Apple Says Australian Banks' Apple Pay Challenge Harms Consumers

[kdarling]

So Apple provide an encrypted secure payment system, first in the world, that not even the banks can provide, and they should do that from the kindness of their heart?

That's not a valid question, because:

1. Apple didn't create the payment system that it's using under the Apple Pay name.

The NFC contactless payment system, including the tokenization, was invented and provided by others, including EMVCo and its members (e.g. Mastercard, Visa, AMEX, Discover). It's not unique to Apple in any way, so yes the banks could certainly provide it (Android and Samsung Pay use the same basic standard). Heck, it's the banks' decades of payments to the credit card networks that financed most of it.

2. The banks aren't even asking to use that system.

(Or if they wanted to, then that should be up to them making a deal with the EMVCo members.) The banks primarily want access to the NFC radio, which is similar to an app asking for access to the Bluetooth radio.

--
Upshot: the banks don't want to use anything Apple invented. They want access to NFC so they can do their own apps.

 

[69Mustang]

So you're going to deflect away from data collection and bring up something completely unrelated (taxes)? Is this what you do when someone calls you out for an incorrect assumption in the first place? And second place?

I'm going to try this again by repeating the exact same thing you claim I deflected: So your entire argument rests on a non-existent hypothetical? 1. Data from every company is always at risk of being leaked or hacked. Always will be. Liking Apple doesn't make their collected data any less a risk for your hypothetical. 2. Using data for undisclosed means? Newsflash: We only know what companies do with our data because of what they say they do. We have no idea whether it's true or not. Yes, that includes Apple as well.
So where exactly did I deflect from the topic of data collection?

My response about taxes related to your quip about ethics. But you knew that already. Talk about deflection.

 

[appledefenceforce]

That's not a valid question, because:

1. Apple didn't create the payment system that it's using under the Apple Pay name.

The NFC contactless payment system, including the tokenization, was invented and provided by others, including EMVCo and its members (e.g. Mastercard, Visa, AMEX, Discover). It's not unique to Apple in any way, so yes the banks could certainly provide it (Android and Samsung Pay use the same basic standard). Heck, it's the banks' decades of payments to the credit card networks that financed most of it.

2. The banks aren't even asking to use that system.

(Or if they wanted to, then that should be up to them making a deal with the EMVCo members.) The banks primarily want access to the NFC radio, which is similar to an app asking for access to the Bluetooth radio.

--
Upshot: the banks don't want to use anything Apple invented. They want access to NFC so they can do their own apps.

And NFC is not EVERYTHING that Apple Pay uses. Apple uses a combination of Touch ID + NFC + Tokenization to implement Apple Pay. As a matter of fact Google followed Apple to implement Android Pay.

 

[developer13245]

So much text. So little meaning.
[doublepost=1472592102][/doublepost]I like how most of the people siding with the Australian banks and bashing Apple on here don't even live in Australia, or know anything about Australia.

Aussie bank competition, EU tax evasion, exclusive album premiers.. all trending in recent news.. all added on top of years of captive App Stores with vague app approval and featuring, retaliation against developers that go to the press.. It all adds up to the undeniable conclusion that Apple is a corporate bully.

I've lived in the Apple eco system for the last several years, both as an independent and working for very large companies. And also 30 years of engineering experience that started in the communications industry. So I have a unique perspective that I'm trying to convey - you obviously can't take the time to read more than a few lines to gain any perspective - which is why the meaning of it all is way over your head.

I never sided with the banks, and actually suggested that they each "go it alone" in their negations with Apple. Apple's high level demands are easily rebuffed individually and there is no reason to look like they are "ganging up" against Apple, which certainly can be viewed as anti-trust behavior.

Apple is a device/platform company and should focus on delivering core technologies instead of forcefully inserting themselves as a wedge / "toll bridge" in other industries. Apple is already pushing other companies out of application level products - which hurts competition and also their own core platform quality. iOS 9 and El Crap have been a quality train wreck due to their loss of focus. Yet Apple has this attitude that they are the only ones "capable" of delivering a NFC pay system while locking out and preventing others from competing. Why? All just because they make a handset you hold to your head? Do you even realize the 100+ years of diverse technological evolution of the global public telephone system? Yet no one in that space is capable? Really? You are so drowned in flavor aid it's pathetic.

And speaking of anti-trust, do you realize that without the 1984 break up of the US Bell System, it would not have been possible for Apple (or anyone else) build a "subscriber instrument" (look it up) product. I realize this is all a lot of real history that you probably don't have the intellectual curiosity to think about.

 

[developer13245]

And speaking of Apple bashing, they're quite capable of doing it to themselves:

 

[Neo Utopia]

Banks should just work with technology companies who know what they are doing, especially when is comes to security and privacy.

