Apple Makes Old Security Business Lead to the Future

Apple’s role in getting the future right has always been been a little strange. Everything it has done, from the mouse and visual display of the Mac, to the mobile music player of the iPod, to the computer-as-phone of the iPhone, Apple has had to work hard to convince consumers these moves were the future they wanted. But with Apple Pay, the new secure commerce tool in the iPhone 6, iOS may have hit the market at a time consumers are ready for a major technology change. And the aggressive control of on-line commerce technology could be a huge new business for Apple.

Like the original Mac, the iPod, and the iPhone, Apple Pay does not represent much of an Apple technical revolution. The major components have, in fact, been around for quite a while. NFC, the short distance wireless communication technology, has been available on Nokia phones since 2006. EMV, a secure communications protection based on standard chips, is built on technology first developed by France’s Bulle in 1985. The two technologies–the basic security tech and wireless links–have been included, if little used, in a variety of mobile devices including most recent Android phones.

Apple is making this move as the desire increases for consumers to pay with credit cards and the ability of retailers and banks to protect the security of those cards is crumbling. From TJ Max to Target to Home Depot, information from millions of consumer credit cards has been stolen in retail transactions. There’s not much retailers can do to defend the cards–even those with the best anti-theft measures are getting ripped off by the millions. They need new technology.

The new approach is your phone replaces your credit card though–and this is vital–the credit card number and other information is not stored on the phone. It’s hardly a new idea. It has been promoted in Europe for a while, particularly by Nokia. Google Wallet uses the same technology on Android phones to transfer card information from secure network cloud storage to a card processor with well-guarded transmission. But it has failed to achieve much use by consumers because of the failure of Android makers to promote it. Samsung  includes NFC on most of its phones and has been building in EMV since 2002 (!). If you should want to use Google Wallet, Google’s web site will give you vague instructions for your Samsung. But I could not find a word of reference to Google Wallet on Samsung’s web site. That means most Samsung phone customers will never think of Wallet.

Samsung's NFC web site

Apple, by contrast, made Apple Pay a prominent feature of the iPhone 6. The banks and credit card companies supporting Apple Pay before the launch of the iPhone 6 had made the service available and began promoting it as soon as the phone was announced. Apple Pay started with the support of Visa, MasterCard, Discover/Diners Club, American Express, and JCB. And, in a hugely important move this week, UnionPay, the largest credit retail processor in China, climbed aboard Apple Pay.

Apple understands it still has to fight for the dominance of Apple Pay, especially in U.S. retailing. As popular as Apple Pay is with banks, small to medium retailers, and a handful of daring big retailers such as Walgreens, some of the leading retailers such as CVS and Wal-mart are blocking it. Instead, they are favoring a rival called CurrentC created by a consortium of large retailers.

Whether the big retailers see an advantage to Apple Pay or not, many of them are prevented from implementing it by contracts they have signed with CurrentC. CurrentC does have an advantage of sorts by being able to work on just about any phone–it uses a QR code on the display and does not require any specific hardware like Apple Pay or Google Wallet.

But the disadvantages of CurrentC are critical. It transmits a considerable amount of information about the owner of the phone–the exact amount is the subject of some dispute–while Apple Pay requires only a single code. Even more important, Apple Pay and the more limited Google Wallet are ready to be used today with the banks and retailers who support it, while CurrentC still has a lot of details, both technical and commercial, to work out before it is available to consumers.

Assuming the initial success of Apple Pay, the challenge for Apple is what to do next. Apple can’t make Apple Pay available just by offering a download through the Apple Store. Participation also requires hardware and dedicated software, similar to but not identical to the EMV chips, needed to support communication. The way to get competitors to accept Apple hardware, or perhaps a way to unify the secure retail communications approaches applied by both Apple Pay and Google Wallet, pose a huge challenge.

Of course, the transitional action of Apple is to limit development like this to Apple products. The company traditionally has reserved keeping such devices to itself to protect sales of its products. But Apple could also be in the position to dominate the rapidly growing market for secure retail communications by licensing competitors the hardware and software needed for Apple Pay, which has shot out as the leader of consumers’ product.

