How Apple Pay is designed to avoid the pitfalls of traditional payment systemsApple has made security a tentpole of its marketing strategy for Apple Pay, the company's new mobile payment system, which rolls out across the U.S. on Monday. AppleInsider took a look at how Apple Pay's design makes it better for consumers.
How it works now
When consumers swipe their credit card for a latte or a new set of tires, the card data actually changes hands a number of times before the transaction is approved.
First, the merchant — for example Starbucks — collects the card number, CVV, expiration date, billing address, PIN (if it's a debit card), and other data from the card itself at the terminal. It's encrypted, then sent to the merchant's bank or payment processor, called the "acquirer."
Credit card numbers flow though at least three different networks in a typical transaction.
The acquirer forwards the authorization request to the customer's bank, called the "issuer," via the card networks' individual processing networks. The issuer either accepts or denies the charge, and responds by sending the appropriate status codes back in the other direction.
Most of this chain is extremely secure; unfortunately, as recent data thefts like those from major retailers Target and Home Depot have shown, that's not always the case.
Smaller merchants using off-the-shelf payment systems are unlikely to have access to the card data, but larger merchants often collect it for business-related functions, like sales analysis. These databases are major targets for malicious attackers, to be sure, but there's one more, potentially larger problem: privacy.
Major retailers also use this information to profile customers for advertising, like the famous case where Target outed a teen pregnancy based on spending habits. With consumers become more conscious of the privacy of their personal information, this has become an even more hot-button issue.
How Apple Pay is different
Apple designed Apple Pay to use tokenization. Broadly speaking, tokenization replaces the actual credit card number with a special number for making payments.
Tokenization is not a new concept, but Apple's implementation is reportedly far more secure and brings tokenization into the real world. Traditionally, credit card tokenization was an online-only affair and the token vault — a database that maps tokens to credit card numbers — was maintained by the payment gateway.
Apple has worked directly with credit card networks like Visa and American Express to move tokenization to their end of the chain, according to details of Apple Pay's design revealed by POS provider Clover.
With Apple Pay, rather than receiving a card number, CVV, expiration date, and billing address from the customer, the merchant receives only a device-specific token and a dynamic, one-time-use security code. The token is translated into a credit card number only when it reaches the payment network, meaning that only the consumer's bank and the payment network have information about both the person and the transaction.
Apple has gone to great lengths to tout Apple Pay's security and privacy bona fides, both on the Apple Pay marketing site and in the company's knowledge base. As they say:
Apple Pay was designed so that when you pay in stores Apple doesn't collect any transaction information that can be tied back to you.
This focus on privacy differentiates Apple Pay not only from the current physical credit card system, but also from competing mobile payment platforms.
Existing mobile payment systems
Apple Pay's major competitor, Google Wallet, operates without the security or privacy benefits of network-level tokenization. Instead, Google stores consumers' card data on its own servers and acts as an intermediary for transactions.
When paying with Google Wallet, consumers aren't paying directly. Google actually foots the bill and then charges the customers' card on file.
In this way, Google gains access to all of the customer's purchase history, a major concern for those worried about privacy. It is unclear whether Google will change tack in the face of recent privacy concerns, but a shift seems unlikely given the search giant's advertising-focused business model.
Google gets access to all Wallet transactions, and SoftCard transmits the card number over NFC.
Another competitor, SoftCard — formerly ISIS — stores consumers' credit card numbers in a secure element on the SIM card itself. During a transaction, the number and additional metadata is transmitted via NFC as though the card were swiped, and the rest of the process continues in the same manner.
Apple's approach, while not entirely novel, provides much more security than traditional systems or high-tech competitors. It also gives consumers greater control over the dissemination of their personal information — something likely to win over more fans if current trends continue.
Apple Pay is scheduled to launch later today with the release of iOS 8.1, which will activate the NFC side of the equation for iPhone 6 and iPhone 6 Plus owners. More than 220,000 retail outlets are supporting Apple Pay at launch, with many more expected to sign on in the coming weeks.
On Topic: iOS
- Apple's differential privacy in iOS 10 is opt-in, limited to four use cases
- Video: See how Photos in iOS 10 can recognize faces, places and more
- Apple features 'Lifeline' in latest Developer Insights series
- Inside APFS: new Apple File System detailed at WWDC to replace HFS+ in 2017
- Inside iOS 10: Split-screen view in Safari for iPad boosts productivity