New in OS X: Get MacRumors Push Notifications on your Mac

Resubscribe Now Close

Apple Said to Be Using Tokenization Technology to Secure Mobile Payments Service

Apple may be integrating tokenization technology in its forthcoming mobile payments solution, reports Bank Innovation. Citing sources close to the matter, the report notes that the company will look to utilize token technology to address security and fraud concerns as integrates the service with the iPhone 6 and iWatch.
Financial institutions — card issuers and networks — prefer token technology because it replaces primary account numbers, those 16-digit card numbers on the front of credit and debit cards. Instead, the tokenization technology uses complex codes that are easily transmittable over the air and between devices, but that are used only once, so even if they are intercepted, are of no use to fraudsters.
An Apple patent discussing token technology has also been discovered, as the application was granted last month and filed for in 2009. In its example, Apple discusses a token system as a method for two devices to communicate sensitive data with disposable, one-time use codes.

easypay_concept
EasyPay mobile payments concept by Ricardo Del Toro

The report also once again discusses the NFC capabilities in the iPhone 6 and iWatch, stating that chip-maker NXP will be rolling out NFC chips to the iWatch and the iPhone 6. Apple Stores and Apple retail partners are also said to be gearing up to utilize NFC technology, as a number of retail locations will be using the NFC-enabled Verifone MX 915 terminal.

Prior reports have stated that Apple's payment service will be supported by a number of credit card companies including Visa, MasterCard, and American Express. The company is also said to be partnering with a number of retailers for the service, including Walgreens, CVS, Nordstrom, and more.

Apple is expected to announce its mobile payments solution at this Tuesday's media event, which will likely be shown off alongside the iPhone 6 and iWatch.

Related Roundup: Apple Pay


Top Rated Comments

(View all)

26 months ago



Apple can you please include the sears store. I shop a lot at sears.


Ah... so you're the one!

:D
Rating: 19 Votes
26 months ago
1 more day... This is going to be epic on so many levels.
Rating: 10 Votes
26 months ago
Tokenization is one of the best ways to protect PCI data.

Prime example: PCI standards allows someone handling such data to only display the first six and last 4 digits of a PAN (your credit card) in their database. For a merchant to retrieve the full data for research (your full card number), the people holding the data would encrypt the middle digits of your PAN number, create a token, store it in a database with your encrypted card information.

The merchant then would be presented with a token. They submit the token, the entity holding the PCI data has their application check the token against what they have in their database. If they match, the people holding your data returns back the full card number to use. That way, at no point does either the holder or the merchant have all 16 digits of your credit card number.

I've maintained PCI databases, and it's one of the easiest, and secure ways to store your data. For Apple to be looking at this is a good thing, especially if rumors are true about using NFC in their next iPhone.

BL.
Rating: 9 Votes
26 months ago
Can tokenization keep my money safe from my wife as well?
Rating: 6 Votes
26 months ago
I misread it and thought it was going to be a Hobbit based payment system, but that's Tolkienization.
Rating: 5 Votes
26 months ago

Just to scare everyone, I could easily setup a capture at the fuel pump and grab your swipe. I'm curious on how 'they' can make this secure, possibly include a manual PIN?


You state that you have been writing token payment code for two years, yet you don't know how it can be secure? You mean you write code for a technology that you don't understand?

Wut?!
Rating: 4 Votes
26 months ago

1 more day... This is going to be epic on so many levels.


Yeah like... Level 1 and level 2 and level 3. It's gonna be totally epic. Maybe even level 4, who knows...
Rating: 2 Votes
26 months ago

First... not to care.


You sure spend a lot of time not caring, having about half of the posts in this thread alone.
Rating: 2 Votes
26 months ago

Somewhere some celebs are wondering why Apple couldn't tokenize iCloud passwords and backups...


if any one of the celebs that got hacked could tell me what tokenization means, i would give them everything i have.
Rating: 1 Votes
26 months ago

AND choose NOT to use two-part authentication.


No, everyone knows why people don't use 2-part-authentication. It is a pain in the ass and unnecessary for most applications.
Rating: 1 Votes

[ Read All Comments ]