Apple's 'iWallet' payments seen as unlikely to earn much money, but will lock in users to iPhone eco

24

Comments

  • Reply 21 of 71
    Quote:

    Originally Posted by waldobushman View Post



    I don't expect a payment system around the iPhone will have much impact generally, though Apple might make some money. There is a big security problem in the US regarding debit and credit cards, and an iPhone solution will not even be a blip. Sure many people carry smart phones and a transaction using an iPhone with TouchID might be useful, but as for having an impact on CC security -- nothing.



    The US is going to have to change how all transactions are handled. Unless Apple is also coming out with replacement credit and debit card technology, Apple's impact will be minimal.

    I think the 'smart endpoint' will be a fundamental shift in how credit accounts are handled.  The physical card is silly, and the intermediate PoS devices are suspect too.  Building an end to end solution where each party (buyer, seller, bank) only know what they need to know solves the fundamental issue of too much data passed

     

    I buy a coffee

    PoS device says "$4.28 plus what ever tip you want"

    I tap my phone, it receives 'Seller XXXX [an encrypted token for their bank account encrypted by their bank's public key and retailers private key] wants 4.28 (4.00+tax)... do you want to pay and how much?"

    I click add 15% to subtotal  and 'purchase' with my touch ID

       which unlocks my account number, which I then encrypt in my private key

    Phone sends my bank "Pay Seller XXXX $4.68" encrypted in my banks [or apple's] public key

     

         (all of this is tokenized, checksummed, serialized and tokenized

          that the worst thing that can happen is replay of exactly the same

          transaction being rejected due to serialization issues)

     

    Transaction goes to PoS device (can't read it), off to the internet to Apple/myBank

    My Bank decrypts it, and decrypts my account with my public key

    verifies my limits and (if denied, sends a note back to ME saying "sorry, can't pay them")

    sends retailers bank (or proxy) a verifiction [do you know retailer XXXX?] [again encrypted in bank to bank PKI

    They say yes, bank queues up a transfer and sends me [my public key, bank's private key[ and the Retailer[in retailers public key,] Approved.

    Transactions clear on my device and PoS

    - Starbucks never knows who I am or what my account is... they just know my bank told their bank 'you'll get the money'

         'Loyalty' cards, may obviate that... I know 'who you are' but that's separate from the PAN information from your Credit Account

    - Banks don't know  the other bank's client's accounts perse, just that real time, each can say, what you sent me was valid.

     

    I drink expensive dirty water, and the barista may get their .60 at the end of their shift.

     

    Even online/offline purchases work for this, by my phone and my bank generating 1 time transaction accounts that are pre-authed for only that transaction amount and that seller at that particular time.

     

    Getting rid of the physical, human readable card is a big deal.   Tokenizing the transaction beginning at the Seller and not the PoS device (it's all in the clear in RAM before tokenization... right Target?)

     

    This gets to the crux of information security.... It's not the computers, the networks, or the people... 'it's the DATA, stupid!'  The earlier in the transaction you can secure the 'secret'  (account number... all the rest is purely authentication data... exp date, name, phone , zip code, CVV CVV2).   Using this sort of model, Other than the endpoint setup (where risk of intercept is greatest), your account number should never be known by anyone other than you and your bank.)  Then it's just 'authorizing' (who is allowed to use this data), and that's where TouchID (and account setup) narrows it down as well (only these devices, and persons who are registered to use the secure enclave verified by biometrics on those devices are allowed to transact with this account).

     

    The obvious risk is covert takeover of the endpoint.   That's where Apple's risk is, and why, I think, you'll never see a 'multi-user' iOS device.

  • Reply 22 of 71
    Finally, he said Apple could become a full-fledged credit card issuer, which offers the most attractive economics. In Hall's estimates, this approach could add about 11 percent to his 2015 earnings per share forecast, but he also views this as the least likely method for Apple to take.

    In this method, Apple could either become a bank, or find a bank partner to co-brand with. Both methods would open the company up to regulation.

