LoopWallet’s primary appeal for users is its ability to store and enable payments with any card in their possession. While Google Wallet, Isis, and Square Wallet only offer storage for select payment cards and require special accounts for those that aren’t supported, LoopWallet can store any payment, loyalty, or gift card from any bank, card network, or corporation as long as the physical card has a magnetic strip. Users load these cards into the application by way of the fob, which doubles as a card swiper, and can access them from within the app from that point forward.
The actual payment process takes place with varying degrees of simplicity depending on which method the user prefers. When using the specialized phone case, users pay by opening the app, entering a PIN, selecting the card they wish to use, placing the phone case against the credit card terminal, and tapping the screen to authorize the transfer. When using the fob plugged into the phone jack, users open the app, enter their PIN, select the card, and place the fob against the credit card terminal to pay. Users who wish to skip the step of opening the app and entering a PIN to authorize payment can store a default card within the fob itself, hold the fob against the terminal, and press a button on the fob to make a payment. This last option is by far the easiest and best option for users who don’t often carry multiple payment cards anyway.
For non-magnetic stripe cards, LoopWallet enables users to snap a picture of a barcode, which can then be scanned from the phone screen in many cases. LoopWallet also enables users to store ID card information, which isn’t scannable in most cases but can be used for reference if necessary.
Other features offered within the LoopWallet app include real-time balance reporting, in-app promotional offers, and extended battery life for smartphones via the Loop ChargeCase (available in April for iPhone only). Loop fobs have a battery life of about 300 transactions between each charge and can be recharged with a microUSB connection.
LoopWallet is appealing for merchants because it requires no new technology such as Bluetooth, NFC, or WiFi POS systems. Consumers can pay with LoopWallet on nearly all traditional terminals, even those over a decade old. And although LoopWallet currently promotes its widespread acceptance more so than its other features at this time, the service also includes customer outreach in the form of loyalty programs and in-app offers.
Even without offering any additional features, though, LoopPay is light years ahead of its competitors from a merchant’s perspective due to the fact that its service can be used today without any new technology. The only magnetic swipe terminals that cannot accept payments from LoopWallet are those that require the full insertion of one end of the card, such as those found at gas stations and ATMs, and one very old model of card reader that accepts double-sided magnetic strips.
Like its competitors, LoopWallet requires a PIN before making payments of any kind. The magnetic field created by LoopWallet is only capable of transferring information within four centimeters, and the app’s data storage and encryption method is level one PCI Compliant. In the event of phone theft, LoopWallet is built to only transfer payments through the user’s phone’s accompanying fob or charge case, meaning that other fobs or charge cases will not work with a stolen phone. Additional security can be added by setting a password for the smartphone itself.
There are two significant security vulnerabilities with LoopWallet. One potential issue lies in the LoopPay fob, which can be programmed to transmit payments through a default card for certain periods of time. If programmed by the user to process payments at all times, a stolen fob can then be used as if it were the attached credit card itself. This can be avoided by simply not setting the fob to be able to process at all times.
The other potential issue is that LoopWallet stores card numbers in the app itself. Should a thief obtain a user’s phone and somehow bypass the PIN entry stage, that thief would then have access to all of the user’s card numbers. While this is troubling, it’s actually more secure than a current physical wallet, since the card number is at least hidden behind a PIN number and whatever phone security the user has installed. This risk therefore does not count against LoopWallet at this time.
Most potential security concerns about the app are adequately addressed in the company’s FAQ section.
LoopWallet doesn’t pose a security threat for merchants because it essentially digitizes existing payment cards. There is no change in liability for merchants who accept Loop payments, and it functions as a card-present transaction.
LoopWallet will become an issue for merchants, though, by fall 2015, when the liability shift occurs for Chip-and-PIN readers in the U.S. By that time, any merchant processing cards through a traditional swipe reader will be liable for any fraud that occurs through the terminal. Since LoopWallet is only compatible with current magnetic swipe technology, merchants who have migrated to EMV equipment will be unable to accept LoopWallet. This would seem to impose a limit on Loop’s long-term viability as a payment method.