imperatives or hurdles to the greater adoption. As I 
mentioned earlier in response to a question from the chairman, 
I believe it is one which may involve consumer education more 
than anything else. And I think that the--it may also be 
generational. And so I think it is a-- millennials are much 
more likely to use mobile payments than older people. My late 
mother, who was very clever, never used an ATM, not because she 
didn't feel like it, just because she wasn't a particularly 
mechanical person, and I think she was comfortable with the 
option she had. And the comfort level with the options that are 
currently available, even though they are expanding, is a 
difference between us and other parts of the world where the 
banking system is not as robust, where the penetrations of the 
Samsung and PayPal style opportunities are not as great, and 
where, in the case of some, you have to have a smartphone, and 
a new enough smartphone to use it. You are going to see in 
older generations and in less affluent generations lots of 
smartphones, but not everybody has one. And so the mechanical 
barrier may be, depending upon the nature of the service being 
offered, the mechanical barrier of what kind of device you have 
available for this purpose, which is something that just takes 
a maturation of a marketplace.
    Mr. Lance. Thank you. Mr. Muller, you said how many 
transactions from PayPal a year? A billion, did you say?
    Mr. Muller. A billion in 2014. That is right.
    Mr. Lance. And there will be more, you believe, this year, 
because in your last quarter, it was 350 million or something 
like that.
    Mr. Muller. That is correct.
    Mr. Lance. What percentage are in the United States? And 
what percentage are in Europe? And what percentage are in Asia?
    Mr. Muller. So our largest markets overall in the world, 
you know, are by and large the English-speaking countries: 
U.S., U.K., Canada, Australia, also Germany. And in all of 
them, we see pretty comparable rates of mobile payment as a 
proportion of total payment, so getting toward a third of all 
of our payments are on a mobile device, again, usually either a 
phone or a tablet that is used where 5 years ago, it would have 
used a laptop or a desktop.
    Mr. Lance. Thank you.
    Mr. Ahn, explain Samsung's latest device. In your 
testimony, what did you say that Samsung is doing next? Samsung 
Card? Samsung----
    Mr. Ahn. So the question is with respect to our products--
--
    Mr. Lance. Yes.
    Mr. Ahn. In the ecosystem?
    What we are doing today is we have reflexive devices, which 
we call Galaxy and Note. We are looking at future devices and a 
broader ecosystem where we can put Samsung Pay onto them, 
whether they are additional mobile devices or even wearables. 
We are looking at a broad ecosystem.
    Mr. Lance. A wearable would be a----
    Mr. Ahn. A watch.
    Mr. Lance [continuing]. A watch? And you can then purchase 
items or pay for items from that device?
    Mr. Ahn. That is part of our thinking.
    Mr. Lance. Has that occurred yet, or is that still in 
development?
    Mr. Ahn. We are evaluating and developing now as we speak.
    Mr. Lance. Thank you. And thank you for making New Jersey 
your headquarters in this part of the world. We deeply 
appreciate that. And I have been at your world headquarters in 
Seoul and have been deeply impressed with them.
    Thank you, Mr. Chairman.
    Mr. Burgess. The gentleman yields back. The Chair thanks 
the gentleman.
    The Chair recognizes the gentlelady from New York, Ms. 
Clarke, 5 minutes for questions.
    Ms. Clarke. Thank you, Mr. Chairman. And I thank our 
ranking member.
    Transparency. Unlike simple cash transactions, using a 
mobile payment system can bring in unseen third parties. So 
Professor Hughes, it seems like there are often many entities 
involved in mobile payment transactions than consumers may 
realize. How can we assure consumers know who is involved in 
their mobile payment transaction apart from themselves and the 
service that they are directly interacting with?
    Ms. Hughes. Representative Clarke, that is a very 
interesting question, and I believe it is one to which we do 
not have a very clear answer. So I think that there are systems 
that operate, particularly apps, not services of the kinds 
being offered by PayPal and Samsung. And where the app is 
involved, it is much more likely that there are unknown third 
parties involved in processing for the merchant, particularly, 
because merchants use a lot of third-party payment processors. 
And third-party payment processors are among the least 
regulated entities in the payment space today. They are not 
very well regulated by the States. Some of them are regulated 
as money transmitters; some of them are not. And they are not 
particularly well addressed by congressional legislation to 
this point.
    Asking the merchant, for example, or the app provider to 
make that kind of disclosure could possibly be more burdensome 
than it would be worth. So I think it is more important to 
ask--and each of these groups and others do--for people to 
engage in robust supervision of the choice of providers that 
they use along a tract that may be involved and to supervise 
them appropriately for risk-management purposes.
