Tech —

Why Apple Pay could succeed where others have had underwhelming results

Not because Apple is a huge and influential company, but because the timing is right.

"Apple Pay beta"
"Apple Pay beta"

A couple of months ago I was visiting New York City and had to catch an early flight out of La Guardia. At 4:30am I hailed a taxi on Houston Street, and the driver and I sped to the airport over dark, empty streets.

On the way, I found a Samsung Note 3 in my bag that Review Editor Ron Amadeo had sent me a few weeks before. The thing had a Near-Field Communications (NFC) chip in it, and I had set up my Google Wallet account on it earlier. I also noticed that the taxi I was in had a tap-to-pay terminal displayed in the backseat. I am a consummate morning person, and a rush of new-day adrenaline told me that it was time to make my first Google Wallet purchase in three years—my last one occurring in 2011 when I reviewed the service at its debut for PCWorld.

As we pulled up to the curb, the driver continued to ignore me as I got out my phone. I touched the Note 3 to the terminal. The phone vibrated, but nothing happened. At this point, the driver turned around. I gave an embarrassed laugh and he said a few polite words, but he had no idea how to help me. “Nobody ever uses their phone to pay,” he said. I tried again. Nothing. But the driver was curious now, and maybe because it was so early in the morning and he had nothing else going on, he got out of the taxi and came around to my side.

“Maybe you should select Debit from the screen first,” he suggested. I selected debit and re-tried the phone. Nothing. But there appeared a screen that asked me to select a tip amount. I chose 20 percent and held the phone back up to the NFC reader. It vibrated, and, finally, on the phone’s screen I got a notice of success. Success!

The contactless payment terminal in New York City cabs are brought to you by Verifone.
The contactless payment terminal in New York City cabs are brought to you by Verifone.

Although the problem was relatively easily solved, the interaction was far from the intuitive experience that tap-and-pay functions are supposed to be, and it illustrates well the reason that contactless payments have languished over not just the last three years, but since MasterCard began experimenting with NFC chips on its credit cards throughout its PayPass program in 2003.

Still, on Tuesday in Cupertino, Apple introduced its new Apple Pay platform, which will support NFC-based payments from the iPhone 6 and 6 Plus, as well as the Apple Watch. The experience that Apple is promising will likely be identical, from an average user's perspective, to what Google Wallet has long provided: take out your phone, tap, (sometimes tap again, and again) and pay. Both services ask users to authenticate each transaction as well, with Apple incorporating its Touch ID fingerprint sensor and Google Wallet relying on a 4-digit PIN.

Of course, Apple Pay is still largely an unknown, and we won't be able to test it out until Apple makes the service available in October. Depending on how the platform is designed on Apple's end, the experience might be more fluid than what you get using Google Wallet or its competitor, the wireless carrier-backed Softcard formerly known as Isis Wallet (a brand change that came none-too-soon as followers of current events can imagine). But just like Google and Softcard, Apple can't control the whole user experience: NFC is not always about how your phone works, it's about how the terminal you're tapping your phone against works, too.

Still, one thing that seems likely is that Apple Pay has a better chance than Google Wallet or Softcard did of getting a critical number of American consumers tapping-to-pay, not necessarily because of Apple's market share and influence stateside, although those things will certainly help, especially as older iPhone models that don't support NFC get replaced. Instead, Apple Pay will succeed where others have seen only tepid results because of timing (that key element in both comedy and product launches). At this point, Apple gets to take advantage of all the inroads that Google and MasterCard have already cut in building a contactless payments infrastructure, while at the same time reaping the benefits of a long-planned transition in the US to a new payment standard called EMV, which will happen starting October 2015.

Google scouts the frontier, Apple leads in the wagon trains

When Apple announced its payments platform earlier this week, it proudly proclaimed that it had 220,000 retail stores and restaurants on board to accept Apple Pay. What it didn't note was that a large number of those brick-and-mortar shops have been accepting contactless payments for years. McDonald's, Walgreens, and Staples, to name a few, were launch partners for Google Wallet in 2011, and many of those chains were accepting contactless payments from MasterCard's PayPass before that. Whole Foods, which got a huge shout-out from Apple at its event on Tuesday, told Ars that nothing about its NFC terminals has changed to accommodate Apple Pay specifically. “All checkout lanes in all of our stores do have the NFC pads, and we’re already accepting NFC payments as it seems you’ve already experienced,” a spokesperson told Ars. “These same NFC pads can and will accept Apple Pay transactions the moment Apple turns on the service.”

