Mobile Commerce Insider Featured Article

December 08, 2014

Is Apple Pay the New Safest Way to Shop?

By TMCnet Special Guest
Darren McGrath, global director of mobility solutions, Unisys

The announcement of Apple Pay earlier this year captured the attention of retailers and consumers alike, enticing consumers with a new, simpler way to shop and attracting retailers with the promise of a more streamlined payment process at checkout. However, as the news cycle over the past year has been rife with breaking headlines about data breaches at major retailers across the country, security will be top of mind for both consumers and retailers alike – particularly as we enter the busiest retail season of the year.

Echoing this sentiment, this year’s Unisys Security Index revealed that abuse of credit card data ranked at the top of the list among Americans’ concerns, with 59 percent reporting they are now seriously concerned about the possibility of their credit and debit card data falling into the wrong hands. Nearly 60 percent of Americans surveyed also felt that falling victim to a security breach involving their credit card data would make them less likely to do business at a store they commonly use.

Thus, it is no surprise that the recent launch of Apple Pay, now available to iPhone 6 and iPhone 6 Plus owners, has garnered significant attention from both proponents and critics for how it addresses security. While many remain wary of enabling their mobile devices to act as credit cards, by uploading credit card information and being able to scan them at checkout, understanding exactly how Apple Pay works reveals that this just may be a promising new way to shop – and here’s why:

  • Hackers will not be able to access credit card numbers: Credit card information is neither stored on the device nor on Apple’s servers. Instead, when an individual adds a credit or debit card with Apple Pay, a unique Device Account Number is assigned, encrypted and securely stored on his or her iPhone.
  • Transactions are made with single-use encrypted codes: Using the Device Account Number, each transaction is initiated with the shopper’s bank or card provider, which then produces an encrypted unit account number, valid for solely this transaction. This number is stored on the phone in a secure element, i.e., only accessible via a way that is specific to that person. For example, the way a fingerprint is encrypted to unlock a user’s phone and has no use outside of this individual transaction, it acts like a one-time use password.
  • Banks retain control of transaction validation: Transactions are validated by the bank on the back end, removing the possibility of retail data breaches leading hackers to credit card data. While the number used to make the transaction exists in the same format and structure as a credit card number, it is not the number on the physical card. Only the bank will be able to make the association on the back end.
  • Biometrics add a valuable layer of security: The inclusion of biometrics via Apple’s fingerprint scanner adds an additional layer of security, preventing hackers from successfully stealing this data either by stealing the phone or accessing the information remotely. Not only will hackers need the credit card number, but they will also need a validation of the shopper’s identity through the fingerprint scanner.

With Apple Pay now available at leading retailers such as Bloomingdale’s, Macy’s and Sephora, supporting payment from major banks and payment networks, representing 83 percent of credit card purchase volume in the U.S., we can expect the initial trial period of this new system – perfectly aligned with Black Friday and the weeks leading up to Christmas – to be a telling one. The rise of e-commerce and mobile shopping has already made a significant impact on the retail landscape, so it is very likely that Apple Pay will only further drive this retail transformation.

Now the real question will be how consumers respond. Will the fear of credit card theft, resulting from non-stop data breaches, continue to spread, or will consumers be as eager as ever to open their wallets – or scan their devices – at checkout?




Edited by Maurice Nagle




Comments powered by Disqus


Related Mobile Commerce Insider Articles