    The members of this panel might not be excited, but you 
might care to read a study that was issued in August of 2015 by 
The Clearing House payments company on, which I would be happy 
to provide to your staff if someone tells me to which person it 
should be sent. That study talks about this issue in particular 
in greater depth than I have time to do this morning or you do. 
And so I would suggest that it might be something that you 
would read on that particular narrow subject, which is quite an 
important one.
    Ms. Clarke. So let me----
    Ms. Hughes. I urge you not to make it too complicated 
because people choose providers based on their histories with 
them, and it would be very difficult to make new disclosures 
constantly if you had to abandon a provider because they didn't 
behave appropriately and choose a new one----
    Ms. Clarke. I think we are concerned more about breaches. 
You know, you are then dealing with many more entities that are 
holding the data, right?
    But let me move to ask about lack of transparency and 
consumer consent, the notion of consumer consent.
    How can consumers consent to business relationships with 
entities that they are unaware of?
    Ms. Hughes. Well, Representative Clarke, that is a very 
complicated question. And I think that as there are already 
lots of payment processors operating in the United States where 
we are not seeing a lot of transparent consent, I think that it 
may be the necessary level of consent, maybe the consumer who 
chooses the payment method and the consumer who chooses the 
merchant at this point. And I firmly believe that the mechanics 
of this are such that we should put the primary focus on the 
merchant to choose wisely and on the payment provider to choose 
wisely and to ask them to perform the functions that are 
currently present in Federal and State law to supervise them.
    Ms. Clarke. Do you believe that greater transparency could 
encourage more consumer use of mobile payments? Because, 
certainly, consumers who are unwilling to use mobile payment 
services may feel unsure about who will have access to their 
data afterward.
    Ms. Hughes. That, too, Representative Clarke, is an 
excellent question. And I think the more that consumers 
understand how mobile payments work, as a general, as opposed 
to a specific proposition, but perhaps both, the more they are 
likely to be willing to use them because just like ATMs 40 
years ago, there was a period of adoption, and it made a 
difference when consumers----
    Ms. Clarke. But ATMs don't have a third party. You know you 
can just walk into that----
    Ms. Hughes. Some do, actually.
    Ms. Clarke. Absolutely, right. Absolutely. Clearly.
    Ms. Hughes. Kiosks in stores and other places have a 
landscape and an ecosystem that is very much like mobile 
payments today. So the answer is, but there, you are talking 
about your bank, and you are talking about the place where you 
use the machine, assuming you remember where it is, and it is 
usually on your receipt. So I am not sure that that is so much 
different than what consumers are already dealing with with a 
fair amount of comfort. I just think they need more education.
    Ms. Clarke. I yield back. Thank you.
    Mr. Burgess. The gentlelady yields back. The Chair thanks 
the gentlelady.
    The Chair recognizes the gentleman from Mississippi, Mr. 
Harper, for 5 minutes, please.
    Mr. Harper. Thank you, Mr. Chairman. And thanks to each of 
you for being here.
    I guess I would have to say that I never envisioned the 
title of mobile payments would be exciting, you know. So it is 
an incredible topic, and it is affecting our lives in so many 
ways as we look at this. And so I am all in. This is a great 
topic.
    Mr. Muller, if I could start with you. In your testimony, 
you mentioned that PayPal has been involved in mobile payments 
innovation since the PalmPilot devices. What have been some 
turning points that you have seen in the development of mobile 
payments from PayPal's perspective, and what are the next big 
applications that we should be on the lookout for?
    Mr. Muller. So, you know, like most companies, there have 
been some successes but also some learning opportunities. One 
was, as I mentioned, the switch away from the PalmPilot as the 
focus towards email and Internet connection. A second 
generation really starting, I think, in 2006, we launched a 
mobile payment feature available to users to make payments 
mostly intended for person to person, but a few also businesses 
had signed up using text message and just sending a text 
message with the amount and a certain code in it. And that, 
frankly, was not very successful I think largely for some of 
the reasons that have come up about security and many consumers 
just feeling a little bit too uncertain that just by pushing a 
text message, the money would go to the right place and be 
credited correctly.
    So that----
    Mr. Harper. Does that mean it was too simple to give 
confidence?
    Mr. Muller. Well, I think perhaps to some degree, I don't 
know if too simple or simply too unclear, too little 
information associated with the actual transaction itself. And 
this was at a time just before the iPhone. So we are still 
talking about flip phones and other types of phones with very 
small screens.
