Apple Pay provides a sleek way for consumers to make payments with their iPhone, but perhaps the most innovative aspect of the payment feature — and its biggest potential value to consumers — is its security framework for preventing card fraud.
While security remains one of the top reasons why consumers haven’t adopted mobile payments, it’s challenging to explain why one payments solution is more secure than another due to the complexity of payments security. In a new research from BI Intelligence we give an easy-to-understand breakdown of how Apple Pay security works and its implications for the payments ecosystem as Apple Pay and similar technologies become ubiquitous.
Here are some of the key takeaways:
Apple Pay combines a number of existing security technologies to solve the major problems in payments security: Apple didn’t invent an entirely new payments security standard. Instead it found a solution to weaknesses in payment security and applied it in a way that does not require existing payments players to upend their systems and processes.
- Data protection: Apple Pay uses both encryption and tokenization to protect data and reduce sensitive data transmission down to one instance.
- Device authentication: Each Apple Pay transaction has a unique value that ensures that the transaction is coming from an authorised device.
- User authentication: Apple requires the user’s bank to have an additional user authentication system in order to further authenticate suspicious card registrations. In addition, Apple Pay requires fingerprint authentication through Touch ID in order to make fraudulent transactions from a stolen phone extremely difficult.
- Apple Pay not only tokenizes payment data but also creates a unique device identifier as well as unique dynamic cryptograms like those used in EMV transactions: Together the unique identifier and the cryptogram ensure that even if the token is stolen, it can’t be used because the token must come from the device to which it was registered.
- The most significant impacts from the new security standard will come years from now: Apple Pay and solutions like it could dramatically reduce fraud for merchants, and also limit the need for additional payment security software. While we think Apple Pay and similar payments methods will proliferate more quickly than most estimates, it will be many years before plastic cards are no longer used. When mobile payments employing these types of security standards become more mainstream, fraud as it is conducted today will be greatly reduced.
To access the full report from BI Intelligence, sign up for a 14-day trial here. Members also gain access to new in-depth reports, hundreds of charts and datasets, as well as daily newsletters on the digital industry.