Touch ID Will Allow PayPal And Others To Compete With Apple's Own Mobile Payments

Jun 7 2014, 10:08am CDT | by

News percolates out of Apple's Worldwide Developers Conference (WWDC) in stages. First there is the keynote where Apple shines a light on specific features it wants to highlight. Then comes a week of sessions and labs where Apple engineers share concepts and techniques behind the new features in iOS and OS X with developers. Simultaneous with the action at WWDC itself is the scrutiny that developers worldwide apply to the beta versions of the code for the new OS’s that Apple releases after the keynote. null .

I emphasize “actual information” because so much of what is written about future Apple products is based on vague rumblings from the “supply chain,” an amorphous entity with its own agenda—primarily generating web traffic. So WWDC is especially refreshing for those of us who cover Apple and try to sift out the signal from the noise in all those rumors. Apple will release an unprecedented 4,000+ new APIs to developers with the release of iOS 8 and within those are the making of actual news.

One important move that was mentioned in the keynote but explored more fully in a dedicated session on Wednesday is the opening of Touch ID to third-party developers. In typical Apple fashion, Touch ID was rolled out in iOS 7 within its own walled garden. Users have been able to unlock their phones and authenticate purchases and downloads from Apple’s own stores, but that has been it. With iOS 8, this will all change.

There are many ways that third-party developers will now be able to use Touch ID in their apps. One example demonstrated in the session on Keychain and Authentication with Touch ID is when an app requires access to your photos it will now be able to place that permission behind a Touch ID authentication. These kind of steps can be used by developers to increases user confidence in the security of an app without slowing the user down with cumbersome password typing. null . Keith Griffith of Business Insider reported on Thursday that developers from PayPal had been present at the session on Wednesday. A source at PayPal told him, ”It seems to be a fairly easy API to use, but we’re still kicking the tires.” Griffith confirmed with Anuj Nayar, PayPal’s senior director of global initiatives, that its developers had indeed been at the session.

This fact does not in itself mean that PayPal will launch a Touch ID powered app for iOS 8, but why wouldn’t they? It has already tested the waters with a FIDO standard app for the Samsung Galaxy S5. This raises two intriguing implications. First, would Apple open up Touch ID to potential competitors if it didn’t already have its own mobile payment system ready for release with iOS 8? I don’t think so! Second, does PayPal’s interest in Touch ID raise the possibility that Apple will join the FIDO Alliance itself, thereby unifying the fractious world of mobile payments? Not a slam dunk, but I would give it a better than 50% chance.

Nothing is likely to be announced until the iPhone 6 reveal in September, but I would predict that we will see Apple announce its own Touch ID and Keychain enabled mobile payment system. And I think it will announce some high-profile mobile payment providers that will also be releasing their own iOS apps using Touch ID authentication, including PayPal and possibly a few other marquee names like Amazon, Authorize.Net, BrainTree, Citibank, Digital River, HSBC, Square, Stripe and VeriFone. And how about Alibaba’s Alipay for the Chinese market, for good measure? Google Wallet may be conspicuously absent to start, but is likely to eventually join the party as it has with all of its other apps.

One point that was not addressed in the session is whether websites accessed through the new version of mobile Safari that will be released with iOS 8 will be able to be configured to use Touch ID authentication as well. If I had to guess, I would say no, at first. But as with many other features, Apple wants the native app experience to be superior to the web app experience—but it wants to create the the best mobile web experience for its users too. The combination of giving iOS apps priority and the desire to limit security risks makes me think that Touch ID for web apps on Safari might push back to iOS 9.

Apple’s opening of Touch ID to third party developers is a bit surprising. It could have just as easily opened it to its own mobile payment system first and then invited other companies in. That it is going the more open route suggests a few things:

  1. Touch ID adoption among users has been good
  2. Security threats to Touch ID have been minimal
  3. The growth of the FIDO Alliance makes Apple want to be a leader among many as opposed to a sole provider
  4. Apple is getting ready to launch its own mobile payment system

In my own experience, software updates have improved the performance of Touch ID over time. I am part of a minority whose fingerprints are not Touch ID-friendly, for whatever reason. (I have written extensively about the frustration of this minority, but admittedly most people’s experience is pretty good.) And despite the fairly immediate faux-fingerprint hack of Touch ID, no reports of such an actual exploit in the wild have been reported.

In my own conversations with Phillip Dunkelberger, President and CEO of Nok Nok Labs (one of the founders of the FIDO Alliance), he explained to me that, “Apple could easily join at any time if it decides that the open approach is more beneficial to its long-term interests. Authentec, the fingerprint sensor company that Apple bought to power Touch ID, was involved in the early FIDO discussions and its solutions are apparently in no way incompatible with these new standards.”

Apple CEO Tim Cook had tipped the possibility that the company would expand the mobile payments market through Touch ID at the company’s quarterly earnings call in January. Afterwards, Sebastien Taveau, a founding board member of the FIDO Alliance, told security blog SCMagazine  that “the Touch ID architecture aligns well with FIDO Alliance views.” He goes on to say that, “Locally stored credentials on the device to be used to ‘release’ a secondary step shared between the device and the cloud is a high level of security resting on user presence, device integrity and trusted connectivity between an account holder and a service provider.” The fact that the fingerprint is stored locally, in the Secure Enclave on the A7 chip, is the key to its robustness. “The assumption that only the Touch ID will be part of the transaction-confirmation process is probably incorrect,” Taveau contends. “Based on the technology around the latest iPhone and other Android-based devices, multi-sensors are used and provide a dual process: active authentication and passive signature. Multi-factors combining user and device signatures is the key to success.”

