The Long Journey Of Apple Pay
There will be a great deal written and to be said about Apple Pay. Many even astute experts will assume that Apple just took a year or so to build this new payment system. The truth be told it was a very long odyssey that spans almost a decade. It is also a masterful act of negotiation on Apple’s part to not “disrupt”, but to work with and not against all parties in the payment system ecosystem.
Yes, it has been a very long journey for Apple and payments. This journey started just a few months after the first iPhone 1 was announced. Apple took a slow and methodical approach to what will become a central feature of iOS devices moving forward. The first patent applications that were directly related to payments began to appear in 2008, they just did not seem obvious on to just a few weeks ago. One could even go to the days before Apple released the iPhone and see the foundation being constructed for finger print scanners and other security systems. Apple knew very early on that to have a mobile wallet it has to be highly secured. The results was TouchID and this was primarily established with the purchase of AuthenTec. The security was also extended into the very processor of the iOS device, the ARM processor. This was achieved through the use of the TrustZone/SecurCore ARM developed specifically to secure financial data. Apple took this framework and made it the foundation of the Secure Enclave.
Payment Card Breaches Changed Everything
The Target payment card breach was a huge turning point in the payment card industry. Up to this point all parties of the payments ecosystem had very little motivation to change the way they processed payment cards. The 1970’s era magnetic stripe was the primary system used in the US with dozens of startups for the last two decades spending billions of dollars to try to “disrupt” this system, all to no avail. But the Target breach was different, it was a huge number of cards, stolen from a top 5 retailer and it was getting the attention of government regulators. Thus in January 10th 2014 I asserted that the payment card companies would begin to support new technology that would assure the highest level of security. I presented it this way:
“Apple’s Secure Enclave And Touch ID, Movie Entrance
Like the perfect set up in a movie, Apple has arrived with a fully encrypted wallet called the iPhone. The new iPhones use the Secure Enclave, iCloud Keychain and Touch ID to make the iPhone and Apple’s forthcoming iWallet a rather robust answer to many of these problems. By the end of 2014, we will see the almost decade of planning Apple did to become the first true, useful and secure mobile wallet.”- January, 2014
EMV Comes To America, But Is It A Better Way To Pay?
This set the stage for a largest shift of payment card terminals in history. Visa and MasterCard proposed the EMV standard used in other parts of the world to become the replacement of the magnetic stripe of the payment card. The difference in the US is that PIN numbers would not be required. Hidden in the most recent EMV standards is a system called Wireless EMV. Wireless EMV is NFC by any other name with some extensions. For sanity I will mean both NFC and Wireless EMV went addressing this method. The shift first took place at the largest retailers in the US in 2013 and is taking place today. For a vast majority of merchants in the US these upgrades will be free or very low cost. In just about every new payment card terminal deployed in the US of course EMV is a key part of the device however most include NFC. The reasons are simple but also complex. EMV is slower then swiping a card in just about all studies. But it get worse, EMV in the most secure mode requires a PIN number and this can add over 45 seconds to a transaction that formerly took place in seconds.
There are other issues with EMV, it does nothing to address the foundation cause of the Target breach. The EMV system does not encrypt data after is leaves the card and is introduced into the merchant’s payment system. The only way this can change is through end to end encryption and tokenization. This means that the payment card data is encrypted through the entire payment system rendering any hack to the system useless. Thus EMV did not present a satisfactory solution to what was the real issue with the massive payment card data breaches.
Apple developed an elegant solution. By securing a payment card in the iOS device inside the Secure Enclave and passing the payment card in an encrypted manner, three massive issues of retail payments are resolved:
- Payment cards are always secured
- Payment card date is always
- Payment card transactions will be faster then card swipes
ApplePay: The Patents Just Stacked Up
It was certain, based on over 50 patents and patent applications that Apple would apply NFC technology as the foundation of the retail payments system. However the first step was to negotiate a way that the Secure Element, controlled by the cellular carriers could be replaced by the Secure Enclave. This allowed Apple and not the carriers to control the destiny of the of ApplePay. This method was granted and endorsed by Visa and MasterCard and is called Host Card Emulation and this feature forms the foundation of the was ApplePay operates. This system was originally just related to NFC but Apple has extend it’s use cases for App purchases.
Apple was masterful in the way they negotiated with every element of the existing payments ecosystem. In the same manner Apple negotiated with the record companies, the movie industry, the TV industry, the book industry (not so well done), the cellular providers, the auto industry and home automation companies. Apple had to work with:
- Visa, MasterCard, American Express, Discover, UnionPay
- The top Banks
- The top processors
- The top payment card merchant service companies
- The top payment card terminal manufactures
- The top retailers
- The top App developers
The Points Apple Highlighted:
How Does ApplePay Load A Payment Card?
The loading of a payment card is simple. You just take a picture of the card and it is encrypted into the secure enclave. At this point 85% of US payment cards are compatible with the Host Card Emulation/Secure Element Apple is using. More will come soon.
How ApplePay Works At Retail Stores
From the perspective of the user: you enter into a retail store that has the upgraded ApplePay’s NFC systems, this is a trivial upgrade for just about any merchant and will cost very little or zero. Shop for your purchase. Go to the checkout. Take out you iPhone or Apple WATCH and wave it past the NFC reader, press your finger on TouchID if it is an iPhone and the payment is complete. The transaction is completed that fast, with a receipt inserted into Passbook. This will be orders of magnitude faster then unhanding over a payment card and in the future having to use the EMV customer facing terminal. To the consumer ApplePay offers:
- Security: The card is a one time use card and can never be stolen
- Speed: There is little effort to wave an Apple WATCH or iPhone past the payment card terminal.