    So the whole texture of the experience, to some degree, was 
not as comforting as is available today with smartphones and 
larger screens.
    So I think we have learned that lesson, and a big part of 
what we have done that got to us to the 1 billion transaction 
number that I mentioned is not just building mobile apps and 
experience on the consumer side, but also helping our 
merchants, who are, by and large, mostly small- and medium-size 
businesses optimize their Web site and their checkout pages for 
mobile devices so that the experience is as good as it can be 
on the smaller screen.
    Mr. Harper. So what is the next big thing to look for? 
Where are we headed?
    Mr. Muller. Well, so one thing that is already live for 
us--and it is an experience, again, that many other payment 
companies are also in their way matching or trying to--is what 
we call the one-touch experience, taking advantage of the 
information that the consumer has chosen to share with us, 
recognizing them the next time they go shopping even at a 
different merchant than they have shopped at before. We can 
recognize them so they don't have to type in information on a 
small screen. We can recognize them if they have chosen to opt 
into this feature and, again, improving both the shopping 
experience and the merchant checkout. And then the other set 
that is coming out, say, is at the point of sale, where to 
date, you know, certainly PayPal is less prominent, but finding 
that right match of convenience and merchant acceptance and 
speed and security, something all of us are working on, and 
that is coming. Just who unlocks the right combination is yet 
to be seen.
    Mr. Harper. You know, our time is almost up. But one phrase 
that was of interest was in your testimony; you note that 17 of 
the 100 most unbanked places are in Mississippi. How do you 
envision mobile payments increasing consumer options in those 
communities?
    Mr. Muller. So that is another challenge for the industry 
as a whole that we are eager to take on and do more. Today, I 
would say, really, that the primary vehicle linking the 
unbanked to mobile transactions is through prepaid cards or 
prepaid accounts of different kinds that different providers 
are offering. You know, and there are, of course, starting with 
the baseline that many of the financially underserved today do 
have smartphones.
    Mr. Harper. Mr. Muller, I apologize. My time is well over.
    Mr. Chairman, I yield back.
    Thank you, Mr. Muller.
    Mr. Burgess. The gentleman yields back. The Chair thanks 
the gentleman.
    The Chair recognizes the gentleman from California, Mr. 
Cardenas, 5 minutes for questions, please.
    Mr. Cardenas. Thank you very much, Mr. Chairman. And thank 
you to all the witnesses that are here enlightening us of what 
has been, what is, and even what may be coming in the future.
    But I think the main concern of this committee is the 
safety and security of Americans and people in our country, 
whether they are visiting or what have you, making sure that 
they feel comfortable and confident that we have a system that 
actually works and hopefully works for as many people as 
possible.
    Speaking of as many people as possible, there are still 
many communities here in the United States of America that are 
underbanked and underserved by financial institutions and 
instruments, et cetera, so they tend to not experience or see 
the safest and best technologies and, unfortunately, sometimes 
actually are subject to more problems because they don't have 
the best systems available to them.
    That being the case, when it comes to these kinds of 
communities, how can mobile payment providers better reach 
minority communities and underserved or poor communities and 
ensure that these consumers also enjoy the safe and community 
commerce that everybody else expects or can experience?
    The main thing there is, certainly, if there is a community 
with a lot of wealth and a lot of activity and probably a 
bigger contributor to the billion transaction mark, you have 
other communities that want to participate, yet, at the same 
time, how do we make sure that we have an even system that is 
available to them, really?
    Professor?
    Ms. Hughes. Well, I think this is a truly important 
challenge. And I think that mobile payments are an enormous 
opportunity to help unbanked and underbanked individuals. 
Unbanked individuals don't have bank accounts. Underbanked 
individuals may just not have a bank very close by. And if we 
think about the ability of someone to make a payment remotely 
or to take a payment from an employer or to pay their rent 
using their mobile device and not having to take time off from 
work to do that or to take time to go to the bank to deposit 
checks and the like, I think that the underbanked communities 
that have bank accounts or other credit union accounts, et 
cetera, but may not have time to get there during reasonable 
work hours are among the communities that will benefit the most 
from mobile payments.
    I think the opportunities in those markets are huge. I 
think they will help the citizens of Mississippi and California 
and the other jurisdictions that are here. They will help inner 
city people as well, people who no longer have a corner branch 
of a bank to help them. And because, as Mr. Muller suggested, 
there are opportunities to use prepaid cards, including payroll 
cards, and to spend money out of them using devices of this 
kind, the opportunities for unbanked and underbanked persons 
and minority individuals residing in rural or very urban 
communities expand.
