It’s been a week since I wrote about the impending disruption Apple Pay would bring to the payments industry as a whole. It appears that after the initial excitement of the new iPhone 6 and Apple Watch announcements died down, others turned their attention to the Apple Pay story and realized just what an impact it is likely to make.
ZDNet’s Natalie Gagliordi reckoned Apple Pay “was either an innovative kickstarter to an industry struggling to reach critical mass, or an uninspiring riff on pre-existing technology that’s unlikely to move the industry’s proverbial needle.”
Other detractors and disbelievers used the non-success of other non-finance industry payments system as a sign that Apple Pay’s failure was imminent as it offered nothing new. Business Insider ran with the evocative headline that “Apple Is A Decade Behind Japan’s Mobile Payment Curve.” We all knew that but the success of NFC-enabled handsets with the Felicia chipset developed by Sony was driven by its use firstly as a cash-less transport card. That drove its expansion into a more general mobile payments system but it was really never accepted outside of Japan.
It cannot be argued that the most successful use of NFC technology has, to date, been in the transport industry but that’s probably because no-one attempted to line up all the pieces needed to make it a success for general payments. For that to succeed it has to involve the major credit card companies, the issuing banks and the retailers equipped with contactless terminals.
Apple’s ‘delay’ in deciding to adopt an NFC chip in its Apple iPhone was more about seeing what others were doing wrong, rather than coming up with new technology of its own. It knew that creating a new chip, new processes and forcing its way into the existing value chain probably not succeed, and it had plenty of others to cite as examples.
The Washington Post quoted a Gartner report that NFC enabled purchases were projected to be $8.2 billion this year and to soar to $21.9 billion in 2016 and that widespread adoption of Google’s (mobile wallet) service had “been undermined by the resistance of wireless carriers that would not activate the chip in smartphones that used Google’s Android operating system but were built by other companies.”
It also pointed out that the operator-led Isis mobile wallet system (now called Softcard for obvious reasons) has “a choke point where the mobile carrier can decide who has access to that NFC chip” and that has been a limiting factor. The ‘fear’ that account information is stored somewhere in the cloud might also have been a detractor for many. The fact that Capital One withdrew from early pilots because it “didn’t see account credentials reliably delivered to devices” then alarm bells should have started ringing.
As Apple product manager Eddy Cue explained on stage at the recent launch event, Apple Pay will use technology called Secure Element to encrypt all payment information with an account number that would be associated with a credit card. One-time payment numbers and a dynamic security code would be generated for every transaction, and users can simply take a picture of their credit card with their iPhone 6 and get it verified by their bank in order to add it to their PassBook app and use Apple Pay.
The process behind this tokenization, was already developed by the finance industry but no-one, to date, had worked out how to marry it seamlessly to technology and offer everyone in the chain comfortable levels of security and simplicity without taking a piece of the pie.
Apple didn’t spend much stage time explaining the tokenization process but the method is seen as one of the most secure and fraud-proof payment mechanisms available because it removes the actual credit card number and replaces it with a randomly generated number. That number, or token, can be configured to expire after one purchase or made specific to a certain transaction, making it a useless target for hackers or fraudsters.
Tokenization removes a huge storage burden from merchants, since they never see a person’s actual credit card information and it never enters their POS system or online payment portal. This alone reduces the incidence of merchant fraud, both at point of sale and online, something we don’t hear a lot about.
If Apple has got it right with Apple Pay, others will follow post-haste, but to make it as easy as and as secure as Apple’s Touch ID finger-print recognition they will have to add this feature to their devices or come up with something equally effective. Oh, didn’t Apple buy that company?
So, with sales of over 4 million iPhone 6 in the first 24 hours, to add to the multi-million sales of iPhone 5C and 5S with Touch ID Apple, is off to flying start to win the hearts of the existing card payments industry and stay ahead of the competition for a while yet. Even if the telcos had thought of tokenization first it would be questionable if anyone would be interested after the failure of SIM security and its business model to take hold.