We have covered Apple Pay extensively since it was launched almost 3 months ago, so most of the birth pangs as well as its early triumphs have been covered well here at LTP. This article is about a specific experience with this weeks-old digital wallet that was comforting and sobering at the same time.
First, the comforting part, even though out of sequence: My iPhone 6 Plus was locked out because of too many incorrect passcode attempts. There was no solution other than perform a factory reset on the device. Fortunately, the device was recently backed up to iTunes, so I felt pretty confident that a factory reset would not cause it to lose any data. True, except for Apple Pay! None of the information about the cards I had scanned and activated in Passbook were restored from iTunes. In fact, there was no trace of them whatsoever. Everything else was intact just as before the backup, but my card info had completely disappeared.
The Apple support representative was quite nonchalant about this. She expected me to not be surprised. Regardless, as a lay consumer, I was pleased with this outcome, knowing that: If my phone had fallen into the wrong hands, even if my identity had been stolen, and my backup had been on iCloud instead on iTunes, my payment card info would still be "safe". Of course, if my identity had been compromised, it would have been possible to retrieve all that payment info through other means, but Apple Pay would not have been the reason for my payment info getting compromised in that case. So, I was forced to add my cards into Passbook all over again and go through the activation process for each credit and debit card one by one.
This leads to the other point of this article, which is that despite all the new technology available to us in the area of fraud and authentication (link to Payfone article) for mobile payments, Apple has been very clever is dissociating itself from any potential issues with the handling of payment credentials. It almost feels like even better experiences might have been withheld from the users in the interest of caution. For example, when I activated the different cards (with 4 different banks, both consumer and business accounts, and debit and credit), the activation experience was very manual and varied across the issuers - Amex, Bank of America, JPMorgan Chase and Barclaycard. The manual activation process was old-fashioned - the same telephone based support where you listen carefully for the correct option, then enter all the card into, then stay on hold for a rep, then answer many personal questions to prove your identity, then remember some password, mother's maiden name, etc. etc. Regarding the variations: a couple of the banks asked for the DAN, some did not. In fact, the Chase card was activated without a call, directly via email/text confirmation. The other banks had all my contact information, but they had not implemented email/text based systems. Amex had email based activation the first time, but only phone based support the second time, probably because I had updated my email address in the interim, so there might have been some flag saying it was too new. Finally, one of my business debit cards could not be activated because it had not yet been used at an ATM with a PIN yet - however, it took the rep 3 discussions with his supervisor and another expert on a long call with me on hold to determine this reason (and which is still not fully validated by the time this article is being published). He was very candid: "We are still figuring out all this stuff about Apple Pay, so learning new things as we go..."
Overall, this phone based activation was not onerous, but was clearly the low point in the process. It felt like the 1990's. For a payment system that is otherwise so elegant and so advanced, the activation had a retro feel. Most consumers will live with this because hopefully they will have to go through this only once, although I am not sure what will happen when a new card is issued by the bank upon expiration - we will see. In fact, the common consumer is probably pleased to feel that "my cards are getting the same secure treatment that I was getting from my friendly bank before."
However, as someone from the industry, this episode was further proof that we still have a long way to go in evangelizing new technologies, educating users on security, using mobile enablers to deal with authentication automagically, and offering users an experience that will be truly seamless and low-friction, just as most other "Wow!" Apple experiences. Apple Pay seems just "Wow enough", at least with my industry hat on.
Perhaps, Apple and Apple Pay partners are perfectly happy to offer up this "somewhat new wine" in a "slightly old looking bottle", and it's still good enough for consumers. May be this is what good innovation is about - impactful incremental changes at scale, rather than earth-shattering transformations adopted by a select few.
Comments welcome: @khurjekar or @letstalkpaymnts