Target Begins Apple Pay Rollout at Select Locations

nsayer

macrumors 6502a
Jan 23, 2003
996
481
Silicon Valley
On a trip to SF last year, I was paying for merchandise at Alcatraz. I was absolutley shocked when I had to insert my Visa Debit Card and had to sign for a purchase. We got rid of signatures in Australia back in 2014. I really don't understand how the US is so backwards on Card Technology when they are the home of MasterCard, Visa and AMEX.
Let's just put this into perspective. While Australia is approximately the size of the continental U.S., the population of Australia is slightly less than the population of Texas. The U.S. Population is about 13 times more than that and has more than basically two centers of population (Perth and the Southeast coastline).
 

dontwalkhand

macrumors 603
Jul 5, 2007
5,427
1,546
Phoenix, AZ
Let's just put this into perspective. While Australia is approximately the size of the continental U.S., the population of Australia is slightly less than the population of Texas. The U.S. Population is about 13 times more than that and has more than basically two centers of population (Perth and the Southeast coastline).
It also seems that every other country on this world uses bank provided terminals en masse, which makes it VERY easy to deploy things like contactless (but also very hard on customizing it to your needs). In the US, most stores use proprietary systems for each store, which are fully integrated with the POS, rather than bank provided equipment. (Which explains why most mom and pop stores in the US have Apple Pay, because like Australia, they choose to use the bank provided equipment, rather than a full POS system). No sane store like Walmart in the US is going to use standalone bank provided bank terminals.

Now, bear in mind that Walmarts in other countries around Europe (such as ASDA) do have contactless enabled, but not in other markets such as Canada, Mexico, and the US. CA/MX/US Walmarts use the same Ingenico iSC250 setups with no contactless enabled. In Europe, Walmarts use the Ingenico iPP350, but with contactless enabled....it isn't bank provided, still Walmart provided equipment.
[doublepost=1549326113][/doublepost]
Actually no. I didn't know that. Thanks for the info. Sounds like it's a good time to research alternative processors.

Makes no sense to me that any of them would charge MORE simply based on the connection style. Of course, I do realize that manually typing the numbers costs more, but at least a NFC connection is (or should be) considered secure.

ALL: Can anyone with direct knowledge comment on the logistics of enabling various connection types? If NFC costs more, does that also explain why CHIP cards are not enabled for many smaller businesses... and even some big ones?
Something called EMVCo Certifications. These are still very backlogged, as they had a whole country the size of a continent with billions of different point of sale systems and credit card readers all wanting certifications at once. Whereas in other countries, they just had to certify a few bank provided models, and those were what you had to choose from.
 

ecschwarz

macrumors 65816
Jun 28, 2010
1,304
257
By the way, it's a little off-topic, but I want to point out how impressive it is that Aldi (the US arm at least) went from only taking debit cards or cash (to cut costs) to taking credit cards (3/2016) to having NFC fired up and working well (9/2017) and most stores had the EMV slots enabled, around that time, too. They use the Verifone mx915s, too and their implementation is the kind where you can run your card at any point in the transaction (instead of waiting for NFC to be ready).
 

Rigby

macrumors 603
Aug 5, 2008
5,285
5,836
San Jose, CA
You've got this a little bit confused. Apple Pay doesn't use Red Card yet
Never claimed they did.
and if you did use Target's Red Card at Target, of course your privacy isn't going to be improved because you are sending your information to the card issuer, i.e., Target!
The Redcard credit card is actually issued by TD Bank. Not sure about the debit card.
Using any other card will improve your privacy.
Within the limits that I described. If you disclose your identity even once while making an Apple Pay transaction (e.g. by using the loyalty card or allowing Target to scan your ID when buying alcoholic beverages), the merchant can track and link your future purchases to you via the DAN, regardless of which card you use. Large retailers like Target and Walmart have gotten very good at this.
 

MisterSavage

macrumors 68020
Nov 10, 2018
2,332
2,213
By the way, it's a little off-topic, but I want to point out how impressive it is that Aldi (the US arm at least) went from only taking debit cards or cash (to cut costs) to taking credit cards (3/2016) to having NFC fired up and working well (9/2017) and most stores had the EMV slots enabled, around that time, too.
Holy cow I don't shop at Aldi and had no idea they didn't take CC's for a while.
 

beanbaguk

macrumors 6502a
Mar 19, 2014
705
890
Europe
Every time one of these stories pops up all the Canadians and Europeans pop out of the woodwork acting amazed at the situation in the US. It's getting kind of old. These stories have been popping up multiple times a year since ApplePay was first introduced. We get it. Your system is better than ours. I doubt that when you guys first got tap to pay that it rolled out over night. Please stop acting amazed that it's not happening over night here.
Touchy touchy! Isn't that the idea of a forum to discuss topics? It's a genuine level of surprise that the nation that created Apple Pay is probably one of the worst adopters of the technology. As one of the leaders of technology, I'm truly shocked NFC payment technologies (and chip and pin), have not been widely adopted across the US.

