NFC-iPhone

Bank Innovation is out with a new report this evening, claiming that Apple will be utilizing tokenization technology in conjunction with NFC in its upcoming mobile payment service. Token tech is a favorite amongst financial institutions, as it’s considered to be extremely secure.

How it works is that instead of transmitting account and credit card numbers, tokenization sends complex codes over the air between devices. These codes are only used one time, so even if they are intercepted by a third-party with the intent of fraud, they would be of no use.

Bank Innovation cites both inside sources familiar with Apple’s plans, as well as previously-filed patents in its report. One in particular, filed in 2009 and granted last year, covers ‘secure communication between trusted parties’ using a token or certificate authentication method.

It’s been reported that Apple has agreed to take on some of the liability in mobile payments, in order to secure lower transaction fees from major financial firms. So it’s no surprise to hear that the company is pulling out all of the stops to insure its new payment service stays secure.

Apple is expected to unveil its new mobile payment service, alongside its new iPhone this Tuesday. In the run up to the event, the company is believed to have signed on a number of major partners, including 3 of the 4 big credit card providers, and several nationwide retailers.

For a roundup of all of our expectations for Tuesday’s event, click here.

[Bank Innovation]

  • MereUser

    Wonder how safe it would be too JB with such sensitive stuff

    • The iPhone 5s has been jailbroken for a while now and to my knowledge there is no way to grab / steal a users fingerprint. If the hardware is locked down enough jailbreaking will make no difference whatsoever…

      • MereUser

        I would like too believe that the finger print is one and your banking details in your wallet (app) is another. Pleas correct me if am wrong…

      • Shervin Tochahi

        in that case paypal is good example its been there for long time and hasn’t been compromised to my knowledge until now

  • mildmanneredjanitor

    When are Fapple going to apologize?

    • Dean Johnson

      Why should they apologise?

      • mildmanneredjanitor

        Duh? Because Fapple are to blame for perhaps the biggest data privacy incident in history.
        iCloud allowed infinite password guesses and also didn’t apply any appropriate additional controls on password reset.
        They can’t be taken seriously until they show some integrity.

      • That’s right I forgot Apple generated everybodies passwords…no wait they didn’t did they? You as a user are responsible for your accounts security and need to make sure your password is strong, two-step-authentication is enabled, and for the extremely paranoid make sure your security question answers are random strings. If after doing all of the above your account has been breached and poor operational security isn’t to blame then the fault is likely with Apple and as a result they should apologise…

      • mildmanneredjanitor

        Congratulations for making perhaps the most ridiculous comment I have read anywhere on the Disqus forums.
        According to you, we now need to have passwords that are so totally cryptic that they could never, ever be guessed even with infinite attempts, and also we shouldn’t provide correct answers to password reset questions because Fapple can’t be bothered to put proper controls in place like device registration or emails to known accounts.
        I guess all the other companies who go to this trouble must be wasting their time.

      • Sloth

        i have to disagree mildman. your post is perhaps the most ridiculous comment I have read anywhere on the Disqus forums. Congratulation.

        I bet you “fappt” the shit out of your little wiener after the recent leaks

      • Umut Bilgiç

        It is not Apple’s fault that the most female celebrities use Apple devices. If everyone was using android, android would have get hacked. It is not possible to build something “un-hackable”, you can just make it harder. Obviusly the celebs made it easier by not picking good passwords but ofcourse this is nat a fault. Nobody is guilty here other then the hackers.

      • mildmanneredjanitor

        Wrong. Because Google rate limit password attempts, and have additional controls on password reset.
        Google, Microsoft, Dropbox etc all have better security..

      • Joshua The-Legend Wiebe

        Google’s security sucks.. Too many vilnerabilities in its coding and its bypassable. Geohot even got paid for pointing out a few of them.

      • Umut Bilgiç

        Dude, it all comes down to the fact that the celebs used apple devices. If the hackers wanted, they could have hacked cirtually any service.

      • Rowan09

        iCloud wasn’t hack but those personnal accounts were hacked.

      • mildmanneredjanitor

        …which is a carefully crafted legal statement of diversion to disguise Fapple’s failings.
        Nobody broke in via the back door (which Fapple don’t host by the way).
        Instead Fapple watched while the hackers were allowed to try an infinite number of keys to the front door, and when they didn’t work they allowed them to change the locks.

      • Dean Johnson

        I can kind of see where you’re coming from. It still doesn’t make any sense, though. Oh and next time you try to have a discussion with someone and you want to be taken seriously and not as a hater, don’t say “Fapple”. It makes you look very childish

      • mildmanneredjanitor

        Understood. But the Fapple branding stays until they accept responsibility and apologise.

      • Sloth

        Must be a hard time for you.. iphone 6 ahead and no Money on the Bank. i feel sorry you

      • Rowan09

        Where is your proof? Why aren’t their any information besides these celebrities? A hack into iCloud wouldn’t be something Apple can just hide and it wouldn’t make sense hiding it as well. While anything can be hacked don’t make up stories because you dislike Apple. Gmail gets hacked all the time by the way, so does Amex, Visa, etc.

  • Next up, hacker bypasses tokenization tech…

  • So, in a very loose nutshell, it works similar to how TouchID works, it doesn’t actually transmit any data, it just says “yes, this is authorised”? Is that right?