teejay2012

ianbetteridge said:

M68000 said:

This seems to be totally a QA testing issue.  Was any testing done? 

So the answer to this is, "it's complicated". Some of this is going to be a bit simplified, but it's accurate enough.

Software on Windows can run in two modes: kernel mode; and user mode. User mode software shouldn't ever be able to cause a BSOD.

Security software needs to run in kernel mode. There are good reasons for this: malware often hides deep in the OS in places where user mode software can't find it. CrowdStrike Falcon works like a device drive, which allows it to reside in kernel mode and access system data structures and services.

"Heck," you're thinking, "so can anyone write a device driver and get their software running in kernel mode?" Well, no: Windows will display a warning unless a driver has passed Microsoft's WHQL testing process. In some cases, Windows won't even allow the driver to run.

Falcon is WHQL certified, so it *should* be pretty robust and not cause a BSOD. But there's a catch: it relies on dynamic definition files, which are deployed to update its configuration. From what I hear, Crowdstrike accidentally deployed one which contained nothing but zeros, which led to a catastrophic error. In other words, they simply deployed the wrong file. No testing will catch that -- it's a file that wasn't meant to be deployed at all.

cropr said:

mizhou said:

I agree! The tokenisation and biometric authentication to  confirm the transaction makes it far more secure, compared to swiping the card itself. The card issuers have been charging far higher fees for every transaction, than Apple does. Those high fees have been covering not only the costs of doing the transactions but also the cost of paying money back to us customers in cases where we’ve been victims of skimming or others means of criminal withdrawal of money from our accounts. 

It’s not so many years ago where you gave your card to the waiter in a restaurant and they went to the cash register to use the magnetic strip of the card in a card reader. A criminal working as a waiter could easily take a photo of the front of the card to get your card number, and a photo of the back to get the CCV/CVV three digit code on the back, and then use that to order stuff from the internet. It happened to a friend of mine about 15–20 years ago), when he was at some convention in Germany. Right after he got back home to Sweden another transaction was made with his card number in Germany and about 200 Euro was drawn from his account. He got his money back, and that is partly why the card issuers have those high fees. 

With ApplePay this can’t happen,, but the card issuers still charge the high fees from merchants, and since they don’t have to pay for such fraudulent activities, those high fees are pure source of extra income for them. I think they should be forced to lower their fees instead of taking away the small fee Apple charges. 

Just a reminder, the EMV standard, which enables a chip card based payment was created end of last century.   It is about 20 years ago that in the EU people gradually moved to EMV standard.  Not in every country at the same pace, but by 2008 the usage of EMV cards in the EU was more than 95%.  The remaining 5% was mainly from people coming from abroad (like from the US, where they were using magnetic stripe until very recently).

The fraud you are describing must be quite old, at least in the EU.  The last 10 years the waiter never takes the card with him, he brings a wireless payment terminal to the table of the customer.  Even before the the existence of wireless payment terminals,  I never gave my card to waiter, I usually stood up and went to payment terminal  to pay.   I know that in the US these things are different.

In terms of security there is no difference between a chip card payment and Apple Pay.   In fact Apple Pay is using the same EMV standard as for the chip card, but Apple Pay is using NFC as a communication layer.  

The fee that has to be paid to Apple for using Apple Pay is low but it is on top of the fee for the credit card company which has to be paid anyhow.  And it does not reduce the fraud wrt. the chip card EMV transaction, so it is logical that merchants and banks are complaining about this extra fee.

avon b7 said:

mizhou said:

danox said:

Walmart won't have anything they are not in Europe.

I know they’re not in Europe, but the guess some people reading and commenting here are from USA, and don’t know about stores we have here, so I used Walmart as an example, because they already knew that Walmart has rejected support for ApplePay and wants to have their own solution. 

