Apple Pay: Global Expansion Planned

Card Industry Sees International Push for NFC-Based System
Apple Pay: Global Expansion Planned

Apple has global expansion plans for its forthcoming Apple Pay service.

See Also: The Vulnerability Epidemic in Financial Services Mobile Apps

The new payments system - built into the forthcoming iPhone 6, iPhone 6 Plus and Apple Watch - uses near-field communications to enable users to make contactless payments with their Apple device at NFC-compatible point-of-sale terminals.

When Apple Pay launches in October, the service will only be compatible with U.S. stores and services. But Apple CEO Tim Cook has said the company is eyeing global expansion.

Steve Perry, chief digital officer at Visa Europe, confirms those global expansion plans are already under way. "We are working closely with Apple and with our member banks to bring this new service to market in Europe," he says in a statement, noting that about 1.5 million payment terminals in Europe are already NFC-compatible.

Payment card processor MasterCard says it would likewise support any global expansion of Apple Pay. "We can only talk about what Apple has talked about publicly," Mung Ki Woo, executive vice president of digital platforms at MasterCard, tells Information Security Media Group. "What Apple has said is that they're working on an international expansion of their service, and of course, as part of that, we will be supporting them. However, they haven't provided any more detail on where this expansion will take place, and when this will take place."

MasterCard is backing not just global Apple Pay adoption, but more widespread use of NFC and contactless payment cards. Already, there are 2.5 million merchants now accepting contactless payments in 66 countries. In Europe, meanwhile, MasterCard says it saw the number of contactless transactions made using its cards triple in 2013, and the volume spent via those transactions increased four-fold.

MasterCard this week also announced a 2020 deadline for all merchants that accept its cards - including its Maestro brand - to replace all of their POS terminals with NFC-compatible ones. Beginning in 2016, furthermore, it will require all new POS terminals to be NFC-compatible.

Apple Pay: U.S. Debut

When Apple Pay launches in October, Apple says the service will work at 220,000 U.S. locations with NFC-compatible POS terminals. Retailers that have so far signed up to work with Apple Pay include Disney, Macy's, McDonald's and Staples, among many others. Meanwhile, Target will add the technology to its iOS app, and Starbucks says it can be used to pay via its existing app.

Apple has also secured backing from Visa, MasterCard and American Express - Discover is also in negotiations to sign on - as well as the country's four largest banks, among others.

To make Apple Pay play globally, Apple will need to recruit international business partners and overseas banks. But from a technology standpoint, many countries already have the requisite payment-card technology in place. "It remains to be seen if the company plans to launch such a service in India," says Akhilesh Tuteja, partner at KPMG in India. "[But] the Indian e-payment regulations are quite sophisticated and committed to embracing electronic payments," meaning that it would be technically feasible, and likely also quite secure.

In China, meanwhile, China UnionPay, which both issues cards and operates China's interbank network, has already agreed to support Apple Pay, reports Caixin Media.

Catalyst for Growth?

Of course, NFC-compatible smart phones are already available, and Apple Pay was preceded by the introduction of the NFC-based Google Wallet in 2011. But market watchers say the introduction of the iPhone 6 range - and Apple Pay - could spark much higher worldwide use of contactless payments. "When 60 to 80 million new NFC phones enter the market, that will stimulate NFC acceptance and new NFC applications, to interest consumers and accelerate adoption," says NFC expert Randy Vanderhoof, executive director at the Smart Card Alliance.

Research released in February 2014 by IHS Technology suggested shipments of mobile phones that include NFC capabilities will increase four-fold from 2013 to 2018. Just 18 percent of the 1.5 billion mobile phones shipped in 2013 included NFC - and 93 percent of those were Android devices. But by 2018, IHS Technology predicts NFC it will be built into two-thirds of all mobile phones.

Will Hackers Target Apple Pay?

Perhaps it's fitting that Apple Pay will launch first in the United States - which is the epicenter of payment card fraud - because the nation lacks certain card safety features, such as EMV. "This ... has the potential to change the payment landscape, at least in the U.S. where merchants are being breached every other day and are up to their eyeballs in security issues and expenses," says Gartner analyst Avivah Litan in a blog post.

Of course, the security underpinning Apple Pay has yet to be tested in real-world conditions involving millions of users. Furthermore, the payment service could become a target for cybercriminals.

"Definitely, attackers will go after Apple's infrastructure itself," K. K. Mookhey, director of Indian information security company Network Intelligence, tells Information Security Media Group. "NFC security issues were highlighted back in 2013 at the Black Hat conference, which only goes to show that no technology is impervious to dedicated attackers. The good part is that Apple's iTunes app ecosystem has proven to be far more secure than Google's Play store and other Android app stores. So the introduction of a malicious app on non-jailbroken iPhones is still a very remote possibility."

Principal Correspondent Varun Haran contributed to this story.


About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.




Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.