The Critical Path #122: Where the Money is

How and why does Apple get paid for Apple Pay? Anders and Horace dive into the payments value chain and break it all down for you: whats in it for users, merchants, issuing banks and payment networks. What are the risks and opportunities for Apple? Is there a disruption about to happen?

via 5by5 | The Critical Path #122: Where the Money is.

  • stefnagel

    Does Apple want to be a credit institution? I hope not. Creditcos are debtcos in reality. Mere money mongering.

    • Sanat Patel

      Not any more than wanting to be a record label with the introduction of iTunes.

      • Walt French

        Nor a mobile operator just because they did the iPhone. I think we’re onto a pattern here.

      • stefnagel

        Just clarifying the point here. Spot on. Apple is in the delivery business re: all forms of digital content/media/data. It wants all digi stuff to be both cheap and plentiful. Nonscarce.

      • Space Gorilla

        Yes, but what about connecting us with great artists and enabling great artists to flourish? That doesn’t seem ‘ugh’ to me.

      • airmanchairman

        The problem the artist needs to solve is how to quickly get her product out to Tierra Del Fuego, Potiskum, Djibouti or Chandigarh where some radio JD has been playing Lura’s CD to death, generating no end of popular acclaim and demand, and this is where the 70-year old labels hold the whip hand with their mix of old world and high tech retail, delivery and distribution systems, havin been already dragged kicking and screaming into the world of digital sales by the tech companies led by iTunes.

        As you have previously stated, the books are cooked and in many cases Lura may be totally unaware of her monster sales in Reykjavik or Norkopping etc, so the dice is still heavily stacked in the label’s favour.

        The bright ray on the horizon is the rollout of mobile retail and consumption, coupled with these fabulous new mobile payment systems that are reaching far into the hinterland and enabling previously inaccessible communities to participate in the global economy (like the mobile payment system M-Pesa in Kenya which now accounts for two-thirds of the country’s GDP). Apple and the tech companies will have a big role to play in the reform of the corrupt and archaic indentured servant system that is the bad old music industry of today.

      • Space Gorilla

        True, but if Apple feels they can deliver value and a better experience, I would expect them to do it. The record label seems the most likely, most artists get a very small percentage of the revenue generated from their work. Imagine an artist getting 70 percent of the revenue via Apple. Who wouldn’t sign with Apple?

      • Walt French

        No, Apple does NOT have the talent to be a record label.

        A record label — or a book publisher or a movie studio — makes hopefully astute decisions about which works to finance (for books, the advance) and market. Those businesses are a bit like specialized Venture Capital in needing to know where and on whom to take chances.

        Nobody will dispute Apple’s marketing talent, but then again, they have the luxury of so few SKUs that all their products fit on a desktop. Hundreds, thousands of new tunes? Hundreds of thousands of new apps? That is not something where Apple is going to either add value (and thereby, make a lot of money).

      • Space Gorilla

        I should clarify, I’m thinking of a different kind of record label, one that is simply the distribution/discovery/payment mechanism. The talent resides in the artist, and to some degree the producer and recording engineer. Recording technology is now so cheap I’m not sure financing is an issue. What artists need is a tool to connect them with an audience. I think Apple could be pretty good at that. The artists don’t need much of what labels do anymore, not the good ones anyway. Britney Spears needs a traditional label to succeed, but many artists do not. Giving the artist 70 percent of the revenue changes the equation so dramatically we could see many artists that cannot make a living via traditional labels suddenly flourish. This could change the entire industry, and I do think it’s coming. How directly involved Apple will be is the real question.

        “A record label… makes hopefully astute decisions about which works to finance… and market.”

        I would argue traditional labels make a lot of bad decisions and act in predatory ways. I don’t see this model surviving long term.

      • Walt French

        Your final paragraph says that a mature industry — recorded music started about 70 years ago — somehow hasn’t managed to find mutually-beneficial arrangements.

        In the internet era, it’s relatively easy for a musician to set up a website with downloads, to press 20 or 20,000 CDs that an etail storefront and fulfillment center can handle. Musicians don’t especially need financing (or are tours a challenge?) the way that authors, many of whom live advance to advance, do.

        Likewise, a label can set up with relatively little capital. If this isn’t working well, it’s because … well, what? It seems the only missing ingredient is somebody willing to pour millions into a vanity project, the way that many airline owners do, resulting in an industry that makes no money (in aggregate, since inception) due to being right at the cusp where the costs of adding one more flight are enough that you can’t lower your fares enough to fill it up and still have break-even.

        This is the world of commoditization, where a new entrant can easily come in, but can’t really have a sustainable advantage that allows it to build any significant market share. Business happens — corn gets grown — but the industry stays fairly stable.

        Apple has passed up all sorts of opportunities to get into commodity markets. Methinks they’ll do the same with music labels, leave the business to people for whom it’s a core passion.

      • Space Gorilla

        “a mature industry — recorded music started about 70 years ago — somehow hasn’t managed to find mutually-beneficial arrangements.”

