Banks to take on fraud liability in Apple Pay deal, USAA announces Nov. 7 availability
On Thursday, four banks offering support for Apple Pay commented on Apple's first foray into mobile payments, confirming that liability for fraudulent activity will ultimately fall on their shoulders for both online and physical transactions.
Ahead of Apple Pay's schedule launch later this month, The Daily Dot spoke with representatives from four major banks backing the payments service, including Chase, Navy Federal Credit Union, PNC and USAA. The firms lauded Apple's secure payment process, which incorporates Touch ID fingerprint identification, touchless NFC, Secure Element data storage and tokenized transaction processing.
"When Apple got in touch with us and showed us their solution, we were very excited to see what they had been working on and what they had developed, particularly since it was so convenient, secure, and private," said Randy Hopper, VP of Credit Cards at Navy Federal.
Hopper believes Apple Pay will spark industry interest in tokenization, possibly to the point where it will become a standard banking model. At its most basic level, tokenized transactions replace credit card data with generated Device Account Numbers, which in the case of Apple Pay is stored in a Secure Element inaccessible by iOS. When a payment is initiated at a compatible point-of-sale terminal, a token is transmitted and decoded by the backend payments system, leaving sensitive customer information out of the equation.
As an added bonus, banks will be able to use unique tokenized transaction identifiers to determine when customers use Apple Pay versus a physical credit card.
As for risk and liability, USAA Assistant Vice President Vikram Parekh said the same policies employed in credit card swipe payments will be carried over to Apple Pay. Chase and PNC also confirmed full liability protection will be extended to their customers.
"The bank has liability for any purchases made when Apple Pay is offered and used as the form of payment," Parekh said. "This is true for both face-to-face and for 'in-app' purchases."
Parekh also said USAA MasterCard and Visa card customers will be able to use Apple Pay starting Nov. 7, the first official release date announced by a banking service.
Apple is expected to roll out Apple Pay by the end of October, possibly as a feature in the upcoming iOS 8.1 maintenance update. Recent analysis of the latest iOS 8.1 beta 2 version revealed hidden Apple Pay settings menus and legal disclosures, suggesting the service will launch in the near future.
Ahead of Apple Pay's schedule launch later this month, The Daily Dot spoke with representatives from four major banks backing the payments service, including Chase, Navy Federal Credit Union, PNC and USAA. The firms lauded Apple's secure payment process, which incorporates Touch ID fingerprint identification, touchless NFC, Secure Element data storage and tokenized transaction processing.
"When Apple got in touch with us and showed us their solution, we were very excited to see what they had been working on and what they had developed, particularly since it was so convenient, secure, and private," said Randy Hopper, VP of Credit Cards at Navy Federal.
Hopper believes Apple Pay will spark industry interest in tokenization, possibly to the point where it will become a standard banking model. At its most basic level, tokenized transactions replace credit card data with generated Device Account Numbers, which in the case of Apple Pay is stored in a Secure Element inaccessible by iOS. When a payment is initiated at a compatible point-of-sale terminal, a token is transmitted and decoded by the backend payments system, leaving sensitive customer information out of the equation.
As an added bonus, banks will be able to use unique tokenized transaction identifiers to determine when customers use Apple Pay versus a physical credit card.
As for risk and liability, USAA Assistant Vice President Vikram Parekh said the same policies employed in credit card swipe payments will be carried over to Apple Pay. Chase and PNC also confirmed full liability protection will be extended to their customers.
"The bank has liability for any purchases made when Apple Pay is offered and used as the form of payment," Parekh said. "This is true for both face-to-face and for 'in-app' purchases."
Parekh also said USAA MasterCard and Visa card customers will be able to use Apple Pay starting Nov. 7, the first official release date announced by a banking service.
Apple is expected to roll out Apple Pay by the end of October, possibly as a feature in the upcoming iOS 8.1 maintenance update. Recent analysis of the latest iOS 8.1 beta 2 version revealed hidden Apple Pay settings menus and legal disclosures, suggesting the service will launch in the near future.
Comments
This is amazing. Apple gets the banks to pay them 0.15% for every $100 and to take on liability for fradulent purchases.