There's nothing wrong with expressing surprise so not much I can do about that. Sorry this offends you but I'll continue to express my comments when it's genuinely odd!
 

JRobinsonJr

macrumors 6502a
Aug 20, 2015
646
1,143
Arlington, Texas
It also seems that every other country on this world uses bank provided terminals en masse, which makes it VERY easy to deploy things like contactless (but also very hard on customizing it to your needs). In the US, most stores use proprietary systems for each store, which are fully integrated with the POS, rather than bank provided equipment. (Which explains why most mom and pop stores in the US have Apple Pay, because like Australia, they choose to use the bank provided equipment, rather than a full POS system). No sane store like Walmart in the US is going to use standalone bank provided bank terminals.

Now, bear in mind that Walmarts in other countries around Europe (such as ASDA) do have contactless enabled, but not in other markets such as Canada, Mexico, and the US. CA/MX/US Walmarts use the same Ingenico iSC250 setups with no contactless enabled. In Europe, Walmarts use the Ingenico iPP350, but with contactless enabled....it isn't bank provided, still Walmart provided equipment.
[doublepost=1549326113][/doublepost]
Something called EMVCo Certifications. These are still very backlogged, as they had a whole country the size of a continent with billions of different point of sale systems and credit card readers all wanting certifications at once. Whereas in other countries, they just had to certify a few bank provided models, and those were what you had to choose from.
Thanks! Much appreciated.
 

truthertech

macrumors 68020
Jun 24, 2016
2,046
2,213
[QUOTE
Within the limits that I described. If you disclose your identity even once while making an Apple Pay transaction (e.g. by using the loyalty card or allowing Target to scan your ID when buying alcoholic beverages), the merchant can track and link your future purchases to you via the DAN, regardless of which card you use. Large retailers like Target and Walmart have gotten very good at this.[/QUOTE]


All they get is a four digit portion of your DAN.
 
  • Like
Reactions: coolman13355

parseckadet

macrumors 65816
Dec 13, 2010
1,162
678
Denver, CO
Now, bear in mind that Walmarts in other countries around Europe (such as ASDA) do have contactless enabled, but not in other markets such as Canada, Mexico, and the US. CA/MX/US Walmarts use the same Ingenico iSC250 setups with no contactless enabled. In Europe, Walmarts use the Ingenico iPP350, but with contactless enabled....it isn't bank provided, still Walmart provided equipment.
It's surprising to me to hear that Walmart in Canada doesn't have contactless enabled. Every time one of these stories pops up the comments are inundated with Canadians swearing up and down that they use contactless payments EVERYWHERE. I'll keep this little nugget of information handy for the next time I see one of those comments.
One would think that the two Targets in Cupertino would be a good starting location.
Why? Cupertino is Apple's HQ, not Target's. To Target Cupertino is just a city in California most people haven't heard of. I would expect them to roll it out in Minneapolis first, since that's where Target's HQ is.
 
  • Like
Reactions: coolman13355

truthertech

macrumors 68020
Jun 24, 2016
2,046
2,213
True, but Target has no doubt negotiated a discounted card processing fee with the issuer of their store card, so the Apple fee will probably hurt them more than with regular cards.
The token (virtual card number or DAN) is actually not a one-time number but stays constant (you can see the last 4 digits in the Wallet app). Only the additional security code changes for every transaction. This means Apple Pay transactions can actually be tracked and tied to a card across transactions. What's missing is the mapping of the card to a person (Apple Pay does not transmit the name or other identifying information to the merchant terminal like physical cards do). But given that Target closely cooperates with the bank that issues their store cards, I'm sure the bank will be happy to map the DAN to a customer ID for Target. So no, using the Red Card in Apple Pay will not improve customer privacy.


