Touch ID Will Allow PayPal And Others To Compete With Apple's Own Mobile Payments

Jun 7 2014, 10:08am CDT | by

News percolates out of Apple's Worldwide Developers Conference (WWDC) in stages. First there is the keynote where Apple shines a light on specific features it wants to highlight. Then comes a week of sessions and labs where Apple engineers share concepts and techniques behind the new features in iOS and OS X with developers. Simultaneous with the action at WWDC itself is the scrutiny that developers worldwide apply to the beta versions of the code for the new OS’s that Apple releases after the keynote. null .

I emphasize “actual information” because so much of what is written about future Apple products is based on vague rumblings from the “supply chain,” an amorphous entity with its own agenda—primarily generating web traffic. So WWDC is especially refreshing for those of us who cover Apple and try to sift out the signal from the noise in all those rumors. Apple will release an unprecedented 4,000+ new APIs to developers with the release of iOS 8 and within those are the making of actual news.

One important move that was mentioned in the keynote but explored more fully in a dedicated session on Wednesday is the opening of Touch ID to third-party developers. In typical Apple fashion, Touch ID was rolled out in iOS 7 within its own walled garden. Users have been able to unlock their phones and authenticate purchases and downloads from Apple’s own stores, but that has been it. With iOS 8, this will all change.

There are many ways that third-party developers will now be able to use Touch ID in their apps. One example demonstrated in the session on Keychain and Authentication with Touch ID is when an app requires access to your photos it will now be able to place that permission behind a Touch ID authentication. These kind of steps can be used by developers to increases user confidence in the security of an app without slowing the user down with cumbersome password typing. null . Keith Griffith of Business Insider reported on Thursday that developers from PayPal had been present at the session on Wednesday. A source at PayPal told him, ”It seems to be a fairly easy API to use, but we’re still kicking the tires.” Griffith confirmed with Anuj Nayar, PayPal’s senior director of global initiatives, that its developers had indeed been at the session.

This fact does not in itself mean that PayPal will launch a Touch ID powered app for iOS 8, but why wouldn’t they? It has already tested the waters with a FIDO standard app for the Samsung Galaxy S5. This raises two intriguing implications. First, would Apple open up Touch ID to potential competitors if it didn’t already have its own mobile payment system ready for release with iOS 8? I don’t think so! Second, does PayPal’s interest in Touch ID raise the possibility that Apple will join the FIDO Alliance itself, thereby unifying the fractious world of mobile payments? Not a slam dunk, but I would give it a better than 50% chance.

Nothing is likely to be announced until the iPhone 6 reveal in September, but I would predict that we will see Apple announce its own Touch ID and Keychain enabled mobile payment system. And I think it will announce some high-profile mobile payment providers that will also be releasing their own iOS apps using Touch ID authentication, including PayPal and possibly a few other marquee names like Amazon, Authorize.Net, BrainTree, Citibank, Digital River, HSBC, Square, Stripe and VeriFone. And how about Alibaba’s Alipay for the Chinese market, for good measure? Google Wallet may be conspicuously absent to start, but is likely to eventually join the party as it has with all of its other apps.

One point that was not addressed in the session is whether websites accessed through the new version of mobile Safari that will be released with iOS 8 will be able to be configured to use Touch ID authentication as well. If I had to guess, I would say no, at first. But as with many other features, Apple wants the native app experience to be superior to the web app experience—but it wants to create the the best mobile web experience for its users too. The combination of giving iOS apps priority and the desire to limit security risks makes me think that Touch ID for web apps on Safari might push back to iOS 9.

Apple’s opening of Touch ID to third party developers is a bit surprising. It could have just as easily opened it to its own mobile payment system first and then invited other companies in. That it is going the more open route suggests a few things:

  1. Touch ID adoption among users has been good
  2. Security threats to Touch ID have been minimal
  3. The growth of the FIDO Alliance makes Apple want to be a leader among many as opposed to a sole provider
  4. Apple is getting ready to launch its own mobile payment system

In my own experience, software updates have improved the performance of Touch ID over time. I am part of a minority whose fingerprints are not Touch ID-friendly, for whatever reason. (I have written extensively about the frustration of this minority, but admittedly most people’s experience is pretty good.) And despite the fairly immediate faux-fingerprint hack of Touch ID, no reports of such an actual exploit in the wild have been reported.

In my own conversations with Phillip Dunkelberger, President and CEO of Nok Nok Labs (one of the founders of the FIDO Alliance), he explained to me that, “Apple could easily join at any time if it decides that the open approach is more beneficial to its long-term interests. Authentec, the fingerprint sensor company that Apple bought to power Touch ID, was involved in the early FIDO discussions and its solutions are apparently in no way incompatible with these new standards.”

Apple CEO Tim Cook had tipped the possibility that the company would expand the mobile payments market through Touch ID at the company’s quarterly earnings call in January. Afterwards, Sebastien Taveau, a founding board member of the FIDO Alliance, told security blog SCMagazine  that “the Touch ID architecture aligns well with FIDO Alliance views.” He goes on to say that, “Locally stored credentials on the device to be used to ‘release’ a secondary step shared between the device and the cloud is a high level of security resting on user presence, device integrity and trusted connectivity between an account holder and a service provider.” The fact that the fingerprint is stored locally, in the Secure Enclave on the A7 chip, is the key to its robustness. “The assumption that only the Touch ID will be part of the transaction-confirmation process is probably incorrect,” Taveau contends. “Based on the technology around the latest iPhone and other Android-based devices, multi-sensors are used and provide a dual process: active authentication and passive signature. Multi-factors combining user and device signatures is the key to success.”

