The big news of the day might be that Apple has launched Apple Pay. That’s the ability to pay with just a touch of your phone. Essentially, you connect a bank card or account to your phone, go to a merchant, tap your phone and viola! Payment made! It’s called NFC (for Near Field Communication) meaning you have to be really close for anything to communicate with it. Not WiFi close, not Bluetooth close, even closer… Like invade my ‘personal space’ close.
The big question you should have is…
IS THIS SAFE?
Here’s the Good, The Bad and the Ugly on Apple’s new Apple Pay.
First of all, nothing is ever really safe. Nothing. Sorry.
We have a false sense of trust when it comes to things like this. Everyone is going to be different in what they feel comfortable with. Some will never use a credit card online. Others don’t even want to use them in person at a grocery store – and with the recent news of skimmers or accounts being hacked (Target, Home Depot, etc) that card they hold in their hand isn’t even safe.
For that reason, we’re all getting new cards soon, ones with EMV chips embedded in them.
Square does a great job explaining why a smart card is better…
It’s nothing new. I’ve been carrying around a Google Wallet card with a chip in it for a while.
When it comes to Apple Pay, your account information isn’t stored on your phone at all. To top that, Visa has also rolled out a token system.
The technology generates a specific digital account number that’s associated with your card. That means Apple Pay would never actually passes your 16-digit credit card number through to a merchant when you’re making a purchase with a Visa card. Rather, the digital account number is passed through to the merchant and then to Visa to charge your credit card.
Read more: http://www.businessinsider.com/
That system works by using a complicated algorithm to generate a unique number each time.
I found a great video explaining how that happens here:
It’s that simple, except with a whole bunch more math. It’s this hashing that creates the unique number.
Apple’s system works with the Apple 6. That means you could have a pin protecting your phone (and you should) plus you’ll also have biometrics enabling the pay. That’s your thumbprint on the go button. That’s good too!
Of course this stuff is nothing new. Google created it’s Google Wallet a few years ago. Some Android phones have been doing NFC for years. But with the new Apple Pay, their might be a little more momentum behind this now.
PINs are always safer than no PIN but the truth is that I could stand behind you at the store and learn your PIN pretty easily. As for that thumbprint – it can be hacked. No really. It can be faked with a little effort.
There’s something else you should know before you jump headlong into the world of NFC payments.
As new and safe as this new technology is, hackers will still go after this. If it’s popular – they’ll seek to infiltrate it. Anything is only as safe as the weakest link and that’s exactly what a hacker looks for. That weakest link might just be the NFC reader at the register.
NFC skimmers could snatch the unique Apple Pay codes. And because the system will be so widespread, you can bet a lot of hackers will by trying out different methods. “An NFC skimmer is as real as a classic ATM one,” Bestuzhev told me. “In the end it’s about traffic interception which was done for other standards/protocols too.”
In the end, you’ll still need your wallet with all it’s cards, but if you choose to do so you’ll be able to pay with your phone.
Just be careful out there.