Age of Mobile Payments – Is Apple Pay Totally Worth it?
How does the idea of purchasing Apple products through your iPhone and thumbprint sound?
Over the years, Apple’s technological marvel has combined several independent devices including cameras, GPS systems and music players, all in one refined in-your-pocket package. Apple is yet again at the forefront of innovation with a new payment service that lets you buy products at over 220,000 shops or within apps, using your hi-tech hand-held gizmo.
The real question every buyer must be weary of is whether it poses any security risks at all, given the recently “leaked” celebrity photos debacle, and do you absolutely need it to make purchasing easy and safe?
Let’s venture deeper into some known facts about mobile online payments.
Partners R Us
Several retailers, including Wal-Mart haven’t partnered with Apple as yet. To work, Apple Pay requires machines that must be capable of communicating with near-field communication (NFC) radio signals; only a handful are capable of doing that.
On the flip side, Apple did sign up with six major credit card issuers, which includes three of the most widespread used credit card companies, MasterCard, Visa and American Express. However, prepaid cards or corporate credit cards are not a part of the loop. Retailers’ proprietary cards haven’t made the list either – shoppers won’t be able to use their Bloomingdale’s or Macy’s cards, for example.
To the everyday customer, this means missing out on store discounts as merchants enjoy revenues from issuing banks. All this may very well change in the near future with Macy’s branded card being added, but at this point it’s mere speculation, at best.
Where Apple Pay really seems to be missing the boat are store-specific cards, though these issues may eventually be resolved. It is quite likely that many merchants would want to give their payment terminals an upgrade within a year or so in order to work with chip-embedded cards. They will be required to anyway to avoid liability, courtesy of new antifraud laws.
As a result, more of these new terminals would be able to communicate with near-field radio signals.
Not all days are dark and gloomy in the Apple Pay world: tokenization, a security feature, is put to good use, which is also payment-card friendly according to industry experts. Credit Card account numbers are substituted with a token, which is a one-time only string of mostly random data. This occurs before the merchant’s point-of-sale system receives any payment data.
The merchant never gets to see the actual account number. Since there is nothing to steal, nothing gets stolen, even if there’s any malware installed in the merchant’s payment systems, or an “ambitious” cashier using a hidden card swiper.
Tokenization, though not very commonly adopted, makes Apple Pay more secure than most mobile online payments, including major credit-card formats to date, and Google Wallet.
New iPhone 6 users are not going to be pleased about this: Apple Pay may just put your phone up on top 5 items to nab on thieves’ lists. Since Apple Watch has also recently extended Apple Pay capabilities to iPhone 5 models, you may need to keep your eyes peeled on buses and subways, while using your phone.
Apple has been smart to invest trust in leading app developers. OpenTable and Target were officially identified as firms that would directly integrate Apple Pay into their iOS apps, regarding online transactions. Others are expected to follow suit.
However, following Apple’s presentations, a leading security firm Trustwave, disclosed how over 90% of the apps scanned as recently as 2013, had some form of security vulnerability. It was further revealed that this form of functionality may also make every device susceptible to attacks.
Let’s examine what using Touch ID entails. Using your iPhone 6 or 6 plus variant, you tap the Touch ID button to purchase, as you hold the phone up against a compatible card reader. The build-in fingerprint reader scans your thumb to verify you as an authorized user. Here’s the kicker: a little experimentation uncovers how it isn’t all that complicated to fool Touch ID into giving access using a rubber fingerprint.
Also worth mentioning is Find My iPhone – in order for it to work, a stolen or lost phone has to be able to communicate with Wi-Fi signals. This is not possible, if the person nicking your phone switches it off right away or seals it up nicely in a Faraday bag, a radio-proof item that can be easily acquired at a computer or electronics hardware store.
The primary method to add your credit card to Apply Pay is reason enough to raise a red flag: you take a photo of the card with your phone and send it to Apple. Again, one can’t help but think back to the recent celebrity photo leaks involving the famed Hunger Games star, among many others. This alone would make anyone leery before sending photos through an iPhone.
A Morgan Stanley analyst reports that Apply Pay may very well accelerate mobile online payments adoption, though it’s difficult to say how quickly it catches on. Time is surely the best judge and this especially holds true for shifting technological trends.
One thing is for certain: in most cases, when a new platform is aimed at enhancing security, it is more than likely it can fall prey to vulnerabilities which can be exploited by aspiring cyber criminals.
We’d love to know what you have to say on the matter; do leave your comments below or get in touch with us directly.