Even before launch, Apple Pay the 'player to beat' in mobile payments, Morgan Stanley says

13

Comments

  • Reply 41 of 66
    solipsismxsolipsismx Posts: 19,566member
    nexusphan wrote: »
    1.  Google Wallet has had it's own token and pin system that it handles rather than getting third party behind door deals with banks and card issuers and using individual solutions. Which is better? Depends who you ask. In the end, they function identically.
    2.  Google requires a secure element for Google wallet. It was the main reason US carriers were previously blocking Google Wallet from being installed because it required access to the secure element.
    3. I already mentioned the fingerprint as a minor advantage for Apple. That's hardware based and not something Google could (or should) control. A unique PIN on Google Wallet is the same as a PIN for your debit card already and has worked for years. With Google's two-step authentication, it's likely just as secure.

    1. That's my point. Google hasn't worked with the financial institutions.
    2. That's my point. Google didn't require a secure element and now it's some element on the NFC HW because Google doesn't have any vertical integration to create a secure system.
    3. That's my point. Google saw being able to say "First!" was the most important aspect of this technology while Apple planned for years which is why they now have a MAJOR advantage.
  • Reply 42 of 66
    Quote:
    Originally Posted by plovell View Post

     

    That's good if you like it. I do not, because I do not want Google to have all my credit card numbers in addition to everything else it collects about me. YMMV.

    It's a stretch to claim that using an EMVCo standard amounts to "behind the scenes deals". Surely you can do better than this?


     

    Yes Apple pay *might use - do we know 100% yet?* the EMVCo standard but Apple requires a cut of each transaction to "let" banks in leading to behind the scenes negotiations. That's fine with me, that's how business works when you have as much muscle as Apple.  I didn't intend for that to be as condescending/confrontational as it sounded. What it means for us consumers is some cards and banks out there will lack support for Apple pay because they were not willing to give up revenue to Apple. Google supports them all because it handles the tokens. It's just an advantage for Google wallet users because of how Google does business.

  • Reply 43 of 66
    bkerkaybkerkay Posts: 139member
    Quote:

    Originally Posted by NexusPhan View Post

     

     

    That's pretty hysterical that you think that. I can't find one single thing that Apple Pay does that Google Wallet and Google Secure Checkout haven't already been doing. I guess I'll give them credit for fingerprints in place of a passcode, but that's pretty minor and hardware limited. I can, however, find plenty that Google wallet does that Apple Pay does not.

    Don't get me wrong, I'm happy to see Apple finally make it's want into payments, but to outright ignore what Google has already done and believe they will somehow copy Apple is the summation of what is so wrong with Apple right now and their strategy of blindfolding consumers.


    Google Wallet might have been around "for years", but it doesn't mean anything if adoptation doesn't exist.  Even Google admits this: http://www.fiercewireless.com/story/google-acknowledges-slow-wallet-adoption-promises-stick-it/2014-04-11

     

    In about a month or so... millions of people in the US will be using Apple Pay.  I don't think you can say the same with Google Wallet.  Being first isn't always best... doing it right is. 

  • Reply 44 of 66
    Quote:

    Originally Posted by SolipsismX View Post



    The thing is, Google can't copy this because Google doesn't have the vertical integration Apple has. 

    This.

     

    Hence my point about why Apple should also be in the 'terminal' hardware business. After all, their hardware solutions are truly what they're known for!

  • Reply 45 of 66
    Quote:
    Originally Posted by SolipsismX View Post

     

    1. That's my point. Google hasn't worked with the financial institutions.

    2. That's my point. Google didn't require a secure element and now it's some element on the NFC HW because Google doesn't have any vertical integration to create a secure system.

    3. That's my point. Google saw being able to say "First!" was the most important aspect of this technology while Apple planned for years which is why they now have a MAJOR advantage.


     

    1. If the scenarios were switched (Apple did the tokens and left the banks out) I guarantee you you be spewing out garbage about how Google is in bed with the big evil banks. I prefer Google's open way, but understand why Apple did what it did.

    2. Google wallet does require access to the secure element. It's part of the phone hardware no different than Apple. Carriers didn't like it until the FCC got involved.

    3. If the most important differentiation to you is how you unlock the app, surely saying Google is going to copy everything is a bit far fetched, don't you think?