Published by

Steve Wildstrom

Steve Wildstrom is veteran technology reporter, writer, and analyst based in the Washington, D.C. area. He created and wrote BusinessWeek’s Technology & You column for 15 years. Since leaving BusinessWeek in the fall of 2009, he has written his own blog, Wildstrom on Tech and has contributed to corporate blogs, including those of Cisco and AMD and also consults for major technology companies.

108 thoughts on “Apple Makes Old Security Business Lead to the Future”

    1. Thank you–it’s fixed. For some reason, I have trouble mixing ConnectC and CurrentC and when I went to the web site to check, it turns out there is a company called ConnectC that looks right with a quick glance. Must remember: CurrentC, CurrentC, CurrentC.

      1. I must say, your writing has improved by leaps and bounds. Must feel nice to get back in the groove, so to speak. Continued success to you!

    1. In fairness, CurrentC only looks terrible when compared to the UX of Apple Pay and that did not exist when they were planing it.

      1. Which shows the ineptitude of MCX’s vision for the future of mobile payments. But your comment is how most everything is made and unmade.

        Consider that Google changed their entire outlook on what a smartphone was until after the iPhone came on the market. Before that time their idea of a smartphone was a Blackberry clone. The iPhone changed everything.

        CurrentC is cumbersome, insecure and intrusive. I’m not sure why they need my health information, access to my address book or my political affiliations but it’ll be cold day in hell before I ever consider CurrentC. My hope is that it’s delayed so much that all the merchants give up on it and begin deploying NFC machines in their stores.

        I understand they want to avoid credit card fees but I doubt they want to risk losing customers to it, which is far more costly.

  1. “Apple’s role in getting the future right has always been been a little strange. Everything it has done, from the mouse and visual display of the Mac, to the mobile music player of the iPod, to the computer-as-phone of the iPhone, Apple has had to work hard to convince consumers these moves were the future they wanted.”

    What a great insight. I have never seen it put that way before, but you are absolutely right.

    When the Mac was first introduced I was enough into computers to be a young reader of Byte magazine, and I remember the reader letters complaining about how the too-simple “pointing” and “pictures” interface would be a backwards step that would hobble “real” computer users. A real computer was operated by command line, and if you weren’t willing to go to the considerable trouble of learning how to use it then you probably weren’t worthy of the privilege. This is what I believed at the time.

    Years before, Steve Jobs had already had the insight that the real promise of ever-advancing processors would come when those extra processor cycles were used not just to do more work, but to create interpretive layers through which the user could more intuitively interact with the machine. He understood that the real frontier in computing was not the capability of the machine itself but the ability to make it usable by ordinary people. Rather than giving the computer a hundred times more power, make a hundred times more people able to use it.

    He was epically correct, of course; this has to have been his single greatest intellectual breakthrough; and the story of Apple continues to be the story of enabling people through the accessibility of its technology. The carries all the way from the basic interfaces Apple has pioneered all the way down to the amazing power and simplicity, for example, of the camera in the iPhone.

    1. I agree 99% with your post, but that’s only because the command line is still there! This is not an either/or situation.
      I do object towards the non-serviceability of their latest hardware for the same reasons.

  2. Great article Steve! Just a question though, what happens if Apple Pay, gaining critical mass, becoming one of the defacto medium of exchange is..hacked?

    Forgive me for acting out the devil’s advocate role, but very surely, hackers and programmers, will undoubtedly in the future find a bug, a weak link in the iOS protocol and bypass the securities, iOS and the cloud gateway operate should it become profitable for the. So. Much like how every iOS version can be jailbroken these days- barring the latest version for a while (?)

    Who will shoulder the liabilities of the theft and fraud made upon the use if Apple Pay?
    A) The credit card companies / banks?
    B) The unknowing good faith consumer?
    C) Apple? – Although its highly plausible that they will have an iron-clad terms of agreement clause when you use Apple Pay disclaimer
    D) Both A and C.
    E) Charged all to the unknowing good faith customer.