    The last thing I would say, sir, is that the least secure 
thing on the face of the planet in the United States, as least, 
is cash. So if you have a way to link to some form of an 
account and to use it as if you were using your bank account 
through a mobile payment, you may level the field for lots of 
people to participate in commerce, both the recipients of 
payments and as people who can make payments on time and, 
therefore, avoid late fees and other charges that are 
associated, and that these opportunities are enormous for 
helping a lot more Americans have a lot better access to 
payment options than they have had in the past.
    Mr. Cardenas. Well, my last question, because our time is 
limited, is it is interesting that ``60 Minutes'' talked about 
this payment system in Kenya that you touched on, Mr. Muller, 
that has to do with the texting, and it doesn't have to be a 
smartphone, et cetera. The thing that concerns me about that 
isn't that it is kind of cool; it is that I would imagine that 
the safety of those individuals in those transactions are a lot 
more vulnerable than, perhaps, what Americans understand that 
we are not as vulnerable with the systems and the advances we 
have.
    I would like to know, as quickly as possible, due to 
constraints of time, the fact that in this country, we do have 
regulations and we do have benchmarks and push industry to make 
sure that they have safeguards for our consumers and our 
participants, is that something that is helpful to the 
industry? Or is that something that you can do without?
    Mr. Muller. So I would say, certainly, it is helpful, in 
general, of course, the right kind of regulation. But, in 
general, regulation is certainly one component that leads to 
consumer adoption. And, as you said, if people viewed these 
kinds of transactions as really, the same as cash with no 
purchase protection or no protection against unauthorized 
transactions, they would be much less inclined to use it.
    So regulation is one component of addressing that issue. 
Industry efforts, like Visa and MasterCard and PayPal, zero 
liability, all come together to lead to the broader mobile 
adoption for all of us.
    Mr. Cardenas. Thank you.
    I yield back my time.
    Mr. Burgess. Thank you. The gentleman yields back. The 
Chair thanks the gentleman.
    The Chair recognizes the gentleman from Kentucky, Mr. 
Guthrie, 5 minutes for questions, please.
    Mr. Guthrie. Thank you very much. It is neat having this 
hearing today. I was flying back yesterday reading a biography 
of Andrew Jackson, and it is amazing moving an army, 
speculating land, all the others things that he did. One of his 
biggest concerns was always how did he move currency, cash, how 
did he pay people. Was it going to be barter, bank drafts? It 
was just a big issue then. And so how currency moves really 
played into how he was able to move his armies and so forth 
back and forth. So we are still talking about moving currency, 
and how we move it in the best and most efficient and safe way.
    And I was watching, I guess, a football game or so this 
weekend. And Samsung had their advertisements. They must have 
bought a lot of time because I remember seeing the app that we 
are talking about here today. And I grew up in a rural grocery 
store, so I always view things through rural, kind of, 
groceries. So it appeared that anywhere that you can do a 
credit card, your phone would work. So if you can pay at a 
pump, then you can actually scan or whatever the technology is, 
if I am using the right term, then your phone works in all 
applications like that? So if any merchant takes a credit card, 
then you have the ability to use your application? Is that----
    Mr. Ahn. So, Congressman, thank you for the question. When 
we say virtually anywhere, what we are talking about is very, 
very high percentage of locations and terminals that accept any 
credit card or debit card. However, we say ``virtually'' 
because we are not fully 100 percent there. There are instances 
such as DIP readers, gas stations, ATMs, and a small percentage 
of merchants where the technology software needs to be upgraded 
for us to get to everywhere. And so we are not quite there yet, 
but we are substantially ahead of our competition.
    Mr. Guthrie. Well, thank you.
    My first question was your level of mixes of security and 
how it protects consumers. You answered that with Mrs. 
Blackburn, I think.
    So does it prevent the consumer from doing it to 
themselves, I guess we would say? Are there things the consumer 
needs to do? Once they use your phone, your phone is--can the 
consumer--like if, the old days, when you swiped a debit card 
and you didn't throw the receipt away and somebody took it out 
of your garbage or you didn't tear it up, is there something 
like or equivalent to that the consumer can do, or have you 
protected them from all aspects?
    Mr. Ahn. So the consumer is essentially protected behind a 
level of password protection and fingerprint indication that is 
required to open up the app. And, therefore, everything that 
they are doing is really sitting behind that level of 
protection. We don't publish that information. It is not easily 
accessible. And the consumer really has full control over that. 