    What's to prevent Apple from setting up a separate company as a bank/credit card provider?

    Maybe iBank :D

    The separate, wholly-owned company would be subject to regulation -- but not Apple, Inc.

    Same way Apple could establish an MVNO as a separate, wholly-owned company.
  • Reply 23 of 71
    Quote:

    Originally Posted by herbapou View Post

     

    I work on the ATM and VISA systems for a Canadian bank and let me tell you Apple will collect way more than 1 cent per transactions. Let me give you some examples:

     

    Credit card fees:  There is no fee on the card owner side but there is a % of the purchased amount on the merchant side. The merchant side fees can get pretty high.

     


     

    Apple only gets what they negotiated. So yes those fees from the merchant might be high but Apple can only get a piece of that from the processors. 

     

    keep in mind that they are only talking about right now. As in to get folks to sign up for the program. So perhaps Apple did lowball, for say the first year or two, to get someone to be willing to jump into the risk. Then after that time the amount goes way up. 

     

    Its not unlike an actor that could demand $10 million for a movie agreeing to do it for $1 million because they really really love the project and want to do it even though it seems totally against their type. 

  • Reply 24 of 71
    Quote:

    Originally Posted by Johnny Mozzarella View Post





    In order to do these digital payments you will need an iOS device with NFC.

     



    or they need a scanner that can read a barcode or QR code. That's how Starbucks already does it via Passbook. No NFC required. 

  • Reply 25 of 71
    sog35 wrote: »
    This clown has no idea what Apple will do with payments in the future. If Paypal can net billions of dollars a year with only 100 million accounts imagine how much Apple can with 800 million accounts.

    PayPay is estimated to have $3B in net revenue for 2014 and $1.8B in Gross profit.

    Apple can easily multiply that by 6x that amount once the payment system is mature.
    We are talking $18B in revenue and $8B in profit. That's more profit than what the iPad produces.

    Visa/Amex/Mastercard/Discover have total revenues of $60B a year
    They have total profits of almost $20B a year
    You dont think Apple can take a huge chunk of that?

    I'm not understanding using PayPal as an comparative example. Is Apple convincing financial institutions that it's safer and therefore getting them to agree to lower fees which in turn will get retailers to support NFC in any way the same business that PayPal is in? If so, can you explain it to me because I'm not seeing it.

    What I see is Apple wanting to do what they've done with other services that support the sale of their devices, which means they benefit better by not trying to sell two razor handles.
  • Reply 26 of 71
    Quote:

    Originally Posted by Dick Applebaum View Post





    What's to prevent Apple from setting up a separate company as a bank/credit card provider?

     

    how about a ton of regulations, taxes etc. Same as not becoming a cell phone service, an ISP, a cable company etc. 

     

    Apple has shown time and again they don't want to be everything to everyone. They aren't Google in that sense. 

  • Reply 27 of 71
    Quote:

    Originally Posted by SolipsismX View Post



    Is Apple convincing financial institutions that it's safer and therefore getting them to agree to lower fees which in turn will get retailers to support NFC in any way the same business that PayPal is in? If so, can you explain it to me because I'm not seeing it.

     



    No one really can explain it because it's not fact from Apple yet. 

     

    BUT my read of the talk is that Apple is trying to set up digital credit cards. Look at the examples of what they have already set up via PassBook. Things like Starbucks having a QR code for your rewards account which can be tied to an existing gift card and even reloaded right from the app without need for the actual card at any time. Or Apple's own in store gift cards working the same way with a bar code. Even this 'pay at the store into your iTunes' is a similar scheme running the other direction. 

     

    The idea seems to be that you could have a digital copy of your card in your phone so you don't need the actual one. You flash a QR/barcode or perhaps NFC if that ever happens and that is the 'swipe' of your card. 

  • Reply 28 of 71
    What's to prevent Apple from setting up a separate company as a bank/credit card provider?

    Maybe iBank :D

    The separate, wholly-owned company would be subject to regulation -- but not Apple, Inc.

