Last month, Apple Pay launched in the UK, grabbing the attention of many consumers who now have access to a quick and simple payment solution with a brand they love, and carry with them 24/7. With over 250,000 locations around the country accepting Apple Pay as a payment method, its debut has made it more widely available than when it first launched in the US last year. With the backing of a much admired brand like Apple, its popularity is sure to continue to increase in coming years.
Building on a strong contactless payments landscape
One of the key drivers behind Apple Pay’s success in the UK is the country’s already extensive contactless NFC terminal infrastructure and ‘friendly’ attitude to contactless payments. Currently, there are 58 million contactless cards being used in the UK, leading to 46.1 million contactless payments in December last year alone. The launch of Apple Pay will surely cause further momentum in this contactless culture.
When you consider that one quarter of British consumers expect to use their mobile to make a payment next year, according to MasterCard, it is clear to see that this exponential growth in contactless payments will mirror how consumer adopt mobile payments in the next few years. The ability for British consumers to readily embrace mobile and contactless payments has meant that the Apply Pay launch transitioned smoothly into people’s daily routines.
Popularity fuels an increase in fear over security
As with many innovative products, some consumers have reservations over the technology. MasterCard also discovered that half of respondents worry that the technology could open them up to hackers. The data breaches and hacks that we see in the news on a daily basis illustrate the risks and consequences of a cyber-criminal accessing your personal information, so it comes as no surprise that some consumers are nervous. As Apple Pay increases in popularity among consumers, it will also be grabbing potential attackers’ attention.
Consequently, the need for Apple to find a balance between the user experience and ensuring that security is present right from the beginning has never been more important. This is especially true when we see that four in ten UK consumers look to peers to confirm whether mobile contactless payments are safe to use before using it themselves. Therefore, addressing these security concerns has been a number one priority for Apple in its mobile payments solution, to ensure a widespread adoption among its customers.
Tokenisation at the heart
It is encouraging to see that Apple has put tokenisation at the top its security agenda. Apple ensures that only temporary ‘tokens’ are stored on a phone, and these tokens are rendered useless for hackers when they are stolen as they are only used in transactions to represent a user’s account. These same tokens can be easily deleted without impacting a user’s bank account or credit card. Tokenisation not only protects the user, it also protects the back end infrastructure that communicates with the phone to set up payment accounts and approve transactions. This protection is beneficial when helping issuers with payment channel separation. Such security measures not only protect the user but the merchant in the event of a data breach. Furthermore, Apple Pay has supplemented tokenisation with Touch ID biometric technology that is available on the iPhone. As a finger print is unique, it adds an additional layer of security, making it all the more challenging for a hacker.
Security will play an integral role in the widespread adoption of mobile payments, reassuring consumers that their valuable data will be kept safe. Yet security always has the potential to cause friction, detracting from the user experience but by establishing a balance between the two, Apple can become a pioneer in the mobile payments arena. The launch of Apple Pay in the UK has demonstrated that with people interested in the technology, there is the opportunity for mobile payments to reach tipping point, with increasingly more people reaching for their mobile at the till. Watch this space.[su_box title=”Ian Hermon, Mobile Payments Specialist at Thales e-Security” style=”noise” box_color=”#336588″]
Thales e-Security is a leading global provider of data protection solutions with more than 40 years experience securing the world’s most sensitive information. Our customers—businesses, governments, and technology vendors with a broad range of challenges—use Thales products and services to improve the security of applications that rely on encryption and digital signatures. By protecting the confidentiality, integrity, and availability of sensitive information that flows through today’s traditional, virtualized, and cloud-based infrastructures, Thales is helping organizations reduce risk, demonstrate compliance, enhance agility, and pursue strategic goals with greater confidence.[/su_box]
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.