 

[kdarling]

And NFC is not EVERYTHING that Apple Pay uses. Apple uses a combination of Touch ID + NFC + Tokenization to implement Apple Pay.

As I have pointed out very clearly, the tokenization part was not done by Apple.

In fact, no part of Apple Pay even knows that it's a token. The credit card companies could start using real account numbers when we register for Apple Pay, and everything would work exactly the same as now.

Touch Id is simply used as a shortcut for a PIN, which can be used instead. As TouchId API is open, any app can use it, not just Apple Pay.

As a matter of fact Google followed Apple to implement Android Pay.

My family started using Google Wallet back around late 2011. It used a single semi-virtual (you could get a plastic copy) Mastercard account number for all your registered cards, not your real account numbers.

Which is why things like the Home Depot hack didn't bother us. We'd always used Google Wallet with NFC to pay, and thus our real account numbers were safe.

The primary difference between GW back then and Android Pay now, are 1) AP doesn't need a secure element to work, meaning it can operate on far more handsets, and 2) it now uses separate tokens for each registered card.

Banks should just work with technology companies who know what they are doing, especially when is comes to security and privacy.

Most people would think that banks know more about security and privacy than anyone.

That's why Apple went to the banks and credit card companies and asked them to use their latest secure payment methods, instead of Apple inventing their own.

 

[appledefenceforce]

As I have pointed out very clearly, the tokenization part was not done by Apple.

In fact, no part of Apple Pay even knows that it's a token. The credit card companies could start using real account numbers when we register for Apple Pay, and everything would work exactly the same as now.

Touch Id is simply used as a shortcut for a PIN, which can be used instead. As TouchId API is open, any app can use it, not just Apple Pay.



Where do you get your "facts"?

My family started using Google Wallet back around late 2011. It used a single semi-virtual (you could get a plastic copy) Mastercard account number for all your registered cards, not your real account numbers.

Which is why things like the Home Depot hack didn't bother us. We'd always used Google Wallet with NFC to pay, and thus our real account numbers were safe.

The primary difference between GW back then and Android Pay now, are 1) AP doesn't need a secure element to work, meaning it can operate on far more handsets, and 2) it now uses separate tokens for each registered card.



Most people would think that banks know more about security and privacy than anyone.

That's why Apple went to the banks and credit card companies and asked them to use their latest secure payment methods, instead of Apple inventing their own.

The extent that you go to twist reality is astounding. The way you describe Apple Pay makes it clear you have not even used the service and are just talking out of your (Apple-hating) ass.

You clearly fail to even understand what I wrote. I said, Apple Pay is a combination of Touch ID + NFC + Tokenization. To use it, you double click on the home button to activate the card, and then you put your phone close to the terminal for the NFC to work, and then to finalise the transaction you use Touch ID. There's NO way for you to enter a PIN to finalise the transaction. And the fact that other apps can use Touch ID has NOTHING to do with the topic of Apple Pay.

On your misguided comment about tokenisation: https://www.engadget.com/2014/10/02/apple-pay-an-in-depth-look-at-whats-behind-the-secure-payment/

"Highlighting the improved safety that Apple Pay provides, Tom Noyes -- a former credit card executive who has an excellent series of in-depth postsabout the world of mobile payments -- said the following in the wake of Apple's Apple Pay announcement.

Apple is the first implementation of the new EMVCo tokenization specification. In my view this is a giant LEAP beyond EMV chip and PIN, and is now (by far) the most secure PAYMENTS scheme on the planet."

Likewise, Google Wallet did NOT leverage the same combination of technology, and Google only did it with Android Pay, AFTER Apple had launched Apple Pay.

Just throw these out there:
http://www.businessinsider.com.au/android-pay-2015-5?r=US&IR=T
http://www.wired.com/2015/05/google-mimics-apple-android-pay/
http://marketingland.com/an-apple-pay-clone-googles-android-pay-will-accelerate-the-market-130383

Also just noticed this:
"The old Google Wallet in-store payment experience required users to launch an app before initiating payment. While this doesn’t seem like a big deal in the abstract in practice it was and didn’t make paying with Google Wallet much easier than swiping a plastic card. Not needing to launch an app makes a world of difference."

No wonder you like to side with the banks. How innovative. Kinda funny because Google dished Wallet and launched Android Pay just to use the exact deployment from Apple.

 

[1041958]

I'm going to try this again by repeating the exact same thing you claim I deflected: So your entire argument rests on a non-existent hypothetical? 1. Data from every company is always at risk of being leaked or hacked. Always will be. Liking Apple doesn't make their collected data any less a risk for your hypothetical. 2. Using data for undisclosed means? Newsflash: We only know what companies do with our data because of what they say they do. We have no idea whether it's true or not. Yes, that includes Apple as well.
So where exactly did I deflect from the topic of data collection?