    Same way Apple could establish an MVNO as a separate, wholly-owned company.

    Highly improbable due to too much regulation, but if there is an iBank I would totally move all my money there ASAP.

    Same with an Apple MVNO. Unlikely, but one can dream, eh?
  • Reply 29 of 71
    Quote:

    Originally Posted by charlituna View Post

     

    how about a ton of regulations, taxes etc. Same as not becoming a cell phone service, an ISP, a cable company etc. 

     

    Apple has shown time and again they don't want to be everything to everyone. They aren't Google in that sense. 


    I dunno.   There a billions in offshore money that could be used to fund an Apple Bank in regions that are not hotly contested (regulations = political lobbying).   Earning 3.0% [assuming 16% margins on a 17.99% interest rate] on that money may be worthwhile.

     

    They are your record company

    Your backups company (well, that may not be working out well at the moment).

    your email company

    your app store

    your photo developer 

    your Sapphire mining company ;-)

     

    Minimally, I see them as being your (and many retailers) payment processor.  Retailers want it because they want lower risk [lower costs], and Apple cutting out the middle men [who will want to maximize profits, because that's all they do... apple wants to maximize user experience] is what they do well.  

     

    Visa/AMEX/MC may own the brand, but the final mile for iOS users  may soon be owned by Apple or a subsidiary.  

  • Reply 30 of 71

    It will be interesting to see what Apple does with this. However, those who are pointing at the profits that CC companies and Banks are making on people using a CC has to remember most of that revenue and profits is coming from the interest most people pay since they do not pay off their cards each month. Banks are not going to share these profits with Apple. The most that Apple will get with be some small percent of the transacted amount less the transaction fee the CC company charge.

     

    I think the analysis is probable pretty close on this one. It will be years before Apple will even report significant profits to their bottom line.

  • Reply 31 of 71
    What lock in?

    In order to do these digital payments you will need an iOS device with NFC.
    if you already have an iPhone then all you need is the iWatch.
    If you don't have an iPhone, then you need to buy the iPhone 6 with NFC.

    IWatch will not work with Android, it is all about selling more iOS devices.
    Apple's goal is to keep adding to the iOS value proposition to justify the higher price.
    Many Android users will switch to the iPhone so they can also use the iWatch for payments, health tracking and security.

    Apple's competitors have NFC payment systems but they have not caught on because they only understand how to add features.
    They don't understand how to create end to end seamless experiences that delight consumers.

    My friend was recently telling me how he can't wait to switch back to an iPhone after switching to an HTC one.
    He said it was a good device but there were constant little annoyances that made him miss his iPhone.


    Even more than NFC, the iPhone 5S and, likely, every new iDevice will have TouchID.

    The cc providers could benefit from at least one higher tier of security with a TouchID Apple device:
    1. TouchID secured -- one-time, single-vendor-targeted, time-limited token exchange between an iDevice and and the vender terminal/backend processor
    2. TouchID secured ad hoc cc data exchange between an iDevice and and the vender terminal/backend processor

    Both of the above, are more secure than a card present swipe or NFC transfer.


    As been suggested, Apple could sweeten the pot by offering to indemnify the cc providers for any losses using TouchID.

    Additionally, the cc providers, vendors and Apple could sweeten the pot for consumers by offering cashback reward incentives to customers who purchase using a TouchID secured transaction.


    Those look like pretty big lockins for cc providers, vendors and consumers.
  • Reply 32 of 71
    Quote:

    Originally Posted by charlituna View Post

     



    No one really can explain it because it's not fact from Apple yet. 

     

    BUT my read of the talk is that Apple is trying to set up digital credit cards. Look at the examples of what they have already set up via PassBook. Things like Starbucks having a QR code for your rewards account which can be tied to an existing gift card and even reloaded right from the app without need for the actual card at any time. Or Apple's own in store gift cards working the same way with a bar code. Even this 'pay at the store into your iTunes' is a similar scheme running the other direction. 

