Apple Pay Helps Everyone by Highlighting Security Problems
Beyond beginning to make it easier for consumers to pay for their purchases with their smartphones, Apple Pay is acting as a catalyst for change in the payments industry. Apple’s launch of its mobile payments system will not only make more options available to consumers, but will place a much-needed spotlight on the security shortcomings of the payments industry, helping consumers to become better informed about the choices that they have now and will have in the future.
Megan Geuss reports for Ars Technica that NFC-based mobile payments systems have been boosted by the launch of Apple Pay, with a source reporting that Google Wallet, which launched in 2011, has seen considerable growth in recent months. Weekly transactions have reportedly increased 50%, and new users have nearly doubled.
Geuss notes that a million cards were activated on Apple Pay during the first 72 hours of the platform’s launch, sparking debate as to whether the figure was really impressive given the context of the more than 600 million credit and debit cards in use in the U.S., or of the 20 million iPhone 6 and iPhone 6 Plus units that Apple had sold at the time, according to ReadWrite.
While many tech insiders and enthusiasts expect Apple Pay to take off among iPhone owners, just as many project that adoptions will be slow. Though many tech-savvy consumers are eager to see what it’s like to pay with a smartphone instead of swiping a card, or are looking to improve the security of their payments by moving away from reliance on magnetic stripe cards, novelty or caution alone won’t win Apple Pay millions of new users overnight, the argument goes.
The moment of truth for Apple Pay’s adoption may not come until October 2015, when the liability for credit card fraud will shift to banks and retailers who don’t adopt more-secure swipe card alternatives like EMV chip-and-PIN cards or systems like Apple Pay. Even then, Apple Pay won’t be the only mobile payments system that stands to gain ground, and Apple’s system, instead, will take on — and largely, already has — the role of catalyst for changes in the payments industry.
In the meantime, interest in Apple’s mobile payments system has renewed the public’s interest in using a phone to pay for purchases in-store. Android users are looking with new eyes at Google Wallet, which represented the first major deployment of a phone-based NFC (near-field communications) payment system when it debuted, according to Ars Technica. Google’s limited partnerships kept adoption small at first, and then a 2012 update enabled users to add credit cards and debit cards from Visa, MasterCard, American Express, and Discover.
The openness of the system is facilitated by issuing the user a Google Wallet Virtual Card, which functions as an intermediary between the credit or debit card and the merchant. The virtual card prevents the system from having to give information on the actual debit or credit card to the merchant, and gives customers more choices of the cards that they can use with Google Wallet. But the fact that the system uses two issuers — the issuer of the credit or debit card, and Bancorp Bank, the issuer of the virtual card — means that Google actually pays an interchange fee to process the transaction.
Although it’s unclear so far if Google has turned a profit from Google Wallet — and its interest likely lies more with collecting data than with collecting revenue — several reports indicated that Apple collects a percentage of each transaction completed via Apple Pay. Apple’s system relies on tokenization that protects the actual credit or debit card number from both the merchant and from Apple’s servers, and completes transactions without needing to go through a bank as the supplier of a virtual card. The Apple Pay setup process is the only time that the customer’s card information is exchanged between Apple and the issuer.
Apple uses the device-specific token, associated with the device account number, in lieu of the actual card data. The token and accompanying cryptogram, which is generated as a security key for each transaction, are stored on the Secure Element, isolated from iOS or Apple’s servers. Apple Pay demonstrates to consumers much more than the idea that they can pay for purchases with their smartphones. It also illustrates that new types of payments, beyond the swipe-cards that the U.S. has used for decades, can provide better security in an era where retailers’ security precautions and banks’ anti-fraud measures have proven themselves to be inadequate protection.
And as Apple Pay boosts adoption of related services like Google Wallet, it demonstrates Apple’s power to affect consumers’ awareness of an industry and its weak points. When it comes to the choices of payment methods that users have now — and the new choices that they’ll have in the next year or so as chip-and-PIN cards finally come to the U.S. and mobile payment systems gain momentum — Apple Pay’s biggest contribution to the payments industry may be the conspicuous spotlight that it shines on security.
As consumers become more and more aware of the lack of adequate protection that retailers and current payment systems provide for sensitive credit card and debit card data, they’ll be more likely to entertain the idea of a more-secure mobile payments system, and more enthusiastic about their banks, credit card issuers, and favorite retailers making the shift to EMV systems by October 2015.
Apple Pay’s launch is also likely to catalyze the industry to create more solutions and systems for mobile payments, and as with any class of product or service, the more secure options for consumers to choose among, the better. Apple’s biggest service to consumers — even those who won’t purchase a new iPhone or use Apple Pay — is the launch’s placement of the payments industry and the room that it has for growth into the public consciousness. With its high-profile entrance into the payments industry, Apple is sparking conversations that will help more consumers become better-informed customers of mobile payment systems, banks, card issuers, and retailers.