Touch ID Will Allow PayPal And Others To Compete With Apple's Own Mobile Payments

Jun 7 2014, 10:08am CDT | by

News percolates out of Apple's Worldwide Developers Conference (WWDC) in stages. First there is the keynote where Apple shines a light on specific features it wants to highlight. Then comes a week of sessions and labs where Apple engineers share concepts and techniques behind the new features in iOS and OS X with developers. Simultaneous with the action at WWDC itself is the scrutiny that developers worldwide apply to the beta versions of the code for the new OS’s that Apple releases after the keynote. null .

I emphasize “actual information” because so much of what is written about future Apple products is based on vague rumblings from the “supply chain,” an amorphous entity with its own agenda—primarily generating web traffic. So WWDC is especially refreshing for those of us who cover Apple and try to sift out the signal from the noise in all those rumors. Apple will release an unprecedented 4,000+ new APIs to developers with the release of iOS 8 and within those are the making of actual news.

One important move that was mentioned in the keynote but explored more fully in a dedicated session on Wednesday is the opening of Touch ID to third-party developers. In typical Apple fashion, Touch ID was rolled out in iOS 7 within its own walled garden. Users have been able to unlock their phones and authenticate purchases and downloads from Apple’s own stores, but that has been it. With iOS 8, this will all change.

There are many ways that third-party developers will now be able to use Touch ID in their apps. One example demonstrated in the session on Keychain and Authentication with Touch ID is when an app requires access to your photos it will now be able to place that permission behind a Touch ID authentication. These kind of steps can be used by developers to increases user confidence in the security of an app without slowing the user down with cumbersome password typing. null . Keith Griffith of Business Insider reported on Thursday that developers from PayPal had been present at the session on Wednesday. A source at PayPal told him, ”It seems to be a fairly easy API to use, but we’re still kicking the tires.” Griffith confirmed with Anuj Nayar, PayPal’s senior director of global initiatives, that its developers had indeed been at the session.

This fact does not in itself mean that PayPal will launch a Touch ID powered app for iOS 8, but why wouldn’t they? It has already tested the waters with a FIDO standard app for the Samsung Galaxy S5. This raises two intriguing implications. First, would Apple open up Touch ID to potential competitors if it didn’t already have its own mobile payment system ready for release with iOS 8? I don’t think so! Second, does PayPal’s interest in Touch ID raise the possibility that Apple will join the FIDO Alliance itself, thereby unifying the fractious world of mobile payments? Not a slam dunk, but I would give it a better than 50% chance.

Nothing is likely to be announced until the iPhone 6 reveal in September, but I would predict that we will see Apple announce its own Touch ID and Keychain enabled mobile payment system. And I think it will announce some high-profile mobile payment providers that will also be releasing their own iOS apps using Touch ID authentication, including PayPal and possibly a few other marquee names like Amazon, Authorize.Net, BrainTree, Citibank, Digital River, HSBC, Square, Stripe and VeriFone. And how about Alibaba’s Alipay for the Chinese market, for good measure? Google Wallet may be conspicuously absent to start, but is likely to eventually join the party as it has with all of its other apps.

One point that was not addressed in the session is whether websites accessed through the new version of mobile Safari that will be released with iOS 8 will be able to be configured to use Touch ID authentication as well. If I had to guess, I would say no, at first. But as with many other features, Apple wants the native app experience to be superior to the web app experience—but it wants to create the the best mobile web experience for its users too. The combination of giving iOS apps priority and the desire to limit security risks makes me think that Touch ID for web apps on Safari might push back to iOS 9.

Apple’s opening of Touch ID to third party developers is a bit surprising. It could have just as easily opened it to its own mobile payment system first and then invited other companies in. That it is going the more open route suggests a few things:

  1. Touch ID adoption among users has been good
  2. Security threats to Touch ID have been minimal
  3. The growth of the FIDO Alliance makes Apple want to be a leader among many as opposed to a sole provider
  4. Apple is getting ready to launch its own mobile payment system

In my own experience, software updates have improved the performance of Touch ID over time. I am part of a minority whose fingerprints are not Touch ID-friendly, for whatever reason. (I have written extensively about the frustration of this minority, but admittedly most people’s experience is pretty good.) And despite the fairly immediate faux-fingerprint hack of Touch ID, no reports of such an actual exploit in the wild have been reported.

In my own conversations with Phillip Dunkelberger, President and CEO of Nok Nok Labs (one of the founders of the FIDO Alliance), he explained to me that, “Apple could easily join at any time if it decides that the open approach is more beneficial to its long-term interests. Authentec, the fingerprint sensor company that Apple bought to power Touch ID, was involved in the early FIDO discussions and its solutions are apparently in no way incompatible with these new standards.”

Apple CEO Tim Cook had tipped the possibility that the company would expand the mobile payments market through Touch ID at the company’s quarterly earnings call in January. Afterwards, Sebastien Taveau, a founding board member of the FIDO Alliance, told security blog SCMagazine  that “the Touch ID architecture aligns well with FIDO Alliance views.” He goes on to say that, “Locally stored credentials on the device to be used to ‘release’ a secondary step shared between the device and the cloud is a high level of security resting on user presence, device integrity and trusted connectivity between an account holder and a service provider.” The fact that the fingerprint is stored locally, in the Secure Enclave on the A7 chip, is the key to its robustness. “The assumption that only the Touch ID will be part of the transaction-confirmation process is probably incorrect,” Taveau contends. “Based on the technology around the latest iPhone and other Android-based devices, multi-sensors are used and provide a dual process: active authentication and passive signature. Multi-factors combining user and device signatures is the key to success.”

