iTokens: Why it makes sense for Apple's rumored payment system to use tokenized transactions
AppleInsider may earn an affiliate commission on purchases made through links on our site.
Apple is finally expected to announce its entry in the mobile payments arena alongside the "iPhone 6" at a media event on Tuesday in Cupertino, and rumors suggest that the new system will be based around tokenization for enhanced security. AppleInsider took a look at what that means for users.
The theft of payment card data has become a major problem in recent years. Back-of-house breaches at retail chains like Target — and more recently, Home Depot — have attracted headlines, but theft from insecure online storefronts and sophisticated "skimmers" on ATMs and point-of-sale terminals has also increased at an alarming rate.
News coverage of such thievery is often breathless, whipping a largely non-tech savvy population into a frenzy over the dangers of wireless technology that they don't understand. For proof, one needs to look no further than the booming cottage industry of wallets and purses and passport holders that act as portable Faraday cages, ostensibly to protect against the entirely overblown threat of "walk-by hacking."
The real problem comes from merchants and payment providers that transmit and store card data with inadequate encryption or weak security practices. In fairness, this is a difficult technological nut to crack for many small businesses and startups; that's why the payment industry is moving rapidly toward tokenization, in a bid to lower the number of weak links in the payment chain.
What is tokenization?
Broadly speaking, "tokenizing" means swapping out the actual card number for a different, representative number — a token. The token is generated by running the account number through a cryptographic function that can only be reversed with a key held by the token issuer, usually a bank or payment processor.
In a typical retail transaction, it works like this: The customer swipes their card at a terminalÂ — say, Jeff's Widgets. The card information is encrypted and sent over the wire to the bank, which decrypts it, authorizes the transaction, and generates a token.
Without the decryption key, payment tokens are worthless to thieves.
The bank then sends the authorization result and the token back to Jeff's Widgets. Jeff can safely hold on to the token along with the transaction record; without the bank's encryption key, there's no way for a thief to reverse the token and discover the real card number, which is stored securely in the bank's token vault.
Without the account number, thieves can't create duplicate cards or make purchases online. That's why Visa, MasterCard, and American Express proposed a global tokenization standard last year, and Visa is set to roll out its own tokenization service this month.
Visa, MasterCard, and American Express should be familiar names to Apple watchers — the heavyweight financial firms are all rumored to be on board with Apple's payment plans.
So what about Apple?
Apple has some experience with tokenization already when it comes to sensitive data: this is essentially how Touch ID is implemented on the iPhone 5s, though the "token vault" is on the device itself in the form of the A7 chip's Secure Enclave.
When it comes to payments, though, Apple is expected to employ a slightly different method of tokenization. According to Bank Innovation, rather than issuing a single immutable token, the rumored wireless payment system will generate unique one-time-use tokens for each transaction.
This means that even if a malicious actor were able to intercept the wireless transmission containing the token, it would be useless — Â the token wouldn't be accepted for any future payments. That's important for a number of reasons, not the least of which is that it greatly simplifies any argument Apple will need to make for the security of its new payment system.
Apple has nearly 1 billion credit cards in iTunes, most belonging to relatively high-income consumers. iTunes's security has rarely come into question, but it's not clear how far that goodwill would extend to a mobile payment solution; an easy-to-understand implementation of single-use tokens that leave virtually no room for thieves to operate would help a great deal.
At the end of the day, the widespread adoption of wireless mobile payments will come down to two things: merchant support and consumer trust. Apple has shown that they've got the clout to handle the former; if they can also secure the latter, they might soon have another "world's biggest" plaque to hang on the walls at Infinite Loop.