My response about taxes related to your quip about ethics. But you knew that already. Talk about deflection.

Why don't we go back to your comment before this?

From me (or you), as an individual? Yes, I do think they generally collect a similar amount of information. You see, I've looked at both their privacy policies. So I'm fairly sure they do. From a general perspective? No, I don't think Apple collects as much. I know they couldn't possibly do so. The numbers give Google a near insurmountable edge in overall aggregated data collection. Google is on pretty much every platform and Apple is only on it's own for the most part (iTunes and Apple Music notwithstanding).

My question to you. If they're both collecting data, does the fact that Google collects more overall make some kind of difference to you? Their aggregate total of collected data has little to do with what they get from each individual. They're both collecting similar information from individuals. Google has more individuals to collect from. Both companies use that data for a number of reasons, including advertising. How does Google's success with advertising somehow make their data collection worse?

It's asinine to think they collect either A) the same amount of information or B) the same type of information. You are absolutely 100% wrong in your original post. But you don't want to talk about that so you're going to try to pick apart a later comment of mine.

As to my ethics comment, I never stated either way which company was more ethical. You added Apple in that discussion yourself (bringing up taxes). Which hints at your bias already. I merely stated that a company whose entire revenue stream is based off information collection isn't going to treat your data the same as one who collects it primarily to improve services.

There are lots of examples of companies changing their policies. Google forcing people to sign up for Google+ to comment on YouTube. Facebook now telling us Whatsapp data will be shared with Facebook when they originally said it wouldn't. Microsoft canceling unlimited Onedrive storage.

It's naive to think Google wouldn't do the same (again) if market conditions change.

 

[kdarling]

The extent that you go to twist reality is astounding. The way you describe Apple Pay makes it clear you have not even used the service and are just talking out of your (Apple-hating) ass.

I'm a fact lover. Fanboy myths get in the way of real discussion.

There's NO way for you to enter a PIN to finalise the transaction.

Comments like this only confirm how little you know about how the iPhone and Apple Pay work.

In Settings, you can choose for AP to use either TouchId or the passcode. (There are many people for whom TouchId might not be a workable option.)

In fact, even if set to use TouchId, if TouchId fails five times in a row (say, because your finger is wet) it reverts to asking for the passcode.

And the fact that other apps can use Touch ID has NOTHING to do with the topic of Apple Pay.

Sure it does. You brought up TouchId as if it were unique to the Apple Pay app.

Apple is the first implementation of the new EMVCo tokenization specification.

That's what I said. The Java applets in the Secure Element... which were written by the credit card companies NOT Apple... used the latest EMVCo standards, which are available TO ANYONE.

Likewise, Google Wallet did NOT leverage the same combination of technology, and Google only did it with Android Pay, AFTER Apple had launched Apple Pay.

Google used the technology that was available at the time. In fact, they used the latest methods to get around a carrier lockdown of phone Secure Elements. The main new method, Host Card Emulation, was later adopted by the credit card companies and became a standard.

Also just noticed this:
"The old Google Wallet in-store payment experience required users to launch an app before initiating payment. While this doesn’t seem like a big deal in the abstract in practice it was and didn’t make paying with Google Wallet much easier than swiping a plastic card. Not needing to launch an app makes a world of difference."

Not sure where you got that quote, but it's incorrect. You did not have to open Google Wallet before you tapped to pay. It automatically started and paid when it detected an NFC payment terminal. I know, I used it myself. And to confirm:

"You don't have to be connected to a cellphone network, however, nor do you have to open the Google Wallet app to pay." - USA Today, 9/2011

 

[69Mustang]

Why don't we go back to your comment before this?

I'll gladly go back to my original content. Mind you, your accusation of deflection had nothing to do with it, but hey who am I not to oblige a fellow forum member. Since you didn't mention you were wrong about me deflecting, I guess you plan on letting that stand. That's okay I guess.

It's asinine to think they collect either A) the same amount of information or B) the same type of information. You are absolutely 100% wrong in your original post.

What makes you think Apple and Google don't collect similar amounts and types of information on each customer? As of yet, you've haven't provided any evidence to support your assertion. Is it just wishful thinking or do you actually have any evidence? Honestly, I expect your reply to my query about evidence to either be 1.Ignored, 2. Based on the aggregated total, when I'm obviously talking about the data collected on each customer, or 3. Deflected by answering my question with a question about my evidence. <-- I'm betting you'll go with 3... maybe 1, but most likely 3.

But you don't want to talk about that so you're going to try to pick apart a later comment of mine.