Just to correct your major misstatements--the merchants do not get your DAN. They get a four digit portion of it, so no they can't map your DAN to you because they never have it. Apple never gets it. As far as your theory about banks "being glad" to decrypt your DAN for their card and share it with merchants (it's unique for each card you add to Apple Pay) that would be a massive violation of their agreement with Apple and end their involvement with Apple Pay.
 
  • Like
Reactions: coolman13355

castlema

macrumors regular
Nov 21, 2003
101
32
It's finally reaching critical mass as far as acceptance. The next phase is awareness. For example, Costco, a huge retailer, starting accepting Apple Pay last summer, but there wasn't any type of announcement and their machines don't have any symbols, etc., that let you know they are NFC/Apple Pay capable, so most people have no idea it's still not accepted.

Apple has done local advertising campaigns where they have merchants signed up to offer discounts for a few days when using Apple Pay, but Apple hasn't really done any significant broad advertising for Apple Pay; likely because they didn't want people to be frustrated when they tried to use it at merchants that didn't accept it. Perhaps, they are reaching that point where it's feasible to do that national campaign.
Costco is an odd case since many people (myself included) have the Costco Visa card which doubles as our Costco membership card. Since you have to get out the card at checkout so that the member number can be scanned there is no advantage to using Apple Pay afterward. If you use your debit card or a different Visa card then using Apple Pay would make sense.
 
  • Like
Reactions: coolman13355

truthertech

macrumors 68020
Jun 24, 2016
2,046
2,213
Costco is an odd case since many people (myself included) have the Costco Visa card which doubles as our Costco membership card. Since you have to get out the card at checkout so that the member number can be scanned there is no advantage to using Apple Pay afterward. If you use your debit card or a different Visa card then using Apple Pay would make sense.

Apple is working on the issue of loyalty and membership cards in the Apple Wallet, so hopefully that will be resolved soon, but most importantly, you're ignoring the entire privacy and security aspect of using Apple Pay.
 

ecschwarz

macrumors 65816
Jun 28, 2010
1,304
257
Apple is working on the issue of loyalty and membership cards in the Apple Wallet, so hopefully that will be resolved soon, but most importantly, you're ignoring the entire privacy and security aspect of using Apple Pay.
I think Costco (and maybe Sam's Club if hell freezes over and Walmart caves) are sort of the exception in that it's mandatory to associate your membership with a purchase. I've had a Sam's Club membership for a long time (using the "household" one of a family member's) and I don't go there often, but when I do, the purchases are varied enough that I'm sure whatever algorithm is trying to track and understand my spending habits is being thrown for a loop.

As for places like Target's Carthweel/Circle (renamed from Red today), Meijer's mPerks, the current name of Best Buy's Reward Zone (can't remember at the moment), Kroger's Plus, and other loyalty programs, not using them would be the way to opt out for privacy with Apple Pay. Again, I think it's up to the user how much or how little they want to use these, but I think being picky on a per-store basis isn't bad.
 
  • Like
Reactions: coolman13355

dontwalkhand

macrumors 603
Jul 5, 2007
5,427
1,546
Phoenix, AZ
It's surprising to me to hear that Walmart in Canada doesn't have contactless enabled. Every time one of these stories pops up the comments are inundated with Canadians swearing up and down that they use contactless payments EVERYWHERE. I'll keep this little nugget of information handy for the next time I see one of those comments.

Why? Cupertino is Apple's HQ, not Target's. To Target Cupertino is just a city in California most people haven't heard of. I would expect them to roll it out in Minneapolis first, since that's where Target's HQ is.
To add to it, when Target was in Canada, Target opted for the Verifone Mx880 there, with no contactless either.

Chipotle in Canada is another one that has no Contactless, in fact to make it worse, no chip either! Canadians are amazed that they still *swipe* there.
 

MisterSavage

macrumors 68020
Nov 10, 2018
2,332
2,213
Apple is working on the issue of loyalty and membership cards in the Apple Wallet, so hopefully that will be resolved soon, but most importantly, you're ignoring the entire privacy and security aspect of using Apple Pay.
It's getting better! I got an email from IKEA today and it included an "add to Apple Wallet" button for my IKEA Family (their loyalty program) number. I just added it.

