Consumer Reports crowns Apple Pay Cash best P2P payments service

2»

Comments

  • Reply 21 of 29
    cropr said:
    LukeCage said:
    I don’t feel Apple should get punished for the broad access so much because in some instances it’s literally not their fault. Look how long it took CVS to allow Apple Pay and big name hold outs still include Target and Walmart. However on the other hand Apple doesn’t advertise Apple Pay at least that’s what it seems to me.  Also I often hear that Apple doesn’t work with businesses to get Apple Pay stickers in windows and just get the word out. 
    It is Apple's choice to offer Apple Pay only on iOS and not for e.g. Android devices.

    We are using a solution developed by a consortium of banks, which is available for iOS and Android, supports all local banks and works like a charm
    Yup, Apple Pay Cash is iOS only. Makes sense to me. Can Apple guarantee that their app would be as secure on android as it is on iOS? I don’t know, but it seems that could be a limiting factor. Considering how poor Samsung’s biometric offerings have been (easily spoofed by a photo, etc) I can understand the hesitation. 

    If everyone in your group used a local bank that’s great for you guys. But I routinely send money to my mother via APC and she doesn’t use a bank that’s local to me. We live several states and hundreds of miles apart. 

    It seems there are advantages to both solutions.
  • Reply 22 of 29
    avon b7avon b7 Posts: 7,625member
    cropr said:
    You are using a solution that sacrifices privacy and security. If I have to pay or get paid by someone with an Android device, I might begrudgingly allow myself to use one of the alternate payment methods. That's not going to make me embrace the alternate payment system across the board.
    You are assuming a lot of things even if I have not given any technical details. You absolutely have no clue about the privacy and security of the P2P method used, so you quite arrogantly say it must be weak, as Apple is the only company who knows something about security and can build a secure payment system
    By all means, tell us about your wondrous P2P payment system that offers security, privacy, and ease of use equal to or superior to Apple Pay's, yet wasn't evaluated by CR for some reason.

    I find it amusing, though, that you've chosen a "solution developed by a consortium of banks", considering that virtually every major bank has had their customer data hacked and/or has been found to play fast and loose with personal data. Meanwhile, Apple has never suffered such a security breach, and their business model does not involve the sale or sharing of user data.

    Which banks are they?

    A lot of  people like Twyp. Why do you think it could be a privacy issue or less secure than Apple Pay Cash?
  • Reply 23 of 29
    croprcropr Posts: 1,122member
    cropr said:
    You are using a solution that sacrifices privacy and security. If I have to pay or get paid by someone with an Android device, I might begrudgingly allow myself to use one of the alternate payment methods. That's not going to make me embrace the alternate payment system across the board.
    You are assuming a lot of things even if I have not given any technical details. You absolutely have no clue about the privacy and security of the P2P method used, so you quite arrogantly say it must be weak, as Apple is the only company who knows something about security and can build a secure payment system
    By all means, tell us about your wondrous P2P payment system that offers security, privacy, and ease of use equal to or superior to Apple Pay's, yet wasn't evaluated by CR for some reason.

    I find it amusing, though, that you've chosen a "solution developed by a consortium of banks", considering that virtually every major bank has had their customer data hacked and/or has been found to play fast and loose with personal data.

    The system is only available in Belgium. The  Belgium eco system of payments is much more advanced than the US one.   We moved e.g. to chip card payments only some 20 years ago. 

    The system in use works as follows:  The receiver of payment, starts the app and initiates a transaction with his bank, saying he wants to receive an amount of X from somebody (unknown for his bank).  The bank creates a security token which is displayed as part of a QR code on the screen of the receiver.  The payer scans with his app the QR code and confirms the payment and sends the token to his bank, which validates the confirmation, check the payers' balance and send to token back to receivers' bank and the banks settle the payment immediately.  Both persons are informed by their banks about the outcome of the transaction.  Nowhere personal information is  exchanged.  The receiver does know the payers' bank or account details and vice versa.    That is why privacy is 100% guaranteed. The security is as good as Apple Pay because the same mechanism of security tokens is used.

    The crucial part is the immediate settlement of the payment, so the receiver is absolutely sure he is paid.  This is the main reason why a consortium of the Belgian banks is needed.

    williamlondon
  • Reply 24 of 29
    cropr said:
    cropr said:
    You are using a solution that sacrifices privacy and security. If I have to pay or get paid by someone with an Android device, I might begrudgingly allow myself to use one of the alternate payment methods. That's not going to make me embrace the alternate payment system across the board.
    You are assuming a lot of things even if I have not given any technical details. You absolutely have no clue about the privacy and security of the P2P method used, so you quite arrogantly say it must be weak, as Apple is the only company who knows something about security and can build a secure payment system
    By all means, tell us about your wondrous P2P payment system that offers security, privacy, and ease of use equal to or superior to Apple Pay's, yet wasn't evaluated by CR for some reason.

    I find it amusing, though, that you've chosen a "solution developed by a consortium of banks", considering that virtually every major bank has had their customer data hacked and/or has been found to play fast and loose with personal data.

    The system is only available in Belgium. The  Belgium eco system of payments is much more advanced than the US one.   We moved e.g. to chip card payments only some 20 years ago. 