    1. Those are great questions. So far to date, fraudulent results charged to bank cards are being handled publicly by the banks and the retailer. How much behind the scenes agreements are going on, I have no idea.

      Joe

    2. So, it gets hacked, sometime in the future. It’s a software system, they upgrade it and move on. Right now, it appears that the credit card companies will shoulder the liabilities of fraud. The credit card companies are so confident in it (they have a lot of smart people working to limit costs in these types of cases) that they are giving a cut of their proceeds to Apple for basically reducing their fraud risk. And, in the end, it is so much more secure than how things used to be done that it is not even a question as to which one is better.

    3. I would imagine the answer is A, the credit card companies and banks. Isn’t that what normally happens now? And current systems of payment are easier to hack than Apple Pay. My understanding is the only info that can be ‘hacked’ is a token which only works for that specific transaction, the credit card info isn’t passed along in the transaction. So is there any point in hacking at the point of transaction? Doesn’t seem to be. I suppose people might find a way to grab the credit card info from the device, but that’s essentially credit card theft, and would having that info separate from the device work with Apple Pay? Probably not. So you’d need to steal the device itself. But the user can lock the device down almost immediately. Ah, how stupid of me, it appears the credit card info isn’t on the device either, it’s all ‘tokenization’. So what is there to steal once you’ve hacked in?

    4. No system is without its weak points but I believe Apple has their basis covered on this one.

      Consider that with both Google Wallet and CurrentC you can authorize a transaction by dialing in a code. With Apple Pay it only works through TouchID. Unless Ethan Hunt’s stolen your phone the thief will lack the necessary skill and tools to duplicate your fingerprint.

      With iCloud you can lock or wipe the phone clean or set up TouchID to automatically wipe the phone clean if more than 10 TouchID attempts are made to unlock it.

      There are so many safeguards built into iPhones and Apple Pay that any hacking will be immensely sophisticated meaning it will be incredibly rare. The common thief or mugger don’t stand a chance of compromising your iPhone’s data.

      As for who picks up the tab if your card is used fraudulently, I’m pretty sure your bank/credit card underwriter will continue to monitor your activity and alert you accordingly.

  3. I think you have missed the real advantage that is propelling Apple Pay – Touch ID. In one feature no one else has, Apple provides security, ease of use, and speed that makes the system easier and better than a credit card. Any system not easier and better than the existing card system will fail.

  4. Wow, this is truly awe-inspiring! I’m grateful for the dedication you invested in sharing this priceless information. I always exciting to discover well-written and enlightening articles like this. Keep up the outstanding work!

  5. Wow, this article truly opened my eyes to fresh ideas! Your insights are not only thought-provoking but also remarkably applicable in our times. I’m genuinely impressed with the breadth of your analysis and the way you’ve expressed your points. Keep up the wonderful work! Eager to read more of your writings. This has certainly made my day and stimulated some interesting thoughts. #Inspired #Insightful

  6. So excited to share my thoughts here! This content is refreshingly unique, combining creativity with insight in a way that’s captivating and educational. Every detail seems meticulously crafted, showcasing a deep appreciation and passion for the subject. It’s extraordinary to find such a perfect blend of information and entertainment! Major applause to everyone involved in creating this masterpiece. Your hard work and dedication are truly remarkable, and it’s an absolute joy to witness. Looking forward to seeing more of this amazing work in the future! Keep amazing us all! #Inspired #CreativityAtItsBest

  7. Incredibly enthusiastic to share my thoughts here! This content is a breath of fresh air, merging creativity with insight in a way that’s both engaging and enlightening. Every detail seems meticulously crafted, exhibiting a deep grasp and passion for the subject. It’s uncommon to find such a perfect blend of information and entertainment! Major applause to everyone involved in creating this masterpiece. Your hard work and dedication are clearly evident, and it’s an absolute joy to witness. Looking forward to seeing more of this amazing work in the future! Keep rocking us all! #Inspired #CreativityAtItsBest

Leave a Reply

Your email address will not be published. Required fields are marked *