  • Reply 46 of 66
    lantznlantzn Posts: 240member
    adonissmu wrote: »
    Innovation in the form of working with the banks and players in the financial markets. Google may beat Apple to launching a feature but usability is the real issue and having a buy in from banks. 

    brucemc wrote: »
    I fully believe that Apple will go from 0 to the lead in mobile payments, and push the industry forward as a whole.  It has been thus with Apple over last (almost) 2 decades - not always first, but with best overall implementation and most impact on industry.  Its impact on the user in convenience varies by country - within Canada and many European countries where NFC is already widely deployed, the convenience improvement isn't as great (though still some - generally easier to pull out phone than a card from wallet), but the security and privacy improvements will be significant.  The thing with Apple Pay, is that it basically benefits all players in the system (user, merchant, payment network, card issuer).

    Although not discussed as much, I think Apple Pay will have a similar effect on online/e-commerce as well.  I haven't seen any analyst mention that with TouchID, that biometric reading with Apple Pay will greatly reduce fraud for on-line, which should translate to a lower rate for merchants that use it.  I have read that the rates could be same/close to the card present rate, and that itself will drive the merchants to adopt it quickly - they pay less on every transaction.  Being able to use the common method across on-line merchants, paying with TouchID, massively increased security for the user (hello Target and Home Depot disasters), simple setup - the benefits for merchant, issuer, and user are huge.  While the Apple keynote only mentioned "Apps", it should be possible to support Apple Pay for general web payment as well - would require work on the Apple (method for exchanging information over HTTPS) and merchant side.  Perhaps this will be a "phase 2", but the benefits to seem clear.

    Right now Apple has a good lead here.  While Google Wallet is of course available for Andr

    oid devices, getting the combination of reliable biometric authentication, secure information storage, payment ecosystem buy-in, & ability to bypass the mobile operators (who have a competing solution), is a challenge.  Samsung have a fingerprint reader (how reliable?), but they can't just tie that into Google Wallet in the secure manner that Apple has.  Not sure Samsung's carrier partners will support it.


    This is why I expect the new iPads to support Apple Pay - not for the NFC part (might be useful in business as a terminal?), but as iPads are much more used for online/e-commerce.  This might not drive a huge upgrade demand in iPads initially (e.g. this quarter), as this usecase/feature is not as easily understood as physical features like "Retina Screen" or thinner/lighter in the past, but it will build over time.

    You can bet they are going for online payments. Apple was in talks with PayPal about coming on board with ApplePay. Ebay's push to have the PayPal Samsung deal with the S5 ruined it.
  • Reply 47 of 66
    bkerkaybkerkay Posts: 139member
    Quote:

    Originally Posted by SolipsismX View Post

     

    That's my point. Google saw being able to say "First!" was the most important aspect of this technology while Apple planned for years which is why they now have a MAJOR advantage.


     

    Agreed. 

  • Reply 48 of 66
    solipsismxsolipsismx Posts: 19,566member
    nexusphan wrote: »
    1. If the scenarios were switched (Apple did the tokens and left the banks out) I guarantee you you be spewing out garbage about how Google is in bed with the big evil banks. I prefer Google's open way, but understand why Apple did what it did.
    2. Google wallet does require access to the secure element. It's part of the phone hardware no different than Apple. <span style="line-height:1.4em;">Carriers didn't like it until the FCC got involved.</span>

    <span style="line-height:1.4em;">3. If the most important </span>
    differentiation to you<span style="line-height:1.4em;"> is how you unlock the app, surely saying Google is going to copy </span>
    everything<span style="line-height:1.4em;"> is a bit far fetched, don't you think?</span>

    1. No I wouldn't, and if you followed my posting history here you'd know that.
    2. No, not the same thing.
    3. I didn't say Google was copying, although you're comments here regarding Google having this for years would imply that Apple is copying them, but I do think Google should follow Apple's lead because Apple did this the right way, which is the way I've been advocating since before Google Wallet existed. This is also "copying" logistical copying that won't likely violate patents and will benefit the security and safety of Android users, which I want desperately to happen. In fact, I've been very vocal on my approval of NFC on this site despite most here having a negative, visceral response to NFC because of the piss-poor job Google did in designing their solution.
  • Reply 49 of 66
    Quote:
    Originally Posted by SolipsismX View Post

     

    1. No I wouldn't, and if you followed my posting history here you'd know that.

    2. No, not the same thing.

    3. I didn't say Google was copying, although you're comments here regarding Google having this for years would imply that Apple is copying them, but I do think Google should copy Apple because Apple did this the way I've been saying since before Google Wallet existed. In fact, I've been vocal on my approval of NFC despite most here having a negative, visceral response to NFC because of the piss-poor job Google did in designing their solution.