Chipotle in Canada is another one that has no Contactless, in fact to make it worse, no chip either! Canadians are amazed that they still *swipe* there.
Chipotle is like that in the US also. At least the ones I go to. Swipe only.
 

rugmankc

Contributor
Sep 24, 2014
2,178
640
Now taken at Beavercreek, Ohio location---:)

4 Green Dots, accepted my watch almost immediately. That's at least 6 times faster than my chip.
 
  • Like
Reactions: ecschwarz

Rigby

macrumors 603
Aug 5, 2008
5,285
5,836
San Jose, CA
Just to correct your major misstatements--the merchants do not get your DAN. They get a four digit portion of it, so no they can't map your DAN to you because they never have it. Apple never gets it. As far as your theory about banks "being glad" to decrypt your DAN for their card and share it with merchants (it's unique for each card you add to Apple Pay) that would be a massive violation of their agreement with Apple and end their involvement with Apple Pay.
Dude, you have no idea what you are talking about. I've said what needed to be said for people who are willing to learn.
 

nsayer

macrumors 6502a
Jan 23, 2003
996
481
Silicon Valley
but at least a NFC connection is (or should be) considered secure.
I tried, but I couldn't let it go. :)

NFC isn't secure at all, nor should it be considered secure. What makes credit card transactions over NFC acceptable is that the transactions themselves are secure because of the cryptography performed in the secure element of the card/phone.

You could perform such a transaction using bullhorns in the parking lot and it would still be secure, despite the fact that the transport mechanism isn't. The only thing that matters is that the card/phone can authenticate messages to the bank in a trustworthy way and no one in the middle can modify the messages and retain that trust and that no one can (at a reasonable cost) clone the secure element. Nothing between the bank and the card/phone is trusted, nor should it be.

There have been supply-chain attacks on the terminals, but the most you can do by tampering with the terminal is capture the PIN and card number or modify the transaction details (like add a few cents to the amount, but then the merchant could do that himself too) before it gets authenticated by the card. Capturing the PIN/card combination could be used in CNP or mag stripe transaction attacks, but Apple Pay is immune to that because the virtual card number cannot be used for CNP or mag stripe transactions.
 
  • Like
Reactions: truthertech

JRobinsonJr

macrumors 6502a
Aug 20, 2015
646
1,143
Arlington, Texas
I tried, but I couldn't let it go. :)

NFC isn't secure at all, nor should it be considered secure. What makes credit card transactions over NFC acceptable is that the transactions themselves are secure because of the cryptography performed in the secure element of the card/phone.

You could perform such a transaction using bullhorns in the parking lot and it would still be secure, despite the fact that the transport mechanism isn't. The only thing that matters is that the card/phone can authenticate messages to the bank in a trustworthy way and no one in the middle can modify the messages and retain that trust and that no one can (at a reasonable cost) clone the secure element. Nothing between the bank and the card/phone is trusted, nor should it be.

There have been supply-chain attacks on the terminals, but the most you can do by tampering with the terminal is capture the PIN and card number or modify the transaction details (like add a few cents to the amount, but then the merchant could do that himself too) before it gets authenticated by the card. Capturing the PIN/card combination could be used in CNP or mag stripe transaction attacks, but Apple Pay is immune to that because the virtual card number cannot be used for CNP or mag stripe transactions.
Fair response. I was referring to CC over NFC and how they are secured cryptographically... but wasn't clear. Appreciate the additional commentary!
 
  • Like
Reactions: nsayer

VARTV

macrumors member
Oct 25, 2014
98
32
Virginia Beach, VA, USA
I know this thread has been quiet for over a month. I just received an email from WallyWorld that they are ending their Savings Catcher program. THIS was the reason we used Walmart Pay... not any more after the Program ends. Could this be a good sign for NFC acceptance???
 

tmiw

macrumors 68020
Jun 26, 2007
2,192
490
San Diego, CA
I know this thread has been quiet for over a month. I just received an email from WallyWorld that they are ending their Savings Catcher program. THIS was the reason we used Walmart Pay... not any more after the Program ends. Could this be a good sign for NFC acceptance???
I think a bigger indication would be if Walmart discontinued Walmart Pay. Considering that people think that it's just as popular (if not more) than Apple Pay, I don't see them doing that or enabling NFC any time soon.
 

dontwalkhand

macrumors 603
Jul 5, 2007
5,427
1,546
Phoenix, AZ
I know this thread has been quiet for over a month. I just received an email from WallyWorld that they are ending their Savings Catcher program. THIS was the reason we used Walmart Pay... not any more after the Program ends. Could this be a good sign for NFC acceptance???
Though Walmart Pay isn’t bad; I still prefer Apple Pay. Walmart Pay does have other advantages though like eReceipts, and express returns.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.