Of course it falls on their shoulders. That is where it is today. Apple is bringing a better solution which will actually minimize their risk until next year when it shifts to the merchant receiving the payment if they are not using one of the chip and sign systems. Since Apple Pay uses your PIN or fingerprint it is probably just as good or better (due to rotating codes, etc) so this will likely meet the requirements so that merchants using Apple Pay won't be liable for transitions completed with Apple Pay. I look forward to having a phone or watch that can do this. I personally miss the chip and pin solution I used overseas.
http://www.google.com/wallet//current-partners.html
From the looks of things Google hasn't had near the level of commitment that Apple was able to put together. No surprise about that either IMO. A whole lot of players hadn't been willing to give up any potential bit of control until Apple and their millions of users stepped up. Google has limited influence anyway since they only supply the software and OS but can't dictate the hardware, Huge advantage for Apple in that regard.
I've never known you for taking the low road before. Instead give Apple kudos for coming up with a payment system secure enough for the banks to assume fraud liability, and to answer your question, Android does not have anything like this. Google's implementation of a payment system was nothing short of a joke.
Actually I had no idea but I knew how to look it up. Just Google it.
Or duckduckgo it...
"People who are really serious about software should make their own hardware". Otherwise you're at the mercy of forever having to support lowest common denominator/lowest bidder hardware.
Yup. Like Adobe. Or Oracle. Or Corel. Or Quickbooks. Or 1Password. Or DuckDuckGo. Or, , , hey wait a minute :???:
Of course it falls on their shoulders. That is where it is today. Apple is bringing a better solution which will actually minimize their risk until next year when it shifts to the merchant receiving the payment if they are not using one of the chip and sign systems. Since Apple Pay uses your PIN or fingerprint it is probably just as good or better (due to rotating codes, etc) so this will likely meet the requirements so that merchants using Apple Pay won't be liable for transitions completed with Apple Pay. I look forward to having a phone or watch that can do this. I personally miss the chip and pin solution I used overseas.
What do you mean "of course" you are speaking nonsense, no at present its sometimes and always the acquirer who is liable for any fraud especially if the acquirer's system not the processor (the bank) is the one which is hacked. When credit cards are skimmed at the POS that is the acquirers fault as in the case of Target and HomeDepot
Yup. Like Adobe. Or Oracle. Or Corel. Or Quickbooks. Or 1Password. Or DuckDuckGo. Or, , , hey wait a minute
Oh, I'm a software guy too. I'm just speaking from experience of having to support shoddy hardware.
And DuckDuckGo is a service, so it's a bit irrelevant here because they can choose the hardware their service runs on (aside from being at the mercy of shoddy browsers).
I like this. A few months ago I received a miniature Contact-less Barclaycard in the UK that I affixed to the back of my iPhone 4 case... essentially what Apple Pay will be when it launches. It was really easy and pretty cool, but the only major downfall is the current crop of contactless systems require no authentication. I literally put my card near the reader and the transaction is done.
The addition of Touch ID to authorise the customer is who they say they are a killer feature. This is the beginning of something massive.
Yup. Like Adobe. Or Oracle. Or Corel. Or Quickbooks. Or 1Password. Or DuckDuckGo. Or, , , hey wait a minute
Oracle makes their own hardware, probably not a good example (yes, they do run on other platforms as well).
I think even you would admit, Apple owning the hardware and OS is an advantage for them, right? I believe that was more where the original quote was intended (OS vs applications layered on top).
Sorry to upset you, I didn't think the /s was needed for regular members. I wasn't being serious. I have a massive investment in AAPL and have worked with Apple since 1978 so I assure you I give Tim and Apple all the kudos possible.
Good one, kudos for that.
Actually I had no idea but I knew how to look it up. Just Google it.
http://www.google.com/wallet//current-partners.html
From the looks of things Google hasn't had near the level of commitment that Apple was able to put together. No surprise about that either IMO. A whole lot of players hadn't been willing to give up any potential bit of control until Apple and their millions of users stepped up. Google has limited influence anyway since they only supply the software and OS but can't dictate the hardware, Huge advantage for Apple in that regard.
With Google Wallet, Google sees the transaction data, right? To them, I would guess information is more important than the tiny financial cut Apple is taking and that could well be why banks haven't jumped on Google Wallet? Android has so many more users as we keep hearing all the time, so it can't be Apple's measly user base, right?
Troll
verb
gerund or present participle: trolling
1. informal
make a deliberately offensive or provocative online posting with the aim of upsetting someone or eliciting an angry response from them.
uhh. .. yeah I would. Several comments back as a matter of fact, post 5
Aaahh, missed it the first read through
Banks don't have to sell, service and market hardware, NFC devices. They just get millions of people who are walking around with ApplePay capable hardware by signing up with Apple. Or put another way: Apple is not taking a 30% cut, so the upside should outweigh the cost.