Taveau’s suggestion that Apple may have other sensors at play in its authentication stack is an intriguing possibility. What if Apple releases Touch ID to third parties, but retains an additional authentication method to differentiate its transactions as even more secure? Ostensibly such sensors would be built in to the iPhone 6 but not the 5S or 5C, giving the new phone an additional edge over its immediate predecessor even if the hardware of the Touch ID remained the same. This would, I think, be a very Apple thing to do! Whatever the case, I would look for multiple mobile payment options in the iPhone’s immediate future.

– – – – – – – – – – – – – – – – – – – –

To keep up with Quantum of Content, please subscribe to my updates on Facebook, follow me on Twitter  or add me on Google+.

 
 

Don't miss ...

 

<a href="/latest_stories/all/all/30" rel="author">Forbes</a>
Forbes is among the most trusted resources for the world's business and investment leaders, providing them the uncompromising commentary, concise analysis, relevant tools and real-time reporting they need to succeed at work, profit from investing and have fun with the rewards of winning.

 

blog comments powered by Disqus

Latest stories

Know how to eliminate wine spoiling bacteria?
New York, Aug 31 (IANS) Wine makers have reasons to cheer as researchers have discovered a system that prevents "stuck fermentation" - a chronic problem that spoils wine.
 
 
Early Arctic inhabitants lived without sex, says study
London, Aug 31 (IANS) As the scientific community dwells over the possibility that Neanderthals had sex with humans, an Indian-origin researcher has found that the earliest Arctic inhabitants lived in complete sexual isolation from their neighbours for almost 4,000 years.
 
 
For DINK couples, outsourcing parenthood is cool
New York, Aug 31 (IANS) For double-income-no-kid (DINK) couples, raising a child is the most difficult part. For them, creches and day-care centres in the marketplace are no less than playing the role of real parents.
 
 
Ancient metal workers were not treated as slaves
London, Aug 31 (IANS) Ancient metal workers were highly regarded for their skills and were not treated as slaves as popular narratives suggest, says a study.
 
 
 

Latest from the Network

It's splitsville for Stuart MacGill and wife Friend
Sydney, Aug 31 (IANS) Former Australian cricketer Stuart MacGill has ended his 14-year-old marriage with actor Rachel Friend and the couple reportedly have put their four-bedroom Neutral Bay home here up for sale. "We...
Read more on Sport Balla
 
Know how to eliminate wine spoiling bacteria?
New York, Aug 31 (IANS) Wine makers have reasons to cheer as researchers have discovered a system that prevents "stuck fermentation" - a chronic problem that spoils wine. Working with a prion - an abnormally shaped...
Read more on Celebrity Balla
 
US sanctions violate Geneva nuclear deal: Iran
Tehran, Aug 31 (IANS) Iran's Foreign Minister Mohammad Javad Zarif Sunday said the new sanctions imposed by Washington on Tehran in some cases violate the agreement reached last year between the Islamic republic and...
Read more on Politics Balla
 
Google Glass app that reads emotions, also reveals age
New York, Aug 31 (IANS) What if an app can reveal what the person you are in a conversation with is thinking? This Google Glass - a soon to be launched smart eye-wear - app not only does that for you but can also tell...
Read more on Celebrity Balla
 
Clashes continue in Libyan capital
Tripoli, Aug 31 (IANS) Fierce clashes continued Sunday in Libya's capital Tripoli as Islamist fighters launched assaults on local militiamen. Heavy exchange of artillery and rocket-propelled grenades were seen on the...
Read more on Politics Balla
 
After busy day in Kyoto, Modi heads to Tokyo (Roundup)
Kyoto/Tokyo, Aug 31 (IANS) Prime Minister Narendra Modi flew to Tokyo Sunday evening after a busy day in the former Japanese capital Kyoto where he visited two ancient Buddhist temples and sought Japan's help to combat...
Read more on Politics Balla
 
New map to locate missing flight MH370
Sydney, Aug 31 (IANS) The Australian Transport Safety Bureau (ATSB) has unveiled a new map to locate the missing Malaysia Airlines flight MH370, the Sydney Morning Herald reported Sunday. Flight MH370 disappeared...
Read more on Politics Balla
 
Lovato praises Knowles, Lopez for redefining beauty
Los Angeles, Aug 31 (IANS) Singer Demi Lovato applauds fellow musicians like Beyoncé Knowles and Jennifer Lopez for making "realistic and achievable" figure in vogue. The 22-year-old recently posted an image on...
Read more on Celebrity Balla
 
Keira Knightley in music snub
Keira Knightley doesn't listen to music. The 29-year-old actress portrays singer/songwriter Gretta in her latest movie 'Begin Again', but insists she isn't interested in songs at all and was keen to play the character...
Read more on Celebrity Balla
 
Simon Cowell would definitely 'like another child'
Simon Cowell definitely wants another child. The media mogul - whose partner Lauren Silverman gave birth to their first son Eric in February - has confirmed he wants their family to grow, and even said he's ''thought...
Read more on Celebrity Balla