Taveau’s suggestion that Apple may have other sensors at play in its authentication stack is an intriguing possibility. What if Apple releases Touch ID to third parties, but retains an additional authentication method to differentiate its transactions as even more secure? Ostensibly such sensors would be built in to the iPhone 6 but not the 5S or 5C, giving the new phone an additional edge over its immediate predecessor even if the hardware of the Touch ID remained the same. This would, I think, be a very Apple thing to do! Whatever the case, I would look for multiple mobile payment options in the iPhone’s immediate future.

– – – – – – – – – – – – – – – – – – – –

To keep up with Quantum of Content, please subscribe to my updates on Facebook, follow me on Twitter  or add me on Google+.

 
 

Don't miss ...

 

<a href="/latest_stories/all/all/30" rel="author">Forbes</a>
Forbes is among the most trusted resources for the world's business and investment leaders, providing them the uncompromising commentary, concise analysis, relevant tools and real-time reporting they need to succeed at work, profit from investing and have fun with the rewards of winning.

 

blog comments powered by Disqus

Latest stories

2014 Mac Mini Achieves Low Upgradability Score from iFixit
2014 Mac Mini Achieves Low Upgradability Score from iFixit
The new Mac Mini scores only 6 out of 10 points with respect to upgradability
 
 
Apple Pay being Released with iOS 8.1
Apple Pay being Released with iOS 8.1
The service of Apple Pay has been launched with the introduction of the iOS upgrade
 
 
Apple On Track To Sell 62 Million iPhones
Apple On Track To Sell 62 Million iPhones
Analysts say that growth will set new records this quarter
 
 
Apple’s Earnings Coming From In-App Purchases
Apple’s Earnings Coming From In-App Purchases
Apple believes the majority of Apple Pay income will come from Apps
 
 
 

Latest from the Network

Keira Knightley was 'a goody two-shoes'
Keira Knightley was ''a goody two-shoes'' when she was younger. The 29-year-old actress claims she was a ''boring'' well-behaved child and never skipped school because she didn't want to upset her parents or teachers....
Read more on Celebrity Balla
 
Kat Dennings is in love with Kim Kardashian
Kat Dennings thinks Kim Kardashian's butt is ''amazing.'' The '2 Broke Girls' actress was ''very nervous'' when the 'Keeping Up with the Kardashians' star filmed a cameo for the show's 80th episode and was too shy to...
Read more on Celebrity Balla
 
Taylor Swift doesn't 'need some guy' for inspiration
Taylor Swift is ''figuring out how to cope'' with life on her own. The 'Shake It Off' hitmaker hopes her upcoming album, '1989,' will prove she doesn't ''need some guy'' to help her ''make a great record'' or to feel...
Read more on Celebrity Balla
 
Sarah Hyland is 'great'
Sarah Hyland says she is ''great'' after obtaining a restraining order against her ex-boyfriend. The 'Modern Family' star is happy to be focusing on her career again after a judge recently granted her a three-year...
Read more on Celebrity Balla
 
India re-elected to UNHRC for two years
United Nations, Oct 21 (IANS) India was Tuesday re-elected to the United Nations Human Rights Council (UNHRC) for the term 2015-2017 in a keenly contested election in the UN General Assembly in New York. Other...
Read more on Politics Balla
 
Spanish nurse cured of Ebola
Madrid, Oct 21 (Xinhua) Spanish nursing auxiliary Teresa Romero was pronounced cured of the Ebola virus disease according to World Health Organisation (WHO) guidelines after the results of a second test confirmed...
Read more on Business Balla
 
Gurdwara closed in Belgium
Brussels, Oct 21 (IANS) The mayor of the town of Vilvoorde in Belgium, Hans Bonte, has ordered the closure of the local gurdwara, Guru Nanak Sahib, for one month. Belgian media Tuesday charged that the Sikh temple "...
Read more on Politics Balla
 
Air strikes kill 28 militants in Pakistan
Islamabad, Oct 21 (IANS) At least 28 militants were killed when the Pakistani army launched an air strike in the country's northwest tribal town of Datta Khel Tuesday, military said. In a statement, Inter Services...
Read more on Politics Balla
 
Report reveals large-scale torture in China's 'Black Jails'
Beijing, Oct 21 (IANS/EFE) The use of hotels and factories as clandestine prisons where thousands of people -- mostly women -- are tortured to prevent their complaints against the government from coming to light has...
Read more on Politics Balla
 
Clinical trials of Ebola vaccine start Nov 1 in Switzerland
Geneva, Oct 21 (IANS/EFE) The World Health Organisation (WHO) announced Tuesday that it will begin clinical trials Nov 1 in Switzerland of one of the two anti-Ebola vaccines currently under development. WHO Assistant...
Read more on Business Balla