Apple
Apple has walked into an ecosystem that others have already put work into building, and it will reap benefits from that. Granted, the ecosystem isn't as pervasive as it could be: The Wall Street Journal notes that NFC readers are being used by fewer than 10 percent of merchants, especially as mom-and-pop stores balk at the cost of buying a new terminal that supports NFC if it's not a necessity.

But lucky for Apple, a terminal upgrade will be necessary soon in the US. In late 2015, American merchants will have to buy new terminals that support EMV cards, which are more secure (although definitely not hack-proof) than the magnetic stripe cards that the US currently still uses. By October of next year, merchants who don't upgrade their terminals will be made to bear the responsibility for fraud if they are not equipped with EMV card readers. “Merchants are deploying new POS terminals in order to comply with the requirement to have EMV capability in place by October 2015, and nearly all new terminals have the contactless capability needed to accept mobile payments,” Senior Analyst Thad Peterson of the independent research firm Aite Group told Ars via e-mail. “So, we will very quickly have a critical mass of devices and a critical mass of terminals that are capable of making and accepting mobile payments.” (Peterson added, “The time has come.")

Also, next year's transition to EMV, which is already a widely supported standard in Europe, Canada, and many other countries, might very well push American consumers to use their phones to pay in increasing numbers, whether that phone is an iPhone 6 or a Samsung Galaxy Note 4. This is because many credit cards based on the new standard will require that the embedded chip be present in the terminal as it reads the necessary information, meaning credit card transactions could take a second or two longer than a quick swipe of a magnetic stripe card. That extra second or two added onto a transaction might be enough to get consumers to feel like using a phone is faster.

In Europe, where EMV cards have been the norm for over a decade, we see just such a transition as contactless payment options become available. According to ZDNet, “UK payment processing firm Worldpay said that June 2014 marked a new record for contactless payments, reaching £71.6m for the month. Its data also shows that contactless payment volumes in the UK more than doubled from four million in July 2013 to 10.9 million in July 2014.” On Wednesday, one day after Apple announced Apple Pay (for US residents only at this time), MasterCard also announced that all of its POS terminals in Europe will have to be contactless-compliant by 2020.

To those who say Apple Pay and Google Wallet are solutions without a problem: EMV is the “problem,” but that problem won't show up for another year or so.

Still, Dick Mitchell, a director at tech deployment firm Randstad Technologies, says that although he thinks contactless payments will become much more common in the future, they won't displace the credit card. "I would not bet against Apple in anything that has to do with consumer electronics," he told Ars over the phone on Friday. "But I see [contactless payments] as a complimentary technology, not a replacement technology. There are 800 million debit and credit cards that are in play in the US that are going to end up being replaced [during the transition to EMV], and I don't see the penetration of the new iPhones or the Apple Watch being able to drive the demand" to make contactless payments ubiquitous.

Fear factor

Another reason that some experts have put forward as to why NFC has sputtered so far is that users are nervous about keeping their card information on their phones. After all, a credit card is a physical thing that people know how to keep safe and know how to fix if they fail to keep it safe. But news of phone hacks appear regularly, and best practices for keeping yourself safe from fraud on a phone are far from common knowledge still.

Apple addressed these concerns a bit in its presentation this week, and MasterCard, one of Apple's partners in launching its platform, has said that Apple Pay uses the contactless specification of the EMV standard to provide "industry-standard EMV-level security” where card numbers “are protected using standards-based payment tokens." Among Apple Pay's competitors, the lesser-used SoftCard also uses the EMV standard, and Google Wallet uses a similar concept to create “one-time-use card credentials” according to a Google spokesperson. (David Auerbach at Slate points out that Google can see the users' transactions, however, whereas Apple will not.)

