Touch ID Will Allow PayPal And Others To Compete With Apple's Own Mobile Payments

Jun 7 2014, 10:08am CDT | by

News percolates out of Apple's Worldwide Developers Conference (WWDC) in stages. First there is the keynote where Apple shines a light on specific features it wants to highlight. Then comes a week of sessions and labs where Apple engineers share concepts and techniques behind the new features in iOS and OS X with developers. Simultaneous with the action at WWDC itself is the scrutiny that developers worldwide apply to the beta versions of the code for the new OS’s that Apple releases after the keynote. null .

I emphasize “actual information” because so much of what is written about future Apple products is based on vague rumblings from the “supply chain,” an amorphous entity with its own agenda—primarily generating web traffic. So WWDC is especially refreshing for those of us who cover Apple and try to sift out the signal from the noise in all those rumors. Apple will release an unprecedented 4,000+ new APIs to developers with the release of iOS 8 and within those are the making of actual news.

One important move that was mentioned in the keynote but explored more fully in a dedicated session on Wednesday is the opening of Touch ID to third-party developers. In typical Apple fashion, Touch ID was rolled out in iOS 7 within its own walled garden. Users have been able to unlock their phones and authenticate purchases and downloads from Apple’s own stores, but that has been it. With iOS 8, this will all change.

There are many ways that third-party developers will now be able to use Touch ID in their apps. One example demonstrated in the session on Keychain and Authentication with Touch ID is when an app requires access to your photos it will now be able to place that permission behind a Touch ID authentication. These kind of steps can be used by developers to increases user confidence in the security of an app without slowing the user down with cumbersome password typing. null . Keith Griffith of Business Insider reported on Thursday that developers from PayPal had been present at the session on Wednesday. A source at PayPal told him, ”It seems to be a fairly easy API to use, but we’re still kicking the tires.” Griffith confirmed with Anuj Nayar, PayPal’s senior director of global initiatives, that its developers had indeed been at the session.

This fact does not in itself mean that PayPal will launch a Touch ID powered app for iOS 8, but why wouldn’t they? It has already tested the waters with a FIDO standard app for the Samsung Galaxy S5. This raises two intriguing implications. First, would Apple open up Touch ID to potential competitors if it didn’t already have its own mobile payment system ready for release with iOS 8? I don’t think so! Second, does PayPal’s interest in Touch ID raise the possibility that Apple will join the FIDO Alliance itself, thereby unifying the fractious world of mobile payments? Not a slam dunk, but I would give it a better than 50% chance.

Nothing is likely to be announced until the iPhone 6 reveal in September, but I would predict that we will see Apple announce its own Touch ID and Keychain enabled mobile payment system. And I think it will announce some high-profile mobile payment providers that will also be releasing their own iOS apps using Touch ID authentication, including PayPal and possibly a few other marquee names like Amazon, Authorize.Net, BrainTree, Citibank, Digital River, HSBC, Square, Stripe and VeriFone. And how about Alibaba’s Alipay for the Chinese market, for good measure? Google Wallet may be conspicuously absent to start, but is likely to eventually join the party as it has with all of its other apps.

One point that was not addressed in the session is whether websites accessed through the new version of mobile Safari that will be released with iOS 8 will be able to be configured to use Touch ID authentication as well. If I had to guess, I would say no, at first. But as with many other features, Apple wants the native app experience to be superior to the web app experience—but it wants to create the the best mobile web experience for its users too. The combination of giving iOS apps priority and the desire to limit security risks makes me think that Touch ID for web apps on Safari might push back to iOS 9.

Apple’s opening of Touch ID to third party developers is a bit surprising. It could have just as easily opened it to its own mobile payment system first and then invited other companies in. That it is going the more open route suggests a few things:

  1. Touch ID adoption among users has been good
  2. Security threats to Touch ID have been minimal
  3. The growth of the FIDO Alliance makes Apple want to be a leader among many as opposed to a sole provider
  4. Apple is getting ready to launch its own mobile payment system

In my own experience, software updates have improved the performance of Touch ID over time. I am part of a minority whose fingerprints are not Touch ID-friendly, for whatever reason. (I have written extensively about the frustration of this minority, but admittedly most people’s experience is pretty good.) And despite the fairly immediate faux-fingerprint hack of Touch ID, no reports of such an actual exploit in the wild have been reported.

In my own conversations with Phillip Dunkelberger, President and CEO of Nok Nok Labs (one of the founders of the FIDO Alliance), he explained to me that, “Apple could easily join at any time if it decides that the open approach is more beneficial to its long-term interests. Authentec, the fingerprint sensor company that Apple bought to power Touch ID, was involved in the early FIDO discussions and its solutions are apparently in no way incompatible with these new standards.”

Apple CEO Tim Cook had tipped the possibility that the company would expand the mobile payments market through Touch ID at the company’s quarterly earnings call in January. Afterwards, Sebastien Taveau, a founding board member of the FIDO Alliance, told security blog SCMagazine  that “the Touch ID architecture aligns well with FIDO Alliance views.” He goes on to say that, “Locally stored credentials on the device to be used to ‘release’ a secondary step shared between the device and the cloud is a high level of security resting on user presence, device integrity and trusted connectivity between an account holder and a service provider.” The fact that the fingerprint is stored locally, in the Secure Enclave on the A7 chip, is the key to its robustness. “The assumption that only the Touch ID will be part of the transaction-confirmation process is probably incorrect,” Taveau contends. “Based on the technology around the latest iPhone and other Android-based devices, multi-sensors are used and provide a dual process: active authentication and passive signature. Multi-factors combining user and device signatures is the key to success.”