- Efficiency: By holding all your payment cards and reward cards on one device, your wallet will be smaller
From the merchant’s perspective: the transaction is routed through the traditional payment systems and requires no new contracts or relationships, it all just works. The payment is considered “card present” . This is important since all other mobile wallet transactions would have cost the merchant more money once the artificial subsidy payment startups used became unprofitable. Thus all the merchant needs to do is to have the NFC upgrade. To the merchant ApplePay offers:
- Security: They are not at all liable for any payment card data stolen
- Speed: The lines will move faster because there is less delay
- Efficiency: They will not need, nor are they allowed to ask for an ID
From Apple’s perspective: Apple gets to become a useful service holding payment cards in the most secure system thus far established for a mobile wallet. This will make Apple the center of the universe for payment innovation and allow for far deeper uses cases in the future.
How ApplePay Works Inside Apps
The other aspect of ApplePay is inside of Apps. Apple has created an API that allows merchants to receive a one time use payment card number in a very secure manner and also pass on demographic information with permission, including address. Thus with a single touch Apple will complete a transaction and allow you to move on. Stripe has been a valuable Apple partner and was granted early access to the ApplePay system. The results are Stripe has created a beautiful and elegant API that allows App developers fast and easy access to ApplePay. Apple did not stop there, they are opening up this API to all developers and payment gateways and I predict it will be the dominate way to pay inside of Apps.
In the example case of a Target app transaction a consumer just shops as normal. When they are ready to check out, the cardholder just needs to presses TouchID to complete the transaction.
In the case of OpenTable, Apple Pay allows for the payment of the meal with a simple press on TouchID. No need to present any payment card after the meal.
Apple: A Payments Facilitator
The pure brilliance here is Apple does not reqiure a merchant to change merchant account providers and the existing systems work as they always did. This is in radical contrast to the "disruption" model that just about every payment startup used. Apple’s path to work with, rather then against all parts of the payments infrastructure is the only reason even a company of Apple’s size was successful. If Apple approached this all with the idea they wanted “to own both sides of the transaction” like most payment companies, they would have met with high resistance.
Apple does not process any payments, Apple does not issue any payment cards, Apple will be a facilitator to the existing system and in the process improve it and change it in a remarkable way. Apple will securely holds the payment card, tokenizes it and use various technologies to pass it on safely during a transaction.
With the announcement of the iPhone 5s, Apple held meetings with banks and Visa and MasterCard. They wanted to present a new method for mobile payments that was far more secure then any method in history. They also wanted to request a wholesale cost for these transactions to be lower. Finally they asked for a rebate, a sharing in the card issuing bank's profits for creating this method.
All of this was a monumental task because Apple needed to gain approval by numerous participants. They had to convince the card issuing banks that for many reasons it was in their best interest to support Apple's new methods. Most do not understand that about 85% of fees that merchants pay will go right back to the card holder's payment card issuing bank. Apple had to get the top 10 banks to agree to earn less money and offer Apple a portion for the value they offer. Apple also had to convince Visa and MasterCard, but that was the easy part. For all this work Apple will receive a portion of the Interchange Fees from the payment card companies and thus the merchant nor the consumer pays more for using ApplePay.
Apple receives revenue from the card issuing bank’s Interchange Fees. Merchants and consumers do not see any increase. Merchants can choose any provider.
Just The Beginning, There Is More Coming For ApplePay
The ApplePay we see today on September 9th, 2014 is not the ApplePay we will see in a year or more. ApplePay is just the first step of a much larger journey for Apple and payments. I am certain that the desire to not try to cause merchants to change merchant account relationships and retailers not to change the systems or processes they have built will be the foundation to the success. We will see Apple present new extensions that will use far more refined and richer experiences as Apple begins to integrate the back end of retailer’s POS systems. This will include data sent to the ApplePay user based on the transaction inside of a real and effective receipt system.
We will also see the introduction of iBeacons when used with ApplePay. This will be a huge next step for ApplePay and will move a huge step forward for ApplePay 2.
To be successful, ApplePay needed the widest acceptance at the widest number of merchants and I am 100% certain, this was the best path on this long ApplePay journey. Wait till you see whats up next!
It Just Works: ApplePay Magic
From the perspective of the typical iPhone or Apple WATCH user, they will experience what many will see as Apple Magic. It will all just work with even less asked of you then prior payment methods include just swiping a payment card. When Apple gets done adding even more rich features and layers, it will be hard for most people to want to use any other method. ApplePay I think, will become as exclusive to the new iOS devices as the Apple white headphones were to the iPod and later the iPhone 1. This will stand out as a clear sign that you are a new Apple iWallet user. There will of course be a prestige and status element attached to this all, and that is no accident. We will see this interesting and dramatic way to pay become almost iconic over the next few months.
I have always said that with mobile wallets, we will all vote with our wallets, literally. We needed the reason, the premise to want to use any new way to pay. I think ApplePay is the first system to be worthy of crating a true evolution. With ApplePay, Apple will forever changed the way pay for goods and services. There will be less and less reasons to present your payment card. Your iOS device will take care of it all and it will just work.