     

    Ah, you have it all wrong. I believe there are a number of options that lead to similar solutions. I certainly was not accusing Apple of copying anything. I posted here because the first comment talked about Google getting ready to copy Apply Pay. All I was doing was trying to do was give Google credit where credit was due. Glad to hear you were reasonable in the NFC talks. It really can be extremely secure for payments.

    Oh, and for number two, yes it is very similar!

    "The NFC's Secure Element is protected access memory. Access to the Secure Element requires that an application has a valid key, typically granted from the chipset manufacturer and subject to a non-disclosure agreement. As a precaution to prevent brute force attacks, Secure Element access becomes permanently disabled after a predetermined number of invalid attempts to access it. Communication between the Android Operating System and the Secure Element is done via the Application Protocol Data Unit, with code execution done in a protected and isolated environment."

    Source: http://en.wikipedia.org/wiki/Google_Wallet

  • Reply 50 of 66
    ibeamibeam Posts: 322member
    Quote:
    Originally Posted by lantzn View Post



    You can bet they are going for online payments. Apple was in talks with PayPal about coming on board with ApplePay. Ebay's push to have the PayPal Samsung deal with the S5 ruined it.

    As was pointed out to me in a prior thread, Apple has already provided a preliminary overview of how app developers can use Apple Pay to accept online payments. I was expecting a unified Apple Pay app from Apple which would execute the payment. I was imagining you could get a transaction code from any participating online web page or app and it would be entered into the Apple Pay app which would populate with all of the transaction details and verified with Touch ID. That way you don't have to have individual apps for every place you want to shop. I think it would be a much better user experience if it was integrated.

  • Reply 51 of 66
    solipsismxsolipsismx Posts: 19,566member
    nexusphan wrote: »
    Oh, and for number two, yes it is very similar!
    <span style="line-height:1.4em;">"</span>
    The NFC's Secure Element is protected access memory. Access to the Secure Element requires that an application has a valid key, typically granted from the chipset manufacturer and subject to a non-disclosure agreement. As a precaution to prevent brute force attacks, Secure Element access becomes permanently disabled after a predetermined number of invalid attempts to access it. Communication between the Android Operating System and the Secure Element is done via the <a href="http://en.wikipedia.org/wiki/Smart_card_application_protocol_data_unit" style="background-image:none;color:rgb(11,0,128);line-height:1.4em;" target="_blank" title="Smart card application protocol data unit">Application Protocol Data Unit</a>
    , with code execution done in a protected and isolated environment."

    It's more similar than it used to be, but Apple's explanation of their secure element on their SoC, including how Touch ID's "secure enclave" works, and the end-to-end solution Apple helped set up with the multinationals and financial institutions makes this very, very different from Google Wallet. That's why I'm saying that even if Google does partner with the financial institutions — which I very much want for all Android users — that I'm not sure they will still be able to negotiate less than card present fees for their NFC transactions because of inherent differences between the way the secure elements are accessed due to a lack of vertical integration because of the lack of control Google has over the HW.

    The fact that Google stores your cards on their system is not a solution I want. I also wouldn't store them on Apple's servers, which is why I also don't use their iCloud Keychain service for anything, much less Debit and CC numbers.
    How does Google Wallet protect my payment credentials?
    Google Wallet stores your credit and debit cards on secure servers and encrypts your payment information with industry-standard SSL (secure socket layer) technology. Your full credit and debit card information is never shown in the app. In addition, access to Google Wallet is protected by password or PIN. We also recommend locking your phone with a passcode for additional security.
  • Reply 52 of 66
    Quote:

    Originally Posted by SolipsismX View Post





    It's more similar than it used to be, but Apple's explanation of their secure element on their SoC, including how Touch ID's "secure enclave" works, and the end-to-end solution Apple helped set up with the multinationals and financial institutions makes this very, very different from Google Wallet. That's why I'm saying that even if Google does partner with the financial institutions — which I very much want for all Android users — that I'm not sure they will still be able to negotiate less than card present fees for their NFC transactions because of inherent differences between the way the secure elements are accessed due to a lack of vertical integration because of the lack of control Google has over the HW.