So, to that extent, it is secure.
    In terms of usability, I think all mobile payments have 
usability issues because people are--for the most part, their 
muscle memory today is credit card and debit swipes, and so it 
is going to take the ecosystem to work together to help educate 
consumers about the advantages of having more secured payments 
and a new way of tapping, a new way of paying. This is 
happening in different parts of the world. Western Europe, for 
example, is actually more tap-centric payment countries. In the 
U.S., we are further behind.
    However, you know, as a technology company, we are very 
optimistic about technology advances. Five years ago, the cell 
phone, smartphone penetration was very different than it is 
today. New applications of services are quickly adopted if they 
are helpful and make an impact. So we are hopeful that there is 
enough security, utility, and a better experience to compel 
consumers to move toward a more technology-centric way of 
paying.
    Mr. Guthrie. Thank you.
    And, Mr. Muller, I understand that PayPal utilizes the 
cloud for storage of consumers' payment information. And why 
did you choose to utilize the cloud instead of storing payment 
information on the phone or the app? Is it more secure, I 
guess, is the question I am getting at?
    Mr. Muller. Well, for us, it was partly out of necessity in 
that we don't have the same access to mobile phone hardware and 
operating system that some of the other companies that are 
operating point-of-sale payments through a mobile device do. 
But, also, we do think there are some advantage of storing the 
information in the cloud and not--certainly not storing any of 
the information on the device. I mean, that is clear, and that 
is undesirable. But, also, we don't have the same access to the 
device as the handset manufacturer might.
    Mr. Guthrie. So being in the cloud, you are obviously--
PayPal is not a device. You are not device-specific. That is 
your----
    Mr. Muller. Yes.
    Mr. Guthrie. So what innovations have you seen over the 
last year or two that would make online payment data more 
dynamic and less useful for criminals?
    Mr. Muller. Well, so, certainly, tokenization continues to 
develop. It just started, so it is certainly not static by any 
means. But the first, really, live implementation of 
tokenization in a practical way that we have seen is a big step 
forward, and the controls that can be built in for one-time use 
of the token, merchant-specific use of the token, all those are 
certainly, a step forward compared to where we have been with 
the primary account number being stored and transmitted in many 
ways. So that is probably a major recent development.
    There are new ones coming out all the time that we read 
about. So it is an exciting field with, certainly, dynamic 
codes. Sort of the three-digit or four-digit code in the back 
of your card that you are used to entering, now companies are 
coming up with a capability to generate that dynamically and 
change it for every transaction. So certainly new developments 
are coming out, and there will be more to come.
    Mr. Guthrie. Well, thank you. And I only have 15 seconds. I 
am not going to ask another question.
    I yield back, Mr. Chairman.
    Mr. Burgess. Thank you.
    Mr. Kinzinger.
    Mr. Kinzinger. Thank you, Mr. Chairman.
    And thank you, all, for being here. I appreciate it. The 
innovation of mobile payments is at the forefront of many 
consumers' minds, especially those that were considering 
purchasing a new smartphone and all consumers interested in the 
technology to ensure their transactions are safe and secure.
    Like with many new technologies, it is subject to some 
suspicion before adoption, and many consumers want to know if 
their personal information, including financial and personal 
health information, will remain protected and private.
    Certainly, no system is foolproof. In the technology world, 
we frequently read about cyber attacks and successful hacks of 
various systems. Consumers have a right to be concerned about 
new technology, but I am hopeful that today's conversation will 
showcase some of the great strides in technology that we have 
made and what its future could look like.
    Mr. Muller, the number of smartphones in the U.S. continues 
to grow, and obviously, mobile payments are increasing in 
popularity. Over the course of PayPal's involvement with mobile 
payments, what have been the largest keys to consumer adoption, 
and what have been your biggest challenges?
    Mr. Muller. So, certainly, one of the keys is the one you 
mentioned, which we certainly can't take credit for, but is the 
proliferation of the smartphone and the affordable smartphone 
through the work of the handset manufacturers and the mobile 
carriers, and that is probably--that is the baseline for all 
adoption that we have been talking about.
    And then, really, there is just the passage of time, as we 
have seen with other payment devices. Professor Hughes 
mentioned the ATM card, the credit card, the debit card as a 
purchase device.
    Consumers get comfortable through word of mouth, through--
there are always early adopters, and that is one of the things 
we are lucky to have in the U.S. is people who are eager to try 
new things, and if it works for them, to spread the word.