As Julie Conroy, a colleague of Peterson's at the Aite Group, explains, Apple Pay “leverages the same type of chip technology that EMV relies upon, which introduces dynamic data into every transaction, making it virtually impossible to create counterfeit cards in the wake of a data breach. The addition of tokenization to the solution is also very powerful—tokenization renders the underlying data useless in the event of a breach—even if criminals are able to hack their way in, the data that they steal will not be in a useable form.”

Still, Hector Hoyos, CEO of Hoyos Labs, says that's not nearly enough to ensure that Apple Pay will be secure. “We will know in the next thirty days whether [Apple Pay] will stand up to hack attacks or not. The Achilles heel is NFC,” Hoyos said, noting that there isn't a single NFC system he knows of that hasn't been hacked. “Apple has the right intention in mind, but it's too early to know whether it will survive hack attacks or not. The fact that they use NFC is indicative to me that it's not [strong enough]. NFC is the weakest link in their chain.”

When do we see the new normal?

Still, as decades of sign-and-swipe magnetic stripe card use has proven, convenience rather than security is one of the most important factors in getting consumers to adopt a new payment technology. And as the very gradual worldwide roll-out of EMV cards and card readers has proven, mitigating fraud costs is one of the most important factors in getting merchants and banks to adopt a new technology. Whether Apple Pay is secure or not may be irrelevant unless a massive and well-publicized breach occurs.

For now, though, it seems that banks are taking major bets on mobile wallets, Apple Pay specifically, as The New York Times reported this week:

The immediate cost of Apple Pay is expected to be assumed by the banks, which are offering Apple a lower rate than they normally accept from credit card transactions, according to people briefed on the agreements. The banks, which take the biggest chunk of credit card transaction fees, are hopeful that they will make up for the lower rates by processing new types of transactions that are currently being done with cash or other payment methods.

The big credit card networks will not have to pay any costs for working with Apple. But some analysts warned this week that Apple Pay could, in the long run, push down the rates that both credit card networks and banks can charge merchants. Credit card fees are largely used to cover the costs of fraud, which are expected to go down with Apple’s fingerprint signature.

Banks are apparently hoping to make money off Apple Pay not because the mobile wallet will replace physical credit cards, as Apple tried to suggest in the absurd little video it showed on Tuesday illustrating the difficulties of paying for a box of Tic-Tacs with a credit card. Instead The New York Times sources suggest that banks think they'll make money because Apple Pay is more convenient than cash or other forms of payment. Apple Pay might even appeal to some Bitcoin users, bringing that small subsection of bank-less currency adherents into the banks' folds.

David Ripley, co-founder and CEO of Bitcoin wallet Gildera, doesn't think Apple Pay will have that much of an influence on Bitcoin users, but he told Ars that the interaction could go the other way—with Apple teaching non-technologically savvy people how to use a virtual wallet. That could be good for Bitcoin, he argues. “Previously, paying with your phone could be sort of an obstacle for Bitcoin,” Ripley said. “For the most part if you pay with Bitcoin in a physical transaction, you have to pay with your phone... What Apple Pay is going to do is it's going to get some people more accustomed to using their phone. We don't think it's going to be a whole lot [of people] because the benefit isn't there, but for those [few] people, that obstacle isn't a new thing, it's 'this is how I pay for things.'”

Although Apple Pay is unproven, it has the potential to change the dynamics of payment. And though Google Wallet has hardly been a failure, Apple is set to ride its coattails to greater glory. Especially because, in my own experience, it seems that a lot of people want to pay with their phones, not because it's more secure, or easier, or cheaper, but because it's kind of fun. On a separate New York trip I had the same phone from Ron with me, and I went into a Duane Reade to buy some Hostess Cupcakes. When I paid with my phone, the transaction took half a second, there were no odd vibrations, and everything happened just as promised. And the cashier was so excited. “Is that the Galaxy S III?” he asked. “I have the S II, and it looks like the screen is a little bigger.”

I told him it was a Note 3, and we laughed and compared phone screens. I ate the Hostess Cupcakes later that day. They were delicious, and they tasted like the future.

Channel Ars Technica