Chevron icon It indicates an expandable section or menu, or sometimes previous / next navigation options. HOMEPAGE

Payments security is undergoing a revolution and Apple Pay is leading the way

There's a massive card fraud problem in the US, and EMV isn't going to solve it. Instead a number of new security protocols are being implemented for in-store and online payments to try to mitigate card data theft. Each of these protocols has strengths and weaknesses, but one of the newest security protocols — from Apple Pay — has security measures above and beyond the rest.

BII_Apple Pay Transaction
How an Apple Pay transaction works BI Intelligence

In two new reports from BI Intelligence, we look at the five new payments security protocols and the strengths and weaknesses of each, and then take a deep dive into the security behind Apple Pay, which we believe could fundamentally limit card fraud as it is conducted now.

 

Here are some of the key takeaways:

  • Apple Pay combines a number of existing security technologies to solve the major problems in payments security: Apple didn't invent an entirely new payments security standard. Instead it found a solution to weaknesses in payment security and applied it in a way that does not require existing payments players to upend their systems and processes.
    • Data protection: Apple Pay uses both encryption and tokenization to protect data and reduce sensitive data transmission down to one instance. 
    • Device authentication: Each Apple Pay transaction has a unique value that ensures that the transaction is coming from an authorized device. 
    • User authentication: Apple requires the user's bank to have an additional user authentication system in order to further authenticate suspicious card registrations. In addition, Apple Pay requires fingerprint authentication through Touch ID in order to make fraudulent transactions from a stolen phone extremely difficult. 
  • Point-to-point encryption is the most tightly defined form of payments encryption. In this scheme, sensitive payment data is encrypted from the point of capture at the payments terminal all the way through to the gateway or acquirer. This makes it much more difficult for fraudsters to harvest usable data from transactions in stores and online. 
  • Tokenization increases the security of transactions made online and in stores. Tokenization schemes assign a random value to payment data, making it effectively impossible for hackers to access the sensitive data from the token itself. Tokens are often "multiuse," meaning merchants don't have to force consumers to re-enter their payment details. Apple Pay uses an emerging form of tokenization. 
  • 3D Secure is an imperfect answer to user authentication online. One difficulty in fighting online fraud is that it is hard to tell whether the person using card data is actually the cardholder. 3D Secure adds a level of user authentication by requiring the customer to enter a passcode or biometric data in addition to payment data to complete a transaction online. Merchants who implement 3D Secure risk higher shopping-cart abandonment.

 

Interested in getting the full report? Here are two ways to access it:

  1. Subscribe to an All-Access pass to BI Intelligence and gain immediate access to this report and over 100 other expertly researched reports. As an added bonus, you'll also gain access to all future reports and daily newsletters to ensure you stay ahead of the curve and benefit personally and professionally.» Learn More Now
  2. Purchase & download the full report from our research store.» Purchase & Download Now

 


 

BI Intelligence Devices
EMARKETER

PS. Did you know...

Our BI Intelligence INSIDER Newsletters are currently read by thousands of business professionals first thing every morning. Fortune 1000 companies, startups, digital agencies, investment firms, and media conglomerates rely on these newsletters to keep atop the key trends shaping their digital landscape — whether it is mobile, digital media, e-commerce, payments, or the Internet of Things.

Our subscribers consider the INSIDER Newsletters a "daily must-read industry snapshot" and "the edge needed to succeed personally and professionally" — just to pick a few highlights from our recent customer survey.

With our full money-back guarantee, we make it easy to find out for yourself how valuable the daily insights are for your business and career. Click this link to learn all about the INSIDER Newsletters today.

 

Apple Fraud Visa
Advertisement
Close icon Two crossed lines that form an 'X'. It indicates a way to close an interaction, or dismiss a notification.

Jump to

  1. Main content
  2. Search
  3. Account