     

    The idea seems to be that you could have a digital copy of your card in your phone so you don't need the actual one. You flash a QR/barcode or perhaps NFC if that ever happens and that is the 'swipe' of your card. 


     

    I saw WSJ saying that Apple convinced VAM that apple device stored credit cards will be 'card present' transactions.  That's lower risk (something you have), and therefore a lower transaction rate.   I think the key thing is that Apple must validate the name of the phone owner against the name of the cardholder (e.g. a previous valid transaction with that card as registered against your AppleID).

     

    QR/Barcode is just a bit better than using your card, Better still would be a 1 Time CC number, that either Apple or my bank approve as valid.

  • Reply 33 of 71
    I don't expect a payment system around the iPhone will have much impact generally, though Apple might make some money. There is a big security problem in the US regarding debit and credit cards, and an iPhone solution will not even be a blip. Sure many people carry smart phones and a transaction using an iPhone with TouchID might be useful, but as for having an impact on CC security -- nothing.


    The US is going to have to change how all transactions are handled. Unless Apple is also coming out with replacement credit and debit card technology, Apple's impact will be minimal.
    I think the 'smart endpoint' will be a fundamental shift in how credit accounts are handled.  The physical card is silly, and the intermediate PoS devices are suspect too.  Building an end to end solution where each party (buyer, seller, bank) only know what they need to know solves the fundamental issue of too much data passed

    I buy a coffee
    PoS device says "$4.28 plus what ever tip you want"
    I tap my phone, it receives 'Seller XXXX [an encrypted token for their bank account encrypted by their bank's public key and retailers private key] wants 4.28 (4.00+tax)... do you want to pay and how much?"
    I click add 15% to subtotal  and 'purchase' with my touch ID
       which unlocks my account number, which I then encrypt in my private key
    Phone sends my bank "Pay Seller XXXX $4.68" encrypted in my banks [or apple's] public key

         (all of this is tokenized, checksummed, serialized and tokenized
          that the worst thing that can happen is replay of exactly the same
          transaction being rejected due to serialization issues)

    Transaction goes to PoS device (can't read it), off to the internet to Apple/myBank
    My Bank decrypts it, and decrypts my account with my public key
    verifies my limits and (if denied, sends a note back to ME saying "sorry, can't pay them")
    sends retailers bank (or proxy) a verifiction [do you know retailer XXXX?] [again encrypted in bank to bank PKI
    They say yes, bank queues up a transfer and sends me [my public key, bank's private key[ and the Retailer[in retailers public key,] Approved.
    Transactions clear on my device and PoS
    - Starbucks never knows who I am or what my account is... they just know my bank told their bank 'you'll get the money'
         'Loyalty' cards, may obviate that... I know 'who you are' but that's separate from the PAN information from your Credit Account
    - Banks don't know  the other bank's client's accounts perse, just that real time, each can say, what you sent me was valid.

    I drink expensive dirty water, and the barista may get their .60 at the end of their shift.

    Even online/offline purchases work for this, by my phone and my bank generating 1 time transaction accounts that are pre-authed for only that transaction amount and that seller at that particular time.

    Getting rid of the physical, human readable card is a big deal.   Tokenizing the transaction beginning at the Seller and not the PoS device (it's all in the clear in RAM before tokenization... right Target?)

    This gets to the crux of information security.... It's not the computers, the networks, or the people... 'it's the DATA, stupid!'  The earlier in the transaction you can secure the 'secret'  (account number... all the rest is purely authentication data... exp date, name, phone , zip code, CVV CVV2).   Using this sort of model, Other than the endpoint setup (where risk of intercept is greatest), your account number should never be known by anyone other than you and your bank.)  Then it's just 'authorizing' (who is allowed to use this data), and that's where TouchID (and account setup) narrows it down as well (only these devices, and persons who are registered to use the secure enclave verified by biometrics on those devices are allowed to transact with this account).