You're the one mixing quotes and comments. My replies have all related directly to content you typed in a single quote. None have pulled topics from multiple quotes and mashed them together. That's what you're doing. How am I supposed to know what your quoting, and from where?

As to my ethics comment, I never stated either way which company was more ethical. You added Apple in that discussion yourself (bringing up taxes). Which hints at your bias already. I merely stated that a company whose entire revenue stream is based off information collection isn't going to treat your data the same as one who collects it primarily to improve services.

I went back and read your quote. You are right. I misinterpreted your ethics portion. Apologies. As for bias, you're wrong. You're confusing my opinion on the issue we're discussing with my opinion of Apple overall. Not only that, you seem to be ignoring the fact that I haven't said any negative about Apple regarding this topic. I've stated they collect data. Lot's of data. There's nothing negative about that. The taxes? Yeah, I think what Apple and that group of companies is doing is unethical. But again, that's a specific situation not a blanket indictment. Fortunately, I'm not binary in my thought processes.

There are lots of examples of companies changing their policies. Google forcing people to sign up for Google+ to comment on YouTube. Facebook now telling us Whatsapp data will be shared with Facebook when they originally said it wouldn't. Microsoft canceling unlimited Onedrive storage.

Why do you keep repeating this? It's not evidence of anything. Companies change policies. They all do, including Apple. I'll use something from your quote as an example of a company changing policy. Bolded: That's no longer true. Google changed that policy. Apple used to offer free iTunes Radio. That's no longer true. Apple changed that policy. Companies change policies.

It's naive to think Google wouldn't do the same (again) if market conditions change.

What company wouldn't make changes under different market conditions? RIM? Nokia? Change doesn't mean something nefarious. It just means change. Neither you nor I have any idea what those changes would entail. No amount of hypothetical will make our opinions valid.

 

[1041958]

I'll gladly go back to my original content. Mind you, your accusation of deflection had nothing to do with it, but hey who am I not to oblige a fellow forum member. Since you didn't mention you were wrong about me deflecting, I guess you plan on letting that stand. That's okay I guess.



What makes you think Apple and Google don't collect similar amounts and types of information on each customer? As of yet, you've haven't provided any evidence to support your assertion. Is it just wishful thinking or do you actually have any evidence? Honestly, I expect your reply to my query about evidence to either be 1.Ignored, 2. Based on the aggregated total, when I'm obviously talking about the data collected on each customer, or 3. Deflected by answering my question with a question about my evidence. <-- I'm betting you'll go with 3... maybe 1, but most likely 3.


You're the one mixing quotes and comments. My replies have all related directly to content you typed in a single quote. None have pulled topics from multiple quotes and mashed them together. That's what you're doing. How am I supposed to know what your quoting, and from where?


I went back and read your quote. You are right. I misinterpreted your ethics portion. Apologies. As for bias, you're wrong. You're confusing my opinion on the issue we're discussing with my opinion of Apple overall. Not only that, you seem to be ignoring the fact that I haven't said any negative about Apple regarding this topic. I've stated they collect data. Lot's of data. There's nothing negative about that. The taxes? Yeah, I think what Apple and that group of companies is doing is unethical. But again, that's a specific situation not a blanket indictment. Fortunately, I'm not binary in my thought processes.

Why do you keep repeating this? It's not evidence of anything. Companies change policies. They all do, including Apple. I'll use something from your quote as an example of a company changing policy. Bolded: That's no longer true. Google changed that policy. Apple used to offer free iTunes Radio. That's no longer true. Apple changed that policy. Companies change policies.


What company wouldn't make changes under different market conditions? RIM? Nokia? Change doesn't mean something nefarious. It just means change. Neither you nor I have any idea what those changes would entail. No amount of hypothetical will make our opinions valid.

I find it hilarious you'd continue to defend your position that Apple and Google "collect similar amounts and types of information". Even more hilarious that you'd use a boilerplate privacy policy to imply they are the same. And then go on to type an essay about it. I guess it really bothers you when you make a false statement and someone points it out to you. So much so that you'll fight to the end rather than admit your mistake.

 

[69Mustang]

I find it hilarious you'd continue to defend your position that Apple and Google "collect similar amounts and types of information". Even more hilarious that you'd use a boilerplate privacy policy to imply they are the same. And then go on to type an essay about it. I guess it really bothers you when you make a false statement and someone points it out to you. So much so that you'll fight to the end rather than admit your mistake.

So 1 it is. I just knew it would be 3. You haven't pointed out anything btw. You can't support your opinion & we both know you can't, so you choose instead to attack mine via ad hominem. Fair enough. Hopefully, one day you'll actually have facts to support your opinion. Although, based on comments, you don't actually need any. We're not changing either of our opinions so let's agree to disagree.

 

[danckwerts]

ANZ Bank offers Apple Pay.