    The system in use works as follows:  The receiver of payment, starts the app and initiates a transaction with his bank, saying he wants to receive an amount of X from somebody (unknown for his bank).  The bank creates a security token which is displayed as part of a QR code on the screen of the receiver.  The payer scans with his app the QR code and confirms the payment and sends the token to his bank, which validates the confirmation, check the payers' balance and send to token back to receivers' bank and the banks settle the payment immediately.  Both persons are informed by their banks about the outcome of the transaction.  Nowhere personal information is  exchanged.  The receiver does know the payers' bank or account details and vice versa.    That is why privacy is 100% guaranteed. The security is as good as Apple Pay because the same mechanism of security tokens is used.

    The crucial part is the immediate settlement of the payment, so the receiver is absolutely sure he is paid.  This is the main reason why a consortium of the Belgian banks is needed.


    That’s rich. Complain about Apple Pay Cash only working on iPhones while using a P2P system only available in a single, small country.

    Literally NOTHING in your post allows you to make the claim that security is as good as Apple Pay. It very well might be, but you have no evidence at all to support your claim.
    edited August 2018 Soliwilliamlondon
  • Reply 25 of 29
    p-dogp-dog Posts: 131member
    Two words for all of you who are disparaging Apple for the lack of multi-platform availability of Apple Pay Cash and its reason why: “SECURE ELEMENT“

    This highly encrypted chip on every modern iOS, WatchOS and Mac system is unique to Apple. It doesn’t just store Face ID and Touch ID information, but also credit cards and their respective payment data. Not even Apple can gain access to the Secure Element.  THIS is Why Apple’s payment system is more, for want of another word, secure.  Consumer Reports is downgrading Apple in their latest review for something that is a benefit, not a detriment, and is why hackable, data-scraping payment systems used by other companies and mobile platforms cannot be as safe to use as Apple Pay and Apple Pay Cash.   The goal of other companies is to monetize their users, whereas Apple wants to sell hardware.  I’m surprised nobody mentioned this in prior comments. 
    edited August 2018
  • Reply 26 of 29
    BluntBlunt Posts: 224member
    cropr said:.  

    The system in use works as follows:  The receiver of payment, starts the app and initiates a transaction with his bank, saying he wants to receive an amount of X from somebody (unknown for his bank).  The bank creates a security token which is displayed as part of a QR code on the screen of the receiver.  The payer scans with his app the QR code and confirms the payment and sends the token to his bank, which validates the confirmation, check the payers' balance and send to token back to receivers' bank and the banks settle the payment immediately.  Both persons are informed by their banks about the outcome of the transaction.  Nowhere personal information is  exchanged.  The receiver does know the payers' bank or account details and vice versa.    That is why privacy is 100% guaranteed. The security is as good as Apple Pay because the same mechanism of security tokens is used.

    The crucial part is the immediate settlement of the payment, so the receiver is absolutely sure he is paid.  This is the main reason why a consortium of the Belgian banks is needed.


    They use this system in Holland too and it basically sucks. Comaparing it to Apple Pay is bullshit. Apple's solutions is so much more user friendly.
    williamlondon
  • Reply 27 of 29
    cropr said:
    cropr said:
    You are using a solution that sacrifices privacy and security. If I have to pay or get paid by someone with an Android device, I might begrudgingly allow myself to use one of the alternate payment methods. That's not going to make me embrace the alternate payment system across the board.
    You are assuming a lot of things even if I have not given any technical details. You absolutely have no clue about the privacy and security of the P2P method used, so you quite arrogantly say it must be weak, as Apple is the only company who knows something about security and can build a secure payment system
    By all means, tell us about your wondrous P2P payment system that offers security, privacy, and ease of use equal to or superior to Apple Pay's, yet wasn't evaluated by CR for some reason.

    I find it amusing, though, that you've chosen a "solution developed by a consortium of banks", considering that virtually every major bank has had their customer data hacked and/or has been found to play fast and loose with personal data.

    The system in use works as follows:  The receiver of payment, starts the app and initiates a transaction with his bank, saying he wants to receive an amount of X from somebody (unknown for his bank).  The bank creates a security token which is displayed as part of a QR code on the screen of the receiver.  The payer scans with his app the QR code and confirms the payment and sends the token to his bank, which validates the confirmation, check the payers' balance and send to token back to receivers' bank and the banks settle the payment immediately.  Both persons are informed by their banks about the outcome of the transaction.  Nowhere personal information is  exchanged.  The receiver does know the payers' bank or account details and vice versa.    That is why privacy is 100% guaranteed. The security is as good as Apple Pay because the same mechanism of security tokens is used. 
    This may sound more convoluted that it is in practice, but using Apple Pay Cash is as easy as saying, “Hey Siri, send cropr $20.”

    I’m curious, how is a user’s identity verified in the scenario you have mentioned here?
    williamlondon
  • Reply 28 of 29
    Consumer Reports is useless, they don't know how to test anything.  All their tests are flawed.

    /s
  • Reply 29 of 29
    Regardless of their positive review, I find Consumer Reports to be out of step with the kinds of criteria I look for in nearly every product they choose to evaluate.
Sign In or Register to comment.