But live in Sweden, and there are stores here that have their own cards. Those stores are not in the USA, and many of them not even in other EU countries, like ICA for example. We have ICA, Coop, Lidl, H&M and many other stores here. Most of them already have their membership or customers bonus cards that gives some benefits, and some even have their own credit cards like IKEA (Ikano), ICA, Norwegian (airline and bank) and many more. How many of them will support other wallets, when they implement their own wallets?

Then I need a Norwegian wallet to by airplane tickets, an Ikano card alley to shop at IKEA, an ICA wallet to shop in ICA stores etc. Unless EU will force them to support all wallets from other companies, while ch would be very costly, my guess is that each one of them will require you to use their own wallet. This means I will have to install multiple wallets, and can not freely choose one wallet for all my purchases. 

It's important to not lose sight of where we are coming from. 

Apple was the gatekeeper of Wallet/Payments on iPhone. There was no way that was favouring consumer choice or competition. And it was taking a cut from every single transaction. 

That is changing now. 

Walmart might be a terrible example as, AFAIK, it doesn't accept any contactless payments from phone wallets except via its app. That is not dissimilar to your corner shop not accepting credit cards and only accepting cash (or the other way around).

They do accept other payment methods though so that is different to the iPhone where the only option of paying contactless through the device was Apple Pay.

Ikea, Lidl, H&m etc all accept contactless phone payments from sources they have no control over. 

It's a completely different thing to have apps that incentivise customer loyalty. I use the Carrefour app with all its benefits but I don't have to use a Carrefour card or payment system to get the benefits.

You (and everyone as consumers) now has choice and decision making sway. If you do not like how a retail outlet works and it refuses to listen you can go with a competing store.

Multiple wallets is not an issue. Just like with most digital situations you will have a default choice and then be able to switch among the others as necessary.

That is how Apple Pay works when you have multiple cards on it.

My payment system (BBVA Pay) is fully integrated into the phone, App, biometric setup and offers far more than Apple could ever offer simply because it is a bank.

FWIW that is the only wallet I use because Google Pay still can't handle the dynamic CVC on my cards. 

If the store accepts contactless, it accepts contactless payments by phone.

I have yet to run into anywhere that has refused the wallet I use and no one has obliged me to use an alternative system. 

cessnapaul said:

mizhou said:

“In short, iPhone users in the EU will be able to replace Apple Pay and Apple's Wallet with offerings from other firms.”

I don’t think so. What EU has done is open up the possibility for other companies to create their own wallets. Pretend that this was in the USA, and Walmart created their own wallet, and MacDonalds their own etc. 

That hasn’t created a freedom for me as a customer to choose a wallet. Instead they will have to have a Walmart wallet, a MacDonalds wallet etc in addition to Apple Wallet. I’m enforced to use several different wallets. In theory I will have to have a wallet app for wvery store I shop in. This is a freedom for the companies to create their own wallets, and I will have to use multiple wallets, NOT a freedom for me to choose one wallet that I can use everywhere. 

The EU politicians have absolutely no clue what they’ve done. They’ve created a mess, not freedom for consumers. 

This is more about removing Apples swipe fees from the merchants. Apple gets a small fee each time their wallet is selected, and banks hate this fee, and therefore want to create their own loop excluding Apple wallet.
And to be clear, Apple didn't invent NFC, nor were they the first company to put it in a phone, so for them to use their power to 'gatekeep' this from business' and iPhone users should be removed I think.

avon b7 said:

teejay2012 said:

I am not looking for more apps asking for access to my financial information. Given how uninformed my own bank is on any technical issues, I would hardly trust them with NFC. I trust Apple and I like the convenience of Apple Pay. Consumers will vote of course but the banks and other vendors will need to buy the votes as they won't win on security or convenience imo.

Consumers will vote with their wallets 

The reality is we are more likely to see banks that already have Wallet/Payment systems on Android moving to iPhones. 

If they haven't had security issues on Android, their is little to no reason to believe they will have issues on iPhones.