Apple Pay promises to bring mobile payments into the mainstream and is widely lauded for its ease of use. What’s garnered less attention — perhaps because of its complexity — is the innovative security framework the feature uses to prevent fraudulent transactions and data theft. When mobile payments methods employing security standards like Apple Pay’s become more mainstream, fraud as it is conducted today will be greatly reduced.
Here are some of the key takeaways:
Apple Pay combines a number of existing security technologies to solve the major problems in payments security: Apple didn’t invent an entirely new payments security standard. Instead it found a solution to weaknesses in payment security and applied it in a way that does not require existing payments players to upend their systems and processes.
- Data protection: Apple Pay uses both encryption and tokenization to protect data and reduce sensitive data transmission down to one instance.
- Device authentication: Each Apple Pay transaction has a unique value that ensures that the transaction is coming from an authorised device.
- User authentication: Apple requires the user’s bank to have an additional user authentication system in order to further authenticate suspicious card registrations. In addition, Apple Pay requires fingerprint authentication through Touch ID in order to make fraudulent transactions from a stolen phone extremely difficult.
- Apple Pay not only tokenizes payment data but also creates a unique device identifier as well as unique dynamic cryptograms like those used in EMV transactions: Together the unique identifier and the cryptogram ensure that even if the token is stolen, it can’t be used because the token must come from the device to which it was registered.
- The most significant impacts from the new security standard will come years from now: Apple Pay and solutions like it could dramatically reduce fraud for merchants, and also limit the need for additional payment security software. While we think Apple Pay and similar payments methods will proliferate more quickly than most estimates, it will be many years before plastic cards are no longer used. When mobile payments employing these types of security standards become more mainstream, fraud as it is conducted today will be greatly reduced.
To access the full report from BI Intelligence, sign up for a 14-day trial here. Members also gain access to new in-depth reports, hundreds of charts and datasets, as well as daily newsletters on the digital industry.