    And then, ultimately, another important factor has been 
merchant adoption and getting the merchants to realize this is 
something that is good for them as well. It creates a good 
experience for their buyers and ultimately more transactions 
for them. And so just that extra nudge from some of the 
merchants to encourage their consumers to try their app on the 
mobile phone, that can be the deciding factor for many 
consumers.
    Mr. Kinzinger. And you also, you know, you obviously, 
described, that when you started up, you called it, basically, 
an early form of tokenization. Very like 50,000-foot level. Can 
you just briefly describe how your security methods have 
evolved over the years from 16 years ago to today? I know we 
can talk for hours about it, but----
    Mr. Muller. Well, as I said, the basic component and what 
we were referring to as that early form of tokenization is just 
not creating a process where the merchant receives the card 
number in the first place. So, with PayPal, they receive news 
of the payment in the form of either an email; or, for some 
more advanced merchants, they might receive an automated notice 
to their systems; or they can just go look at their account to 
see that the payment is there. But, in any case, they are not 
receiving the consumer's card or bank account information to 
start with. So that is a similar concept to what tokenization 
is now achieving more broadly.
    That, of course, makes it incumbent upon us--we are 
receiving the account information--to protect that account 
information. We had the good fortune, as one of our founders 
was and still is a computer security expert and designed the 
system in a solid way. And, of course, as I said earlier, 
continuing to make investments on that foundation for both 
encryption of the data and limited access even by employees to 
the data.
    Mr. Kinzinger. Well, Mr. Ahn--I hope I said that correct--
some of the security concerns that I have heard raised with the 
NFC-based mobile payments has been eavesdropping, data 
manipulation, interception attacks, relay attacks, and device 
theft. Can you discuss if these are real concerns or 
misconceptions and perhaps how the Samsung Pay approach 
addresses some of these?
    Mr. Ahn. Some of the concerns you mention are real; some 
are misconceptions. The real concerns are related to device 
theft and loss that relate to relay or replay attacks. There 
are a number and a host of ways that fraudsters can steal 
information, and our job is to be ever-vigilant and put the 
best and most advanced security features in cooperation with 
our partners, with banks, the Visas, MasterCards of the world, 
the networks, and make sure that we have as much fortification 
as possible.
    With respect to Samsung Pay, we have looked at every 
possible angle of security, and it starts, again, as I 
mentioned before, at the baseline level, moves all the way up. 
We are very, very concerned about security.
    As a matter of background, Samsung is one of the most 
respected brands around the world. We have a very strong 
relationship with a large base of consumers. That relationship 
and trust and brand is sacrosanct to us. We will not jeopardize 
it. And so when we think about what we put into market, we will 
index heavily toward security. And, yet, as a viable consumer 
solution, we have to have it usable and simple. And so that is 
our challenge and our burden to bear.
    And so we take that very seriously, and we would be happy 
to share addition information in more detail.
    Mr. Kinzinger. Thank you, Mr. Chairman. Thank you for your 
leniency. I yield back.
    Mr. Burgess. Thank you very much.
    Congresswoman Brooks.
    Mrs. Brooks. Thank you, Mr. Chairman.
    This past August, I had the opportunity to visit Tanzania, 
Africa, where I saw the majority of the population utilizing 
mobile payments and paying for everything from cabs to a dinner 
tab to hotel stays, and so the mobile payment technology I 
think is incredibly advanced in Africa. And we know that in a 
large part of sub-Saharan Africa, traditional banking has been 
hampered by a lot of infrastructure problems and 
transportation. And we now know that so many people worldwide, 
approximately 2.5 billion people, don't have formal accounts at 
financial institutions, as Professor Hughes touched on. It is 
allowing these communities to provide for the unbanked and the 
underbanked individuals and businesses to conduct business.
    And so I am curious, though, how it is that Africa, in many 
ways, has leapfrogged over the United States in using this 
technology? And it was being used in the smallest of shops and 
to the large hotels. And so I am curious, particularly, for 
anyone with any--companies with the international background, 
how and why did that happen? Mr. Ahn?
    And what should we be thinking about in seeing that, you 
know, other countries--and I am talking about visiting with 
people in huts that didn't even have significant access to 
electricity at times. And so a lot of them were charging their 
phones with solar-powered devices and so forth. But how is it 
that Africa has, I think, advanced so much faster than we have?
