Throughout the digital shift, data breaches have been a serious and ongoing problem. Recent large-scale attacks resulted in malware-infected payments terminals and tens of millions of stolen card numbers from chain stores like Home Depot and Target. Part of the reason for these thefts is that, with the current magnetic stripe system, card information is stored inside payment terminals in an unencrypted form.
But technologies like tokenization and near field communication (NFC) are making secure data possible — and Apple may be leading the way to substantially heightened online security with the launch of their new mobile payment system.
How Apple Pay works
The latest phones from Apple, the iPhone 6 and iPhone 6 Plus, are equipped with a mobile payment system that lets users pay for purchases in stores quickly and conveniently, right from their phones.
This payment system uses multiple security features to protect payment information. The first is Touch ID, Apple’s biometric identification system already used in previous iPhones that identifies users by thumbprint. The second is NFC communication, which eliminates the magnetic stripe interface that is one of the leading reasons for security breaches.
But the most important security feature for Apple Pay is tokenization. The technology stores a 16-digit proxy number on a security chip inside the phone, rather than your actual payment card number. This “token” number is given to the retailer at the point of sale, and the retailer sends the token to the card issuer. Then, a trusted third party converts the token to the payment card number and sends it to the issuer — meaning the retailer never receives the actual card number.
The tokens also incorporate unique, transaction- and user-specific data, which prevents them from being reused even if they’re stolen.
Simplifying the user experience could lead to widespread adoption
In a recent keynote speech, Apple CEO Tim Cook demonstrated how easy it is to pay with this solution: Users simply hold their thumb on the Touch ID sensor and tap the phone against a payment terminal. The entire transaction takes only seconds, and is substantially more secure than magnetic stripe transactions — or even other mobile payment solutions.
Apple has always excelled at ease of use for its technologies, and the company’s entry into the mobile payment market could prompt the competition to step up their games. The more mobile payment providers offering easy-to-use solutions, the more retailers will adopt systems that accept these types of highly secure payments. In the time since Apple Pay was launched, competitor Google Wallet has already seen significant growth in usage and adoption from both customers and retailers.
Contactless NFC payment systems could provide the level of security required to make data breaches a thing of the past, especially if other providers adopt tokenization technologies to enhance security. Consumer data will be safer online, and the cumbersome and risky magnetic stripe system may be headed for obsolescence.
With Apple leading the way, widespread adoption of mobile payment solutions has a real chance of occurring — and the competition is sure to follow suit. If you want to know more about the future of personal data security or how it applies to your company, contact the IT experts at The Armada Group.