    The obvious risk is covert takeover of the endpoint.   That's where Apple's risk is, and why, I think, you'll never see a 'multi-user' iOS device.

    ^^^ Oye, oye, oye!

    That's why Apple calls them iPhones and iPads -- not wePhones and wePads!
  • Reply 34 of 71
    ...which unlocks my account number, which I then encrypt in my private key...

    They don't even need to use your actual account number, but an isolated one that is specific to that device so if you wipe that device that per-device account number also becomes defunct, much in the same way a debit card account number is tied your your checking account but does not have your actual checking account number on it.
  • Reply 35 of 71
    I figured it out! Apple isn't going to offer NFC or even payments via the iPhone but instead do it all via the iWatch. What you do is take the the edge of the band of your iWatch and slide it through the credit card reader. Retailers don't have to change anything! Your watch band end has a magnetic strip. Couldn't be easier¡
  • Reply 36 of 71
    Imagine when you are shopping in a store, with the help of iBeacon your iPhone can show notifications of items or shops that are on sales or having joint promotion discount with some specific credit cards in your iWallet.
    This kind of "discovery" feature together with a secure (by Touch ID) & convenient (by NFC / iBeacon / passbook) way of making payment is the great asset for Apple to persuade the banks to offer their virtual cards in iWallet and reimburse certain percentage of their transaction income to Apple.
  • Reply 37 of 71
    solipsismx wrote: »
    I figured it out! Apple isn't going to offer NFC or even payments via the iPhone but instead do it all via the iWatch. What you do is take the the edge of the band of your iWatch and slide it through the credit card reader. Retailers don't have to change anything! Your watch band end has a magnetic strip. Couldn't be easier¡

    Here's a picture of the new iWatch:

    1000


    ... 'Splain to me just how that would work :???:
  • Reply 38 of 71
    In order to do these digital payments you will need an iOS device with NFC.
    if you already have an iPhone then all you need is the iWatch.
    If you don't have an iPhone, then you need to buy the iPhone 6 with NFC.

    IWatch will not work with Android, it is all about selling more iOS devices.
    Apple's goal is to keep adding to the iOS value proposition to justify the higher price.
    Many Android users will switch to the iPhone so they can also use the iWatch for payments, health tracking and security.

    Apple's competitors have NFC payment systems but they have not caught on because they only understand how to add features.
    They don't understand how to create end to end seamless experiences that delight consumers.

    My friend was recently telling me how he can't wait to switch back to an iPhone after switching to an HTC one.
    He said it was a good device but there were constant little annoyances that made him miss his iPhone.

    I'm still not sure about what regarding this rumored payment processing system equates to lock in, but I understand what you meant about iOS lock in.

    Apple's just rumored to provide a credit card proxy. It's not a credit issuer, nor a bank. And issuers can (and probably will) still send you a physical credit card, not that it's any more secure, not in the US anyway. But nothing about that locks you in to Apple "iWallet" (or whatever) any more than anything about Amazon Prime locking you into Amazon. There's maybe a convenience or economic incentive to stay, but nothing to prevent you from leaving.
  • Reply 39 of 71
    Imagine when you are shopping in a store, with the help of iBeacon your iPhone can show notifications of items or shops that are on sales or having joint promotion discount with some specific credit cards in your iWallet.
    This kind of "discovery" feature together with a secure (by Touch ID) & convenient (by NFC / iBeacon / passbook) way of making payment is the great asset for Apple to persuade the banks to offer their virtual cards in iWallet and reimburse certain percentage of their transaction income to Apple.
  • Reply 40 of 71

    Yeah, I agree. And here's some other cases where it simplifies life the Apple way:

     

    Parents pre funding their childrens' accounts.

     

    Friends  pre funding each other to gift, lend, and pay back debts.

     

    Apple partnering with a service partner guaranteeing payment completion.

     

    Replacing bank certified checks: "As close to cash as you can get" might be the motto.

     

    Again, I do agree there will be cases that aren't attractive.

Sign In or Register to comment.