Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

iTokens: Why it makes sense for Apple's rumored payment system to use tokenized transactions

Last updated

Apple is finally expected to announce its entry in the mobile payments arena alongside the "iPhone 6" at a media event on Tuesday in Cupertino, and rumors suggest that the new system will be based around tokenization for enhanced security. AppleInsider took a look at what that means for users.

The theft of payment card data has become a major problem in recent years. Back-of-house breaches at retail chains like Target — and more recently, Home Depot — have attracted headlines, but theft from insecure online storefronts and sophisticated "skimmers" on ATMs and point-of-sale terminals has also increased at an alarming rate.

News coverage of such thievery is often breathless, whipping a largely non-tech savvy population into a frenzy over the dangers of wireless technology that they don't understand. For proof, one needs to look no further than the booming cottage industry of wallets and purses and passport holders that act as portable Faraday cages, ostensibly to protect against the entirely overblown threat of "walk-by hacking."

The real problem comes from merchants and payment providers that transmit and store card data with inadequate encryption or weak security practices. In fairness, this is a difficult technological nut to crack for many small businesses and startups; that's why the payment industry is moving rapidly toward tokenization, in a bid to lower the number of weak links in the payment chain.

What is tokenization?

Broadly speaking, "tokenizing" means swapping out the actual card number for a different, representative number — a token. The token is generated by running the account number through a cryptographic function that can only be reversed with a key held by the token issuer, usually a bank or payment processor.

In a typical retail transaction, it works like this: The customer swipes their card at a terminal — say, Jeff's Widgets. The card information is encrypted and sent over the wire to the bank, which decrypts it, authorizes the transaction, and generates a token.

Without the decryption key, payment tokens are worthless to thieves.

The bank then sends the authorization result and the token back to Jeff's Widgets. Jeff can safely hold on to the token along with the transaction record; without the bank's encryption key, there's no way for a thief to reverse the token and discover the real card number, which is stored securely in the bank's token vault.

Without the account number, thieves can't create duplicate cards or make purchases online. That's why Visa, MasterCard, and American Express proposed a global tokenization standard last year, and Visa is set to roll out its own tokenization service this month.

Visa, MasterCard, and American Express should be familiar names to Apple watchers — the heavyweight financial firms are all rumored to be on board with Apple's payment plans.

So what about Apple?

Apple has some experience with tokenization already when it comes to sensitive data: this is essentially how Touch ID is implemented on the iPhone 5s, though the "token vault" is on the device itself in the form of the A7 chip's Secure Enclave.

When it comes to payments, though, Apple is expected to employ a slightly different method of tokenization. According to Bank Innovation, rather than issuing a single immutable token, the rumored wireless payment system will generate unique one-time-use tokens for each transaction.

An Apple-assigned patent covering tokenization, filed in 2009 An Apple-assigned patent covering tokenization, filed in 2009

This means that even if a malicious actor were able to intercept the wireless transmission containing the token, it would be useless —  the token wouldn't be accepted for any future payments. That's important for a number of reasons, not the least of which is that it greatly simplifies any argument Apple will need to make for the security of its new payment system.

Apple has nearly 1 billion credit cards in iTunes, most belonging to relatively high-income consumers. iTunes's security has rarely come into question, but it's not clear how far that goodwill would extend to a mobile payment solution; an easy-to-understand implementation of single-use tokens that leave virtually no room for thieves to operate would help a great deal.

At the end of the day, the widespread adoption of wireless mobile payments will come down to two things: merchant support and consumer trust. Apple has shown that they've got the clout to handle the former; if they can also secure the latter, they might soon have another "world's biggest" plaque to hang on the walls at Infinite Loop.



111 Comments

shogun 362 comments · 17 Years

The way you describe this it sounds like hackers just need to get the encryption key and the candy store's open. Also, if the person slides their card and the real. Umber is sent to the bank, then what's to preserve the security of the number? Either I'm understanding wrong, or you're explaining wrong, or else it doesn't seem that great.

ericthehalfbee 4489 comments · 13 Years

This is what I said all along. While people are arguing about which methods to transfer data are safer (NFC vs BT vs WiFI vs LTE and claiming NFC is safer due to the short distance) I stated that security lies not in the method of data transfer but not sending personal/confidential data in the first place, and replacing that data with some type of ID or key (token if you like) that is useless to thieves even if they did capture it.

coolfactor 2341 comments · 20 Years

But will it be fast? One of the drawbacks of chip-based credit and debit cards is it actually slowed down the payment process, rather than speeding it up.

pmz 3429 comments · 15 Years

Quote:
Originally Posted by coolfactor 

But will it be fast? One of the drawbacks of chip-based credit and debit cards is it actually slowed down the payment process, rather than speeding it up.


I don't think it is about speed. It is about convenience & security.

 

Arguably a token based purchase made from an iPhone is potentially a lot more secure than a plastic card with a number and magnetic strip.

 

And a wave of the phone is (supposedly) more convenient than taking your wallet out, your card out, swiping (if the reader/strip are both optimal) then pinning in a code or signing a screen. Even if its hold up your phone, wait for prompt, Touch ID, done.