What Does Apple Pay Mean for Payment Security?
Given the recent cyberattacks against Home Depot, Neiman Marcus, and other major retailers, it’s no surprise that payment security is a top concern for many consumers. Will Apple Pay be able to rise to the challenge?
Apple Pay is scheduled to launch in October, following the release of the iPhone 6 and iPhone 6 Plus in September. The payment system will be accepted by major banks, retailers and restaurants.
Any system that processes credit cards and customer information has to meet the Payment Card Industry Data Security Standard, or PCI DSS, but unfortunately even companies that meet that standard haven’t always been able to stand up to hacker and malware attacks. So what makes Apple Pay different?
Apple Pay looks to move away from wallets filled with cards to a one-time payment system that should eliminate fraud. Unlike cards, which use exposed numbers and magnetic stripes that can be easily replicated or stolen, Apple Pay will use a one-time payment number for each purchase.
All users need to do is touch their phone to a reader and verify the payment with a PIN or their fingerprint.
The system is modeled after the chip-and-PIN system already utilized in most of Europe and Canada. Computer generated chips on each card generate one-time authorization codes, which are then verified by the user’s PIN.
Chip-and-pin cards are considered safer than traditional cards, which store information on exposed magnetic strips, and they’re supposed to roll out in the US by 2015. Some banks are already providing chip-and-pin cards but there isn’t as much infrastructure in the US to support them yet.
Using Apple Pay, a physical car doesn’t need to be used as all. The transaction is completed using wireless communication between an iPhone and a POS terminal. Users don’t need to worry about accidentally bumping into a payment signal. Purchases will only go through with a PIN or fingerprint.
Even if a thief steals the phone, they still won’t be able to make any purchases because of the two step verification system. Users can also shut down Apple Pay remotely, and according to Apple, even tech-savvy thieves shouldn’t be able to break into the encrypted secure payment system.
Security professionals still advise caution, but it looks like Apple Pay will at least be a step up from other payment systems.