what banks are required to do for Apple pay

Discussion in 'iOS 8' started by caesarp, Nov 14, 2014.

  1. caesarp macrumors 6502a

    Joined:
    Sep 30, 2012
    #1
  2. Rigby macrumors 601

    Joined:
    Aug 5, 2008
    Location:
    San Jose, CA
    #2
    Interesting, thanks for the link. Seems though that the payment processors are doing most of the work, the banks just pay Apple. ;)

    A bit sad though that, according to the article, Apple Pay transactions seem to be a bit below expectations. As far as I am concerned, the reason is obvious: It's just not supported by enough stores. I'd like to use it more, but there are not many opportunities around here if you don't want to go out of your way (and I live in Apple's home turf which has probably about the highest iPhone 6 concentration in the world). We need big grocery chains, gas stations (at the pump) etc. to come aboard.
     
  3. JoeTomasone macrumors 6502

    Joined:
    Aug 8, 2014
    #3
    That's mostly an issue with stores needing to upgrade their credit card terminals to support NFC payments. This will happen over time as they upgrade to support chip and pin cards - which they are essentially being forced to do by Oct 2015. You are on-board with Apple Pay in not only its infancy, but also in the infancy of NFC payments in the USA, effectively.

    Winn-Dixie just announced support for Apple Pay, and Meijer already supports it.

    Gas stations at the pump may take longer. Due to the complexity and number of terminals involved, gas stations have until 2017 until they are forced to upgrade.
     
  4. Rigby macrumors 601

    Joined:
    Aug 5, 2008
    Location:
    San Jose, CA
    #4
    Well, as we have seen in the last couple of weeks, having NFC terminals doesn't necessarily mean that a retailer has to support Apple Pay. I think there are other factors at play. For example, Safeway (a major grocery chain here on the west coast) is big on tracking and data-mining customers' purchase habits, which is more difficult with Apple Pay due to its increased anonymity.
     
  5. JoeTomasone, Nov 15, 2014
    Last edited: Nov 15, 2014

    JoeTomasone macrumors 6502

    Joined:
    Aug 8, 2014
    #5
    Granted, and as we have seen with the MCX member merchants (CVS, et al) it can be disabled. But as far as merchants who have no "dog in the fight" and simply don't accept NFC payments today because they lack the equipment (which is the vast majority of merchants out there), we can expect wider adoption in 2015. I expect that some of the MCX merchants may join Meijer and defect from MCX... But we will see.

    I'm already noting a number of small businesses near me that are now accepting NFC payments.

    Incidentally, the whole "we can't track you" argument, to me, is largely baseless. Merchants shouldn't be tracking you via credit card number - storing it obviously leads to problems, and certainly shouldn't use it as the sole identifier (since they can't perform demographic analysis, for one). I think Walgreens has the best approach for today - you can use Passbook to scan your loyalty card (which obviously permits them to track you), and then pay with Apple Pay. Takes even less time for me than to either pull both a Walgreens card AND a credit card out of my wallet and use both OR to use Passbook and then dig for a credit card. Scan barcode, tap, done. Many other merchants could do the same thing; and for many, it would simply be a matter of supporting Passbook. Heck, Starbucks - who apparently isn't enamored of Apple Pay (though they are apparently rolling out NFC and support for it) already allows you to store your card in Passbook; if they were to convert it to a straight loyalty card and remove the payment feature, it'd be pretty much a done deal.

    Of course, when you re-load your Starbucks card, you are guaranteeing them future business, which can be seductive to them as well... But since they will be permitting Apple Pay in-app to do it... Well, the arguments start to unravel a bit.
     
  6. simon48 macrumors 65816

    simon48

    Joined:
    Sep 1, 2010
    #6
    Also merchant branded credit cards (like a Target Red card) could be added to Apple Pay. This would allow merchants to track you (if you agreed to it when you signed up for their card), while letting you use Apple Pay with no additional steps.
     
  7. Rigby macrumors 601

    Joined:
    Aug 5, 2008
    Location:
    San Jose, CA
    #7
    And still they do it. Target is one example. They have a very elaborate system to track everything their "guests" do.

    But tracking by card number isn't prevented by Apple Pay anyway, since the token (device account number) is static as long as the card is registered in Passbook. But when swiping a physical card they also get your name, which can be used to link the purchase to existing consumer profiles. This is not the case with Apple Pay.
    Personally, I'm not concerned about customers that voluntarily submit to the tracking by using loyalty cards. That's their own decision. I'm more concerned about tracking that I cannot opt out of.
    Starbucks is probably not enamored with Apple Pay in the store precisely because they want to continue to be able to track you. That's why you will soon be able to refill your Starbucks card using Apple Pay, but not to use it in store.
     