    The fact that Google stores your cards on their system is not a solution I want. I also wouldn't store them on Apple's servers, which is why I also don't use their iCloud Keychain service for anything, much less Debit and CC numbers.

     

    Oh you're absolutely right, Google will not be able to negotiate anything close to what Apple has done. But, they wouldn't try to anyway because they rely almost entirely on ad revenue. Google Wallet ad revenue works by reminding you of loyalty cards stored in Google Wallet when you're in that store. It's probably one of the least intrusive, most welcome ads in existence. Unlike the ads on this website!

    And that's a fair point about online card storage. I'd assume it's stored online for Google Wallet checkout services on desktop browsers. Doesn't bother me, but I understand concerns given there is no opt-out, other than just not using Google Wallet at all. I'd imagine Apple stores cards online too, seeing as they have similar ambitions for online shopping, no?

  • Reply 53 of 66
    plovellplovell Posts: 824member
    Quote:

    Originally Posted by NexusPhan View Post

    Yes Apple pay *might use - do we know 100% yet?* the EMVCo standard 


    I believe that has been confirmed (don't have a reference ready to hand but think it was via Banking Innovations site). I'll post the link if I can find it. To your point, I don't think it was a posting directly from Apple, but from people who worked to enable this.

     

    Quote:
    Originally Posted by NexusPhan View Post

     

     

    ... but Apple requires a cut of each transaction to "let" banks in leading to behind the scenes negotiations. That's fine with me, that's how business works when you have as much muscle as Apple.  I didn't intend for that to be as condescending/confrontational as it sounded. What it means for us consumers is some cards and banks out where will lack support for Apple pay because they were not willing to give up revenue to Apple. Google supports them all because it handles the tokens. It's just an advantage for Google wallet users because of how Google does business.


    When the details emerged, I was surprised at the low percentage that Apple gets. Small enough to ask myself "why?". It's 0.15% whereas the banks/issuers get 2.5 - 3.0% So Apple is certainly not doing it for the money. And the revenue comes as part of the existing "fee" and is not an additional fee on top of the 2.5 - 3.0%  It seems that the banks/FIs are willing to give up this small amount in return for a reduction in fraud. And in addition, on-line transactions ("card not present"[CNP]) made via Apple Pay are to be charged the lower "card-present" rate - because of the solid authentication. (*)   This is a big deal for on-line merchants. They will be very happy to accept Apple Pay. I expect that banks and card issuers will be OK with giving up 0.15% to Apple if it does indeed reduce fraud They will come out ahead. Some reports have said that, in return for the 0.15%, Apple will accept some liability but that percentage seems to me to be too low for that.

     

    * I have no idea how Apple Pay will work for on-line transactions. It clearly cannot be NFC, although I guess the token data is stored in the secure element in the NFC chip. This will indeed be interesting to see.

  • Reply 54 of 66
    solipsismxsolipsismx Posts: 19,566member
    nexusphan wrote: »
    I'd imagine Apple stores cards online too, seeing as they have similar ambitions for online shopping, no?

    Only for items stored in iCloud Keychain, which now includes debit/CCs for online shopping in Safari, but for their ?Pay system they do not. They store nothing online. They are not intermediaries of the card data in any way.

    They do store a card (for most people) for their iTunes Store (App Store/iBookstore) and Apple Store accounts with at the former being tied to your iCloud account and will be pulled from Apple's servers, if you choose, to be added to their ?Pay system, but that's a one-way situation for convenience with that one card they have on file. Apple is very clearly stating they have zero interest in being part of payment system.


    Moving on, for securing online payments via the browser I am hoping that next year Apple will grow their ?Pay solution so that banks can issue representational card numbers to various online vendors so that if, for instance, newegg.com's financial servers get hacked it won't allow any transactions with those representational card numbers to be used from anywhere else, as well as allowing them to kill those representational numbers quickly. But that's a lot work for financial institutions as they'll need to possibly maintain an average of many hundreds of card numbers per user per actual card.
  • Reply 55 of 66
    Quote:

    Originally Posted by SolipsismX View Post



    Only for items stored in iCloud Keychain, which now includes debit/CCs for online shopping in Safari, but for their ?Pay system they do not. They store nothing online. They are not intermediaries of the card data in any way.



