Recently, Apple announced an exciting new feature called Apple Pay. Apple Pay is a mobile wallet payment system available on the new iPhone 6 and Apple Watch devices. At first, we thought “Not another payment method to work with!” but after researching implementation and security details, my attitude quickly changed and I became intrigued by the new app.
What Is Apple Pay?
Apple Pay creates a safe and secure transaction between Apple devices and a retailer’s “contactless” payment reader or online ecommerce storefront. With this app, the customer does not need to swipe or enter credit card numbers or passwords since it is stored in their secure Passbook, an application first introduced in iOS 6.
Apple Pay transforms traditional theft-prone credit cards into a unique Device Account Number stored on a special chip within the device. With this, it pairs that number with transaction-specific security codes that are dynamically created ensuring that intercepted transactions cannot be used for fraudulent purchases since each security code is only good for the one transaction at a time. This is the most obvious benefit as well as the protections in place with EMV: to prevent the chips from being copied.
Apple Pay’s Benefit Compared to Sole EMV
Another security benefit Apple Pay has over EMV is that sensitive data is never handled by the merchant. With EMV, it passes plain text card data to point of sale systems which can easily be stolen by RAM scrapers and used for fraudulent purchases. With Apple Pay, the phone becomes the sole point for potential exploitation. Hopefully, Apple has or will implement sophisticated measures for protecting card data stored in the Passbook from theft or unauthorized use. However, removing sensitive payment data from the merchants’ hands is a huge step to prevent the increased breach epidemic retailers have been dealing with lately.
Apple’s move to bypass the payment processors that have been used for decades is a clearly bold move for Apple. Point of sale and online ecommerce systems integrated to support Apple Pay can send the Device Account Number and dynamically created transaction security code directly to the card issuer for approval. Essentially, they are creating their own secure payment network to work with their proprietary technology.
Setbacks and Downsides
Adoption will prove to be a significant challenge. With past attempts to change consumer payment behaviour, there is a long list of failures. Take a look at contactless payments. They were rolled out on a limited basis by inserting a rice-sized RFID chip in credit cards to which a purchaser waves in front of the terminal instead of swiping the magnetic stripe. Adoption in the United States was almost non-existent. In recent news, mobile wallet offerings such as Visa payWave used NFC for contactless payments in stores, but gained little traction beyond pilot implementations because most consumers are set in their ways or refuse to use new technology in case the technology proves to be bad or misleading.
Apple Pay is a strategic move to expand into the mobile wallet marketplace to rival PayPal and other large companies. Can Apple succeed in convincing consumers and businesses to ditch the plastic? Maybe given time since Apple is such a huge contender with regular customers and they have a magical talent with marketing. I for one see the benefit and hope that this method gains traction…not only with Apple but with Android and Windows devices as well.
About the Author
Director of Website Development
With over a decade of experience designing and developing websites, Eric has worked in every position of the agency ladder. He is fluent in multiple backend and front end programming languages and has written multiple international best selling plugins for WordPress. He has been part of or is still part of many startups. He is the Director of Website Development for Future Design Group and one of it's founding partners.