  8. simon48 macrumors 65816

    simon48

    Joined:
    Sep 1, 2010
    #8
    But the token is a one time generated token so it changes every purchase...
     
  9. lelisa13p macrumors 68000

    lelisa13p

    Joined:
    Mar 6, 2009
    Location:
    Atlanta, GA USA
    #9
    I just called my MasterCard bank and my debit card/checking/savings bank to ask about their capacity for accommodating Apple Pay. They are two separate financial institutions.

    Debit card/checking/savings bank had no idea what I was talking about but the Customer Svc guy got really excited when I told him about Apple Pay. He said he'd pass along info to his supervisor and was going to investigate at Apple.com for his own curiosity. *sigh*

    MasterCard bank says that they are testing and hope to be on board during Q1 2015. Fingers crossed. At least they sort of knew what I was talking about.

    I'm not holding my breath.
     
  10. Rigby macrumors 601

    Joined:
    Aug 5, 2008
    Location:
    San Jose, CA
    #10
    No. Only the verification code changes for every transaction. The token (device account number) is static.
     
  11. Ntombi macrumors 68040

    Ntombi

    Joined:
    Jul 1, 2008
    Location:
    Bostonian exiled in SoCal
    #11
    I went into my credit union (small and local) to speak to the branch manager about it the week it went live. I ended up giving a 30 minute presentation on it for her and another rep. Neither had heard of it, so I told them everything I knew, emphasizing the security and financial benefits for the financial institutions. Since they spent a buttload of money replacing all member cards--twice--in the last 12 months, thanks to Taget and Home Depot, they were intrigued, to say the least.

    It's frustrating, and I wish they were in the Apple Pay pipeline already, but there are other benefits to banking with them, so I'm just doing my best to nag them along.
     
  12. simon48 macrumors 65816

    simon48

    Joined:
    Sep 1, 2010
    #12
    Do you have a source that says the merchant can understand some sort of static ID? The one time code is attached to the static device ID and then sent on its way. I would assume only the bank would know how to un-obfuscate what is sent.

    There's a lot of info in this Ars Technica article. I'll quote an important bit.

    That doesn't sound easy for the merchant understand. If it was, why would we have CurrentC? CurrentC is the merchants way of trying to have a trackable mobile payment system.
     
  13. Rigby macrumors 601

    Joined:
    Aug 5, 2008
    Location:
    San Jose, CA
    #13
    Sigh. This was discussed several times already. You can easily verify it yourself: Just check the receipts of your Apple Pay purchases. You will see the same last four digits every time, and it's the same that you can also see in the info page of the card in Passbook. The device account number is just a virtual credit card number, and it does not change as long as the card is registered in Passbook. The only thing that changes for every transaction is the security code.
     
  14. simon48 macrumors 65816

    simon48

    Joined:
    Sep 1, 2010
    #14

    Sorry, I haven't seen any of those threads and my bank doesn't support Apple Pay yet. Got a link? I don't get what all the hullabaloo from MCX is if they can still track you. Is it known if the merchant gets more than those last four digits?
     
  15. Rigby macrumors 601

    Joined:
    Aug 5, 2008
    Location:
    San Jose, CA
    #15
    The difference is that MCX payments, just like loyalty cards, will supposedly provide the merchant with your identity. Apple Pay's static token can be used to track what purchases are made with that particular device, but it cannot be directly linked to an identity. Of course, if you use a loyalty card in conjunction with Apple Pay even once, they know who owns the device from then on.
    Of course they get the full number, just like if you paid with a physical card.
     
  16. simon48 macrumors 65816

    simon48

    Joined:
    Sep 1, 2010
    #16

    I'm not saying you're wrong, but in my own interest of learning about the little details of Apple Pay... Again, do you have a link for this info?
     
  17. Rigby macrumors 601

    Joined:
    Aug 5, 2008
    Location:
    San Jose, CA
    #17
    You can find the EMV tokenization specification here:

    http://www.emvco.com/specifications.aspx?id=263

    Apple Pay is based on this specification.
     
  18. JoeTomasone macrumors 6502

    Joined:
    Aug 8, 2014
    #18
    The token (device account number) looks like a credit card number to the terminal. It doesn't know any better.

    The quote you cited relates to the EMV standard for chip & pin cards, not EMV tokenization. They are different.
     

Share This Page