Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

What you need to know about Apple Pay

Ryan Faas | Sept. 10, 2014
Today, Apple introduced its mobile payment system — known simply as Apple Pay.

According to Apple, the A8 processor powering the iPhone 6 and 6 Plus will use a Secure Element to store Touch ID and credit/debit card information. It isn't certain if the Secure Element is simply a new name for the Secure Enclave or if includes new functionality.

Much as the Touch ID data stored in today's Secure Enclave isn't an actual copy of a user's fingerprints but rather encrypted mathematical information that can be used to verify them, Apple Pay data in the Secure Element will not include a user's actual card number or related information, and such data will not be backed up or synced to Apple's servers. (The only potential exception appears to be the card that is on file for iTunes and related electronic purchases like apps or ebooks)

When a user adds a card to Apple Pay, Apple will verify the identity with the bank or institution that issued the card and a unique Device Account Number will be assigned to Apple Pay and stored in the Secure Element. During each transaction, a one-time-use unique number will be generated based on the Device Account Number along with a dynamic security code. Once the transaction is completed, the number will no longer be usable, meaning that even if a POS system is compromised, any data stolen will be useless for future transactions.

A lost or stolen device can be blocked from future transactions using Find My iPhone without requiring a user to be issued new cards or card numbers. Apple didn't provide details about how this will work, but it will likely be a one-way command, like a remote wipe command. 

Apple has long had its hands in the online an mobile content game with its various electronic store fronts including the iTunes, App, Mac App, and iBooks stores. That delivers a level of comfort and trust on the part of its customers

Apple has also experimented with location-based mobile payments that do not rely on NFC. The company's Apple Store app allows users to make in-store purchases for accessories from the app based on their Apple ID without interacting with store employees. Square and PayPal have experimented with similar systems, as has the bar- and restaurant-specific company TabbedOut, and some individual businesses. None has achieved particularly broad market penetration. This may one reason that Apple decided to ultimately use NFC as part of Apple Pay. Also, access to existing contactless payment systems and POS devices that are already widely deployed means that Apple Pay can be used in a broad range of existing retail establishments at launch.


Previous Page  1  2  3  4  Next Page 

Sign up for CIO Asia eNewsletters.