Paying for merchandise at a store can be a pain. You go up to the counter, watch as your items are rung up, dig in your wallet for a credit card or debit card, and hand it to the cashier. After your purchases are bagged, you head out the door—left to wonder whether the retailer you just visited will be hacked as Target was earlier this year.
Convenience and security are the two selling points behind Apple Pay. If you have one of the new iPhone 6 or 6 Plus phones, you can simply pull it out, put it near the reader while touching the Touch ID sensor, and voila—you’ve paid for your purchase. I must admit, I do not fully understand the security details that purportedly protect your credit card number. Apple’s Tim Cook has bragged about the tough security, but that doesn’t mean the system is secure.
News came out last week that major retailers like Wal-Mart, CVS, and Best Buy were not going to use Apple Pay (or Google Wallet) since they were signed onto a retailer-developed system known as CurrentC. But the news has broken this week that CurrentC has been hacked. It’s not a major security breach because the hackers only got email addresses of users. But this doesn’t do much to bolster consumer confidence in the system.
In the past year, I’ve had to have new account numbers issued for at least three credit cards. The little I understand about Apple’s system tells me that it doesn’t actually transmit your credit card number to the retailer but instead uses some kind of “burnable” temporary number. That’s appealing, but since I do not have an iPhone 6 (my wife got the upgrade this year) Apple Pay is not going to be anything I use anytime soon. All I know is, I want something more secure than we have now.
Security is hard, and the type of security that Apple and its competitors are trying to implement is very, very hard. Breaches will be inevitable in any system, just as a determined burglar will get into any home regardless of the security systems in place. Heck, prisons are among the most secure places in the U.S., and we cannot keep weapons and other contraband from being smuggled in. Apple, CurrentC, and other providers are going to have to get things right and hope to stay one step ahead of the hackers. That will be no easy task.