Apple says potential EU Apple Pay rules threaten security, stifle innovation
Apple said potential legislation that would force it to open up Apple Pay technology to third parties threatens security and innovation.
Credit: Apple
The European Union is currently weighing new rules that would compel Apple to open up the contactless payment systems at the heart of Apple Pay. In a statement on Thursday, Apple said the new rules weren't a good idea.
"We believe legislation that dictates a company's technical approach to hardware and software security will ultimately put customers at risk and stifle innovation," an Apple spokesperson told Bloomberg.
Additionally, the spokesperson said that Apple plans to work with the European Commission to "help them understand the benefits of Apple."
The Cupertino tech giant currently limits access to the near-field communication (NFC) chip within the iPhone and Apple Watch. It argues that a closed system is better for security when handling sensitive bank information.
In 2019, the EU began asking payment companies in Europe about Apple Pay as part of an antitrust investigation. The European Commission formally launched an antitrust probe scrutinizing Apple Pay in June.
This isn't the first time that Apple's NFC restrictions have come under antitrust scrutiny.
In 2015, a coalition of major Australian banks sought to boycott Apple Pay in an attempt to negotiate third-party access to the NFC hardware within Apple devices. The banks eventually backed down after the Australian Competition and Consumer Commission denied their boycott request in 2017.
Credit: Apple
The European Union is currently weighing new rules that would compel Apple to open up the contactless payment systems at the heart of Apple Pay. In a statement on Thursday, Apple said the new rules weren't a good idea.
"We believe legislation that dictates a company's technical approach to hardware and software security will ultimately put customers at risk and stifle innovation," an Apple spokesperson told Bloomberg.
Additionally, the spokesperson said that Apple plans to work with the European Commission to "help them understand the benefits of Apple."
The Cupertino tech giant currently limits access to the near-field communication (NFC) chip within the iPhone and Apple Watch. It argues that a closed system is better for security when handling sensitive bank information.
In 2019, the EU began asking payment companies in Europe about Apple Pay as part of an antitrust investigation. The European Commission formally launched an antitrust probe scrutinizing Apple Pay in June.
This isn't the first time that Apple's NFC restrictions have come under antitrust scrutiny.
In 2015, a coalition of major Australian banks sought to boycott Apple Pay in an attempt to negotiate third-party access to the NFC hardware within Apple devices. The banks eventually backed down after the Australian Competition and Consumer Commission denied their boycott request in 2017.
Comments
And as things stand, nothing has been approved or formalised.
The EU stance is clear. Apple shouldn't have any issue with it and it has zero to do with stifling innovation (and innovation cannot come before competition rules anyway).
Apple has to offer something to reflect its own stance but this statement is very poor.
If, the EU decides that Apple is restricting competition (and that's a big if) its options are clear and simple.
Absolute unacceptable any of banking mafia got access to my transaction again and any info now protected by Apple Pay. If they get access then will never offer same privacy. Never ever.
I’m amazed there are still Americans that wonder why we Brits choose to escape the EUs creeping authoritarianism...
Competitive practices allege better quality/price but rarely deliver it, or any other user benefit, instead they send markets racing to the bottom in terms of both, resulting in a de facto confidence trick. Funny there’s little legal enforcement for that, almost as if choice buys impunity.
Your bank still knows your transactions (obviously) since they're the ones who have to convert the substitute PAN in your iPhone into your actual card number so they know who to charge. When I get my bank statement all the items I buy with Apple Pay (which is about 95% of my purchases) all show up with the correct store and date/time.
The people who don't get to track your purchases are the merchants and payment processors, since they get a fake PAN from your iPhone and a confirmation it's valid from the bank without knowing who you are or what your actual card number is. So Apple removes several possible ways your data gets mined, but the bank still knows what you purchased.
This is one big reason why stores like Walmart don't want Apple Pay because they get a lot of data from tracking peoples purchases based on card number.
I have a feeling the banks want access not because they can get extra data, but probably because they have deals with payment processors and merchants and doing this gives them back the ability to track purchases.
Part of your problem is the binary way you present your position. This isn't an either or proposition. Afaik, the request for access to NFC has never been about replacing Apple Pay. It's been about being able to offer options in addition to Apple Pay. You wouldn't have to stop using Apple Pay. If that's your process of choice, use it to your hearts content. Hypothetically someone else may want to use their bank's processing because they get rewards or points or some other incentive. In that scenario, you aren't affected at all. Neither is anyone else. Having a choice is not a bad thing.
It would be obvious that Apple’s own code calls a defined API. Why is it such a big deal to open up the API to other vendors?
My man, that has nothing to do with an open OS either. You don't seem to know what's going on at all.
Your first paragraph is excellent. Your second paragraph, while mostly right, has a small flaw, because it omits the vital fact that the NFC support is NOT provided by iOS but by code running on the Secure Enclave. Read this: https://support.apple.com/en-ca/guide/security/seccb53a35f0/1/web/1 This is a special piece of hardware outside of (and inaccessible to) the running OS that provides access to the NFC hardware. For all we know, there isn't even enough physical room on that chip for new code from every new bank that wants their own "Pay" system. Should Apple be required to add more space to that chip to allow every second bank in the world to add its own code to that chip's firmware? I don't think so. I must admit that I don't fully understand how this Secure Enclave works, so there's probably someone who can educate me here. But the real point I'm making is that the security of a device like the iPhone requires the involvement of hardware design and everyone in the world wants a free ride by adding their own code to Apple's Secure Enclave hardware. There's no way on earth that anyone should be allowed to force Apple to redesign their hardware so that their software can get a free ride. If I'm wrong, tell me why.