Apple Pay, Appleâ€™s upcoming digital payment platform, is not on the market yet. But rumor has it that it will deliver the most secure environment ever used for in-store transactions. With massive data breaches hitting retailers and eroding trust in credit card payments, we thought weâ€™d take a closer look at the embedded security features this alternative payment system will allegedly bring to the table.
Is Apple Pay a version of Google Wallet?
You could think so. Apple Pay acts as a virtual wallet and, much like Google Wallet, uses NFC technology to pair devices and wirelessly enable mobile payments. Both services allow users to swipe their smart devices near a compatible payment terminal and pay for goods in a matter of seconds. But while Google allows app sharing, file sharing and other phone-to-phone interactions with NFC, Apple has locked the use of NFC on its devices to only work with mobile payments.
Is Apple Pay safer than others?
Apple has introduced an arsenal of weapons to fight off hackers, combining technologies such as NFC, EMV, Touch ID and Secure Element. But the result hasn’t been actually proven safer, because the service has not been released yet. Hereâ€™s what they do:
NFC. This technology automatically makes payment processes more secure. Cards are not swiped during the transaction so attackers canâ€™t use techniques such as skimming and memory scraping at the PoS terminal.
Biometric validation is very similar to the tap-to-pay feature already available in Android devices for paying anywhere contactless payments are accepted. In Apple devices, the Touch ID feature unlocks the phone via fingerprint, authorizes iTunes purchases and now works for in-store transactions, allowing users to confirm payments at NFC-enabled payment terminals.
Tokenization. Both Apple and Google, to some extent, assign one-time tokens to each transaction and unique 16-digit device numbers to each credit card number. This way, hackers canâ€™t trace credit card numbers and, if they do, it wouldnâ€™t be of much use outside Apple’s payment system.
Secure Element. The unique device account number is assigned, encrypted and stored on a dedicated chip in the device, named Secure Element, along with a unique cryptogram for each transaction. During the payment process, the one-time string of random numbers created by encryption keys is decrypted by the network and sent to the bank if deemed authentic. The bank decrypts the token again and, if everything checks out, the purchase is approved.
EMV. EMV technology, which is already known, is responsible for encrypting the transaction from end-to-end. EMV is considered more secure than the magnetic strip, developed more than 50 years ago but still very much used in the United States.
What do Apple fans need to know? Things to consider
- You need to own the latest iPhone smartphone or smartwatch.
- The service is limited to US citizens.
- Apple says the userâ€™s credit card data will not be stored on Apple servers or merchantsâ€™ servers, which is great for privacy, but storing it locally, on the device, might increase the risk of identity theft.
- The NFC chip is strictly limited to the mobile payment platform, as opposed to Google Wallet, which is a cross-platform service.
- Unfortunately, technological impediments have prevented merchants from fully supporting NFC, which is where Google Walletâ€™s adoption rate encountered serious issues.
Â Should you ditch your wallet for Apple Pay?
If youâ€™re a US citizen with the latest iPhone model or an Apple smartwatch, then, yes, you could be very tempted to do so. Apple Pay has the potential of becoming the next big thing, especially since six banks and over 220,000 stores are rooting for it.