    Mr. Ahn. So, Congresswoman, one thing I would add is the 
examples in Africa highlight that necessity is the mother of 
invention. In Africa, the financial institutions and the 
infrastructure for typical banking is at such a state of 
underdevelopment that those in need of payment remittance, 
access to funds, needed to find some other way to move money 
around, pay each other, and to conduct commerce. And so these 
payment solutions on pace in Kenya and other leading 
applications leapfrogged the need for established banking 
institutions in such a way to create viable payment commerce.
    And I think the relevant piece of what we have learned in 
developing countries for us is the question that the 
Congresswoman asked earlier with respect to how we serve our 
underbanked populations and provide access to as many people as 
possible for these payment solutions.
    For us, we argue that mobile changes everything. Mobile 
does not tie you down to location or place.
    As Ms. Hughes was saying, you can, at your own time, at 
your own choosing, and location, conduct transactions and 
services that are important to you and have access on a more 
equal playing field than if you were tied to time and place. 
And so when mobile is coming into the picture, we believe that 
our job now is to then open up access to the services and 
solutions that we can make an impact for consumers. The way we 
think about it is we have a large device footprint. We want, as 
I mentioned in my testimony, we have plans to continue to 
evaluate broader ways to provide Samsung Pay on more devices. 
One very easy way to do so is when previous generation phones 
are in market, they come down in price point, making it more 
accessible for different consumers. In addition, we know from 
our own data that Samsung as an OEM has one of the highest 
percentages, if not the leading percentage, of share of market 
in underserved populations as well as lower income populations. 
And then, on top of all of this, the way we have constructed 
our solution is to open our doors for all payment types. What 
that means is that we can support credit cards, debit cards, 
prepaid cards. We will roll out in the near future gift cards. 
We have every opportunity for any payment instrument in any 
tendered type to be usable in our device. So that is how we 
think about this.
    Mrs. Brooks. Thank you.
    Professor Hughes, I am curious what you believe the impact 
is going to be for this type of payment method for the--is 
there going to be any burden of entry for entrepreneurs who are 
just starting businesses, or do you think this will be 
beneficial to them?
    Ms. Hughes. Congresswoman Brooks, I think this is a boon to 
small business. I think, as I mentioned earlier, it is a boon 
to farmers markets and artisans and music festivals like we 
have in Bloomington, Indiana, and arts organizations and 
charitable causes around the country. I think particularly for 
smaller businesses, this is an enormous advantage because it 
will allow them to take payments that they may not have been 
able to take before in a speedy and secure environment.
    And I think that we should be optimistic about the future 
of mobile payments and their ability to serve underbanked, 
unbanked, and small business.
    Mrs. Brooks. Thank you. Thanks for your testimony.
    I yield back.
    Mr. Lance [presiding]. Thank you.
    Mr. Olson.
    Mr. Olson. I thank the Chair.
    And welcome to our witnesses.
    I have a challenge for you, Mr. Ahn, Ms. Deckinger, and Mr. 
Muller. In preparing my questions for this morning, this 
testimony, I relied on advice from people here in DC, lots of 
folks back home, and two of my own personal experts, my two 
teenagers, my 18-year-old daughter and my 15-year-old son. They 
are all about mobile. That is all they know. And they are 
current and future consumers, big consumers.
    So, Mr. Ahn, can you explain how your mobile technology 
works that I can show my daughter and my son, explain to them 
and their friends, ``Hey, Samsung has got this great vision''? 
What can I say to my kids? How could you explain it in English?
    Mr. Ahn. So, apparently, the previous testimony was----
    Mr. Olson. No, it was good. It was good for DC. I want to 
make sure my kids understand this because they are the future.
    Mr. Ahn. So the young population is an important 
demographic to follow. What they do and what their habits are, 
are leading indicators of what new consumer trends will be. For 
them, what is important is the ability, I think, to focus their 
life around services and goods that revolve around mobile 
devices. Our view is that we want a future where consumers have 
the ability to pay in a store offline, inside an application, 
an app, let's say an Uber, or a mobile-Web context. Anywhere 
you are, in any space that you are, we want you to be able to 
pay with the secured credentials that you have loaded. So we 
have that opportunity as we build out our product roadmap.
    What the Samsung phone allows you to do is to take a credit 
card or debit card or any other payment instrument, put it into 
the phone, and make a secure payment at the terminal. Over 
time, we expect to create more intelligent services that create 
more consumer impact, things that we can't discuss today. But 
over time, we expect that the ability to pay in a secure method 
with a phone allows you--allows us to open the door for new 
innovations that will have a direct impact for them.
