Re: Apple Pay

Hi.

some more comments (question?)

who take charge of risk?
who verify customer signature(or PIN) is equivalent to card's?

maybe Apple can verify card holder identity with their internal resources,

I think the risk level is different from iTunes'



On Wed, Sep 10, 2014 at 4:05 PM, Adrian Hope-Bailie <adrian@hopebailie.com>
wrote:

> So, lets do some grade A speculation:
>
> I suspect that this is all built on standardised technology but given an
> Apple shine.
> For the system to work at "220,000 stores that already support
> contactless payments" this would have to be the case.
>
> Likely it is a combination of HCE (i.e. provision the phone's secure
> element over the air) and the use of the tokenisation spec already
> published by EMVCo (http://www.emvco.com/specifications.aspx?id=263).
> I wouldn't be surprised if Apple had a hand in developing that
> tokenisation spec with the networks.
>
> What is interesting is that Apple are therefore working with issuers
> primarily (whose cards are stored in iTunes), not acquirers.
> They don't yet manage the full payment life-cycle end to end although one
> can assume this will come soon when payments start being made from one iOS
> device to another.
>
> They haven't invented anything new (even if the US market thinks they
> have).
> Apple very seldom do invent anything new. All of their revolutionary
> "inventions" have been brilliantly executed versions of something that
> already existed in some form or another.
> However, we should not underestimate the power of the Apple brand coming
> into our world.
> They have just made contactless and mobile payments cool, even for the
> folks that are completely non-technical.
>
> Note:
> This is still debit-pull card based payments but apple is providing the
> complicated bits like the token store (or off-loading it to the card
> networks).
> That said, once users are used to using their phones to pay moving to a
> push-based mechanism becomes that much easier and will be key to P2P
> payments.
>
> On 10 September 2014 05:35, Mountie Lee <mountie@paygate.net> wrote:
>
>> Hi.
>> for the Apple Pay mechanisms,
>>
>> will it be correct as following?
>>
>> 1. real credit card information is stored at Apple side (same to iTunes
>> way)
>> 2. when user try to pay at store, a token (which is generated by apple,
>> virtual credit card format?) is pass to merchant.
>> 3. merchant send the token to their processor/acquirer
>> 4. the participating banks will verify the token with Apple
>> 5. settle money to merchant.
>>
>> does Apple Pay always need connected environment?
>>
>> regards
>> mountie
>>
>>
>> On Wed, Sep 10, 2014 at 7:31 AM, Stuart Langridge <sil@kryogenix.org>
>> wrote:
>>
>>> On Tuesday, 9 September 2014, Kingsley Idehen <kidehen@openlinksw.com>
>>> wrote:
>>>
>>>> On 9/9/14 1:57 PM, Stéphane Corlosquet wrote:
>>>>>
>>>>> Quoting:
>>>>> Our mission is to replace your wallet, starting by focusing on
>>>>> payments.
>>>>> ...
>>>>> Digging for your cards is antiquated.
>>>>> The magnetic stripe interface is outdated and insecure.
>>>>>
>>>>>
>>>> Yep!
>>>>
>>>> Just need to take a look at their APIs and other technical details.
>>>>
>>>> Apple is an important player in this space, for sure.
>>>>
>>>> Bear in mind that the antiquated magnetic stripe interface has already
>>> been cast aside in most places that aren't the USA. Here in the UK we've
>>> had contactless payment for years; it is not an exciting revolution, and we
>>> should be wary of presenting something that (frankly) drags the US into the
>>> 21st century as a thing that is super-important, because everyone else
>>> already has it.
>>>
>>>
>>>
>>> --
>>> New Year's Day --
>>> everything is in blossom!
>>> I feel about average.
>>>    -- Kobayashi Issa
>>>
>>
>>
>>
>> --
>> Mountie Lee
>>
>> PayGate
>> CTO, CISSP
>> Tel : +82 2 2140 2700
>> E-Mail : mountie@paygate.net
>>
>>
>


-- 
Mountie Lee

PayGate
CTO, CISSP
Tel : +82 2 2140 2700
E-Mail : mountie@paygate.net