So, assuming that Yosemite will allow use of ApplePay for online purchases, in the U.S. at least, how might authorisation be completed?
Will the assumption be that there's no need for authorisation in the same way as for the iPhone, or will some check that it is indeed the cardholder making the payment be required?
One option would be to incorporate TouchID onto a revised trackpad, the other might be to require cardholder to use TouchID on their iPhone to send a verification code to Yosemite. Presumably, use of TouchID on a desktop or laptop would require incorporation of a secure enclave chip and so verification via iPhone is most likely, at least in the short term.
It could actually make online purchases more secure as currently, you don't even need the card to complete some transactions. The fingerprint verification would presumably replace the password verification stage that card issuers use now. Equally, it could also allow remote verification. For example, a child wishes to buy something and uses a parent's card details. A message comes up on the iPhone requiring TouchID verification and the authorisation is sent direct to the card issuer. If no verification is received within a certain time, the card is blocked temporarily.
Will the assumption be that there's no need for authorisation in the same way as for the iPhone, or will some check that it is indeed the cardholder making the payment be required?
One option would be to incorporate TouchID onto a revised trackpad, the other might be to require cardholder to use TouchID on their iPhone to send a verification code to Yosemite. Presumably, use of TouchID on a desktop or laptop would require incorporation of a secure enclave chip and so verification via iPhone is most likely, at least in the short term.
It could actually make online purchases more secure as currently, you don't even need the card to complete some transactions. The fingerprint verification would presumably replace the password verification stage that card issuers use now. Equally, it could also allow remote verification. For example, a child wishes to buy something and uses a parent's card details. A message comes up on the iPhone requiring TouchID verification and the authorisation is sent direct to the card issuer. If no verification is received within a certain time, the card is blocked temporarily.