Taveau’s suggestion that Apple may have other sensors at play in its authentication stack is an intriguing possibility. What if Apple releases Touch ID to third parties, but retains an additional authentication method to differentiate its transactions as even more secure? Ostensibly such sensors would be built in to the iPhone 6 but not the 5S or 5C, giving the new phone an additional edge over its immediate predecessor even if the hardware of the Touch ID remained the same. This would, I think, be a very Apple thing to do! Whatever the case, I would look for multiple mobile payment options in the iPhone’s immediate future.

– – – – – – – – – – – – – – – – – – – –

To keep up with Quantum of Content, please subscribe to my updates on Facebook, follow me on Twitter  or add me on Google+.

 
 
 

<a href="/latest_stories/all/all/30" rel="author">Forbes</a>
Forbes is among the most trusted resources for the world's business and investment leaders, providing them the uncompromising commentary, concise analysis, relevant tools and real-time reporting they need to succeed at work, profit from investing and have fun with the rewards of winning.

 

blog comments powered by Disqus

Latest stories

Each Unit of Apples Watch’s AMOLED Screen Reportedly Costs $27.41
Each Unit of Apple Watch’s AMOLED Screen Reportedly Costs $27.41
The cost of the AMOLED display of the new smartwatch is pretty high
 
 
Apple Reportedly Releasing the 27-Inch Retina iMac in October 2014
Apple Reportedly Releasing the 27-Inch Retina iMac in October 2014
Apple is rumored to introduce the new 27-inch iMac with Retina display in the next month
 
 
Apple Says Bent Phones Aren&#039;t Common
Apple Says Bent Phones Aren't Common
The bending problems should not happen for most users
 
 
Apple Says Users Unaffected By Security Bug
Apple Says Users Unaffected By Security Bug
They confirm the vast majority of users are safe
 
 
 

Latest from the Network

Venezuela swaps guns for education
Caracas, Sep 30 (IANS/EFE) The Venezuelan government has initiated a voluntary arms exchange programme under which its citizens can surrender their firearms in return for work tools or a scholarship. The plan, which...
Read more on Politics Balla
 
Amanda Bynes arrested for DUI
Los Angeles, Sep 30 (IANS) Actress Amanda Bynes was arrested for driving under the influence (DUI) here, but was released on bail later. The 28-year-old star, who came out of a rehabilitation clinic late last year,...
Read more on Celebrity Balla
 
Asian Games: Indian men face Pakistan in hockey final
Incheon, Sep 30 (IANS) Two-time champions India will be facing arch-rivals and defending champions Pakistan in the mouthwatering title-clash of the Asian Games men's hockey final slated for Thursday. While India edged...
Read more on Sport Balla
 
Afghanistan, NATO sign agreement
Kabul, Sep 30 (IANS) The Afghanistan government and the North Atlantic Treaty Organization (NATO) Tuesday signed the Status of Forces Agreement (SOFA) here. Afghan Presidential Advisor on National Security Mohammad...
Read more on Politics Balla
 
Afghanistan, US sign Bilateral Security Agreement
Kabul, Sep 30 (IANS) Afghanistan and the US Tuesday signed the long-awaited Bilateral Security Agreement (BSA) to allow a limited number of troops to remain in Afghanistan after the drawdown later this year of the NATO...
Read more on Politics Balla
 
Spain's Constitutional Court freezes Catalonian referendum plans
Madrid, Sep 30 (IANS/EFE) Spain's Constitutional Court has suspended the referendum on Catalonian independence set for Nov 9 while justices study arguments from the Spanish government, which strongly opposes the poll,...
Read more on Politics Balla
 
Asiad: Indian women's handball team ends 8th
Incheon, Sep 30 (IANS) The Indian women's handball team ended eighth at the Asian Games after losing their 7th-8th position playoff against Thailand 30-31 in a thrilling penalty shoot-out at the Seonhak Handball...
Read more on Sport Balla
 
Gowda wins Asiad discus throw silver
Incheon, Sep 30 (IANS) Vikas Gowda won India's ninth medal from athletics at the 17th Asian Games claiming the silver in men's discus throw final at the Incheon Asiad Main Stadium here Tuesday. Gowda, who won the...
Read more on Sport Balla
 
Asiad kabaddi: Indian men beat Pakistan to enter semis
Incheon, Sep 30 (IANS) The Indian men's kabaddi team brushed aside arch-rivals Pakistan 23-11 to top Group A and entered the semi-finals of the event at the 17th Asian Games here Tuesday. The Rakesh Kumar-led Indian...
Read more on Sport Balla
 
Asian Games: Indian women win bronze in sailing
Incheon, Sep 30 (IANS) The Indian pair of Varsha Gautham and Aishwarya Nedunchezhiyan finished second in the 12th and the final race to claim the bronze medal in the 29er - women's two person dinghy - at the 17th Asian...
Read more on Sport Balla