    Mr. Olson. Is there any PII left after--PII, personal 
identifying information--after a transaction with your mobile 
system?
    Mr. Ahn. There is no PII except for you do know that the 
phone belongs to a certain user; traditional information is 
already there. But no additional information is left.
    Mr. Olson. Mr. Muller, same question. Explain to my kids, 
how does PayPal's system work, and is there any PII involved 
after the transaction?
    Mr. Muller. So, PayPal's system, you know, works somewhat 
differently, or it is not tied as closely to the physical 
device. It does involve working through an account that has to 
be set up to start with either by the individual themselves if 
they are over 18, since that is one of our rules----
    Mr. Olson. One is there, one is not.
    Mr. Muller [continuing]. Or by their parents. We do offer a 
student account capability where parents can control an account 
on behalf of the student. But there is that initial step of 
setting up an account. Once the account is set up, we then have 
a broad network of merchants that the user can access through 
their mobile device, through their laptop, or other kinds of 
device. So it becomes very easy to make that payment once that 
initial step of setting up the account.
    Mr. Olson. Any PII left over after a transaction with 
PayPal system?
    Mr. Muller. So, you know, the PII is something that is kept 
only by us, so we do have it, and we do have the information, 
and then the merchant has what they need. If they are shipping 
physical goods, inevitably that means they need a physical 
address to ship it to.
    But, really, that is the extent of the information.
    Mr. Olson. And, Ms. Deckinger, you are the new kid on the 
block. How does currency envision its testing phase, and can 
you explain how your mobile technology works for my daughter 
and son?
    Ms. Deckinger. Yes. We have some pretty cool technology----
    Mr. Olson. I like it already, the word ``cool.''
    Ms. Deckinger [continuing]. That would help ease the path. 
One of the great things we have, for example, is Pay at Table. 
So that frustrating experience when you are at the end of the 
transaction in a restaurant, sitting in a restaurant, and you 
want to pay your bill and you are waiting for the server to 
come over and bring your bill, we allow you to scan the QR code 
that is on the receipt, pay and leave without having to do 
that. We allow to you stay in your car when it is 100-plus 
degrees in Texas and pay from the comfort of your car.
    Mr. Olson. Thank you.
    Ms. Deckinger. And we allow to you pay at the drive-through 
without handing a card out the window to the person on the 
other end. Pretty cool thing, the phone actually that when you 
pay at drive-through is pinged through the Bluetooth low-energy 
beacon, so that is a fairly cool technology that your teenagers 
will find fascinating. And PII was the other question.
    Mr. Olson. That is a--yes, ma'am. How are you guys planning 
on protecting that if you have any after-transaction left over? 
So like Mr. Muller----
    Ms. Deckinger. Similar to Mr. Muller, there is some PII 
involved. However, we do not pass any financial information 
through the transaction. So we use tokenization, everything 
from a financial perspective is tokenized and encrypted. So 
that means that there is never any financial information stored 
on your phone, nor information that is of worth to anybody to 
store on your phone. So should your phone be stolen or hacked 
or taken by someone nefarious, nothing can be done with it.
    Mr. Olson. Thank you. My time is up. My kids would be very 
happy. Thank you, all.
    Mr. Lance. Thank you, Mr. Olson.
    Mr. Welch.
    Mr. Welch. I got here a little late. I missed--would you 
like me to comment?
    Mr. Lance. Very good.
    Is there anyone else who would like to ask questions?
    Thank you.
    I thank each of the members of the panel for participating. 
I think this has been a very interesting and informative 
hearing. Before we conclude, I include the following documents 
to be submitted for the record by unanimous consent: a 
statement from the Electronic Transactions Association; a 
statement from the National Association of Convenience Stores 
and the Society of Independent Gasoline Marketers of America; 
and a statement from the National Retail Federation.
    [The information appears at the conclusion of the hearing.]
    Mr. Lance. Does the ranking member have anything that 
should be included in the record?
    Mr. Schakowsky. I don't, but I approve all those 
inclusions.
    Mr. Lance. Thank you. Pursuant to committee rules, I remind 
Members that they have 10 business days to submit additional 
questions for the record. And I ask that witnesses submit their 
responses within 10 business days upon receipt of the 
questions.
    Without objection, the subcommittee is adjourned.
    Mr. Schakowsky. Thank you.
    [Whereupon, at 12:15 p.m., the subcommittee was adjourned.]
    [Material submitted for inclusion in the record follows:]
    
    
    [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
    
    
                                 [all]