Taveau’s suggestion that Apple may have other sensors at play in its authentication stack is an intriguing possibility. What if Apple releases Touch ID to third parties, but retains an additional authentication method to differentiate its transactions as even more secure? Ostensibly such sensors would be built in to the iPhone 6 but not the 5S or 5C, giving the new phone an additional edge over its immediate predecessor even if the hardware of the Touch ID remained the same. This would, I think, be a very Apple thing to do! Whatever the case, I would look for multiple mobile payment options in the iPhone’s immediate future.

– – – – – – – – – – – – – – – – – – – –

To keep up with Quantum of Content, please subscribe to my updates on Facebook, follow me on Twitter  or add me on Google+.

 
 

Don't miss ...

 

<a href="/latest_stories/all/all/30" rel="author">Forbes</a>
Forbes is among the most trusted resources for the world's business and investment leaders, providing them the uncompromising commentary, concise analysis, relevant tools and real-time reporting they need to succeed at work, profit from investing and have fun with the rewards of winning.

 

blog comments powered by Disqus

Latest stories

Apple’s New SIM Card Is Great For Travelers
Apple’s New SIM Card Is Great For Travelers
The latest iPad comes with SIM cards perfect for people on the go
 
 
Tim Cook Met With Chinese Officials On Privacy
Tim Cook Met With Chinese Officials On Privacy
The Chinese government has taken an interest in Apple’s security and privacy
 
 
Why Is Apple Pay The Most Secure Option Available?
Why Is Apple Pay The Most Secure Option Available?
Is Apple Pay really worth the hype?
 
 
Apple Planning to Open 25 New Stores in China within Two Years
Apple Planning to Open 25 New Stores in China within Two Years
Tim Cook reveals that Apple is thinking to build 25 additional stores in the massive Chinese market
 
 
 

Latest from the Network

Reinartz out for three months with eye injury
Berlin, Oct 27 (IANS) Bundesliga side Bayer Leverkusen will be without their defensive mid-fielder Stefan Reinartz for three months as he fractured his eye socket. The 25-year-old German, who has earned three...
Read more on Sport Balla
 
Pakistan PM urged to probe London rally incident
Islamabad, Oct 27 (IANS) Pakistan Peoples Party (PPP) leader Rehman Malik urged Prime Minister Nawaz Sharif to probe a Kashmir rally incident in London, where Bilawal Bhutto was forced off the stage, media reported...
Read more on Politics Balla
 
Google employee held for 'cyberstalking'
New York, Oct 27 (IANS) A 23-year-old Google employee has been arrested for allegedly cyberstalking a former classmate, a medai report said. According to a San Francisco Chronicle report, Nicholas Rotundo, an internal...
Read more on Politics Balla
 
Indians in Washington celebrate Diwali
Washington, Oct 27 (IANS) The Indian community in Washington celebrated Diwali with the Indian ambassador S. Jaishankar noting how the festival has become part of Indian American community's presence and profile in the...
Read more on Celebrity Balla
 
Astronomers produce first images of exploding stellar fireball
Washington, Oct 27 (IANS) The expansion of thermonuclear fireball from a nova that erupted last year in the constellation Delphinus was more complicated than the simple models used previously would have predicted,...
Read more on Business Balla
 
Paul Allen Donates At Least $100M to Fight Ebola Virus
Paul Allen has just made himself a certified crusader against the deadly Ebola virus.Allen, the Portland Trail Blazers and Seattle Seahawks owner, pledged to donate "at least $100 million" to Tackle Ebola. He wrote a...
Read more on Sport Balla
 
Spanish La Liga standings
Madrid, Oct 27 (IANS) Following are the Spanish La Liga standings after Sunday's matches (tabulated under matches played, won, drawn, lost, goals for, goals against, points), according to Xinhua. Barcelona 9...
Read more on Sport Balla
 
China stocks open lower
Beijing, Oct 27 (IANS) Chinese stocks opened lower Monday with the benchmark Shanghai Composite Index opening at 2,293.57 points, down 8.71 points or 0.38 percent. The Shenzhen Component Index opened at 7,881.01, down...
Read more on Business Balla
 
Italian Serie A results
Rome, Oct 27 (IANS) Following are the collated results of Italy's Serie A matches Sunday, according to Xinhua. Chievo lost to Genoa 1-2 Juventus bt Palermo 2-0 Udinese bt Atalanta 2-0 Cesena lost to Inter Milan 0-1...
Read more on Sport Balla
 
China mulls scrapping death penalty for 9 crimes
Beijing, Oct 27 (IANS) Chinese lawmakers are considering to remove the death penalty for nine crimes, including smuggling weapons and nuclear materials. The draft amendment to the Criminal Law was submitted Monday to...
Read more on Politics Balla