    They do store a card (for most people) for their iTunes Store (App Store/iBookstore) and Apple Store accounts with at the former being tied to your iCloud account and will be pulled from Apple's servers, if you choose, to be added to their ?Pay system, but that's a one-way situation for convenience with that one card they have on file. Apple is very clearly stating they have zero interest in being part of payment system.



    Moving on, for securing online payments via the browser I am hoping that next year Apple will grow their ?Pay solution so that banks can issue representational card numbers to various online vendors so that if, for instance, newegg.com's financial servers get hacked it won't allow any transactions with those representational card numbers to be used from anywhere else, as well as allowing them to kill those representational numbers quickly. But that's a lot work for financial institutions as they'll need to possibly maintain an average of many hundreds of card numbers per user per actual card.

     

    Thanks very much for the explanation.

    I actually thought a part of Apple pay was for online shopping like Google Wallet checkout is. Google Wallet uses tokens (real credit card numbers are never given) and auto-fills addresses and the like when purchasing on websites on desktop and mobile. It's really, really great but isn't widely adopted. Maybe a few hundred sites. I'd be stunned if Apple Pay does not add similar functionally very quickly, which is good because it's a great feature.

  • Reply 56 of 66
    plovellplovell Posts: 824member
    Quote:

    Originally Posted by NexusPhan View Post

     

     I'd imagine Apple stores cards online too, seeing as they have similar ambitions for online shopping, no?


    Nope. Only tokens. And, as I mentioned an another post, I have no idea how they'll do on-line purchases. 

     

    Doing it from your iPhone is easy but how does it work with a desktop? That will be interesting to see, and very interesting to me as I do it a lot.

  • Reply 57 of 66
    Quote:

    Originally Posted by plovell View Post

     

    Nope. Only tokens. And, as I mentioned an another post, I have no idea how they'll do on-line purchases. 

     

    Doing it from your iPhone is easy but how does it work with a desktop? That will be interesting to see, and very interesting to me as I do it a lot.


     

    That it will be.

    I'd guess it'll be an OS X only solution and similar to trusted Bluetooth pairing. That way only the tokens and name/address are sent from your phone to your desktop and it's only Apple ecosystems to remain in their control. Maybe a special checkout button on the desktop appears while paired to a phone and that point will prompt for a fingerprint scan to confirm the amount and website. Seems reasonably to me, albeit a bit more cumbersome than Google Wallet but with the benefit of no cards stored online. What do you think??

  • Reply 58 of 66
    plovellplovell Posts: 824member
    Quote:

    Originally Posted by NexusPhan View Post

     

     

    That it will be.

    I'd guess it'll be an OS X only solution and similar to trusted Bluetooth pairing. That way only the tokens and name/address are sent from your phone to your desktop and it's only Apple ecosystems to remain in their control. Maybe a special checkout button on the desktop appears while paired to a phone and that point will prompt for a fingerprint scan to confirm the amount and website. Seems reasonably to me, albeit a bit more cumbersome than Google Wallet but with the benefit of no cards stored online. What do you think??




    Hhmmm. Yes - that does indeed sound workable. 

     

    And because the security stuff happens on the iPhone, it doesn't need to be Mac-only. It could be done on Windows if the appropriate hardware and software is present. Yes - BT is a good solution. Thanks for mentioning it (I hadn't thought of that)

  • Reply 59 of 66
    solipsismxsolipsismx Posts: 19,566member
    nexusphan wrote: »
    I actually thought a part of Apple pay was for online shopping like Google Wallet checkout is.

    I think only for apps that use the ?Pay APIs is that available. I don't think Apple has done that for Safari because of the inherent security issues via the browser interface, but I could be wrong.
  • Reply 60 of 66
    plovellplovell Posts: 824member
    NexusPhanQuote:

    Originally Posted by SolipsismX View Post





    I think only for apps that use the ?Pay APIs is that available. I don't think Apple has done that for Safari because of the inherent security issues via the browser interface, but I could be wrong.

    NexusPhan suggested Bluetooth as a solution (I hadn't thought of that) and it seems that it could be a nice solution. The iPhone would do all the security work (dealing with the token etc) and the browser would just pass through the secured blob. This would neatly sidestep the security problems with a browser interface. It would also open up the solution to suitably-equipped Windows  machines (I would expect that more than a few iPhone 6 users use Windows).

Sign In or Register to comment.