        Correct, it has not, as far as artists are concerned. The music industry is corrupt and has literally stolen money and rights from artists throughout history. Artists receive a tiny percentage of the revenue generated from their work. Record companies cook the books and withhold royalties to pay back debt owed by the artist to the record company. This is common practice. I know a few people in the industry. I was talking with a very ‘successful’ Canadian rock band once, the members of the band couldn’t afford to buy houses, and they eventually broke up because they couldn’t make a living. This story is not uncommon in the industry.

        Up until very recently the major labels were the gatekeepers, paying off radio stations and others to create hits. I’m sure you’re aware of payola. That hasn’t stopped, there are just loopholes now. I think/hope this is beginning to change with distribution and discovery mechanisms like iTunes, Beats, etc.

        “Apple has passed up all sorts of opportunities to get into commodity markets. Methinks they’ll do the same with music labels, leave the business to people for whom it’s a core passion.”

        I would tend to agree with you. The artist is the commodity, almost an indentured servant, being squeezed for every nickel and then discarded. The artist has no power. My hope, my gut feeling, is that this is changing, and I think Apple could enable it (more than they are already). Will Apple become a traditional label? Of course not. That would be ridiculous. But I think Apple could be the mechanism that empowers the artist and enables the direct connection with the audience, bypassing the traditional label structure which even today exerts a lot of control over which artists are successful.

        I can’t stress enough how dramatic a change it would be for an artist to collect 70 percent of the revenue they generate. And this may be possible if the traditional label structure can be bypassed.

        But I think perhaps you’ve got a point, Apple cannot do this directly, they can only provide the mechanism. Apple can’t sign artists, imagine how much that would piss off the current labels who are the rights holders. But I do think Apple can help artists connect with their audience through distribution, discovery, and payment mechanisms, more than what is happening now, and I expect it soon.

      • Walt French

        A friend—the daughter of close friends—put out her latest album under her own label.

        It’s quite possible. There is a long list of thank-yous on her site, however, suggesting that there’s a lot of talent and work that goes into a label, work that the artist has to arrange somehow or other. Lura, an accomplished and now established artist, is in a position to get help and backing. Her earlier albums are on a whole host of small labels. (She also recorded on Decca and Naxos,)

        Artists might like to capture 70% of the revenue from their music, but I think even her choice of self-publishing doesn’t meet that mark: she has to pay to support her website and CDBaby doesn’t work for free, either. She writes her own liner notes, but gets people to do cover art and professional recording.

        Other musicians could do it all. But most of them don’t want to become web gurus, nor deal with the business of a store. The only smart answer is to have others do it. The fact that she is “independent” isn’t so much a condemnation of the system as the fact that it’s quite possible to work around it to get what you need, but that it won’t fall in your lap.

        As the line goes, “if you don’t like the news, go out and make some of your own.” People who complain that the system isn’t working, have an alternative.

      • Space Gorilla

        What you’re describing here is only recently becoming possible/practical, and it is still harder than it needs to be. That’s my point. There’s an opportunity to reduce friction, to provide a platform which artists can use to reach their audience.

        I think of apps before the App Store, both iOS and Mac, and all the individual effort that went into distribution, discovery, payment, on the part of the developer. Apple has reduced that friction and provided a mechanism which connects developers to consumers, directly. It isn’t perfect but it’s a big improvement over the previous model.

        That’s what I would like to see for artists. iTunes is a step in this direction, but it’s not fully baked in the way I am proposing. There is still friction that can be reduced.

      • normm

        Apple already does the distribution and payment part, and some discovery. All serious independent musicians put their music up on iTunes. See

      • Space Gorilla

        Yes, I expect an expansion of this.

      • airmanchairman

        Oh, I don’t know: the Beats acquisition, reports of future collaborations with U2, the iTunes Festival, etc. Apple seems to be inching towards its own label slowly but surely.

      • stefnagel

        True. But Apple has the Sony debacle staring it in the face: a company wrecked by trying to be the conductor and the performer as well. And eventually it did neither well.

      • Space Gorilla

        I agree, I see Apple acting more as matchmaker, enabling the connection between the creators and the consumers.

        I didn’t make that clear enough in my original comment, I did think it was obvious Apple wouldn’t act like a traditional label, that way lies madness.

  • Walt French

    Any other readers who can steer me to a more detailed description of the transactions process? Supposedly, the Chip+PIN process is MUCH more reliable that the stripe-only method we’ve been using in the US, and so is rolling out to any merchant who doesn’t want to be the easiest target for scammers. While those new terminals should all support Apple Pay, they would ALSO seem to make it easier for cards to be much more safe.

    Note, I’ve done just a BIT of looking, and for instance found a way that a hacker, by taking over the POS like was described à la Target, could bypass the chip+PIN security. Having heard that there’s NO secure NFC system, it’d be good to examine the many steps and potential vulnerabilities. Surely, Apple has already done such, so it wouldn’t expose vulnerabilities; I’m just looking to understand a bit more.

    Meanwhile, I’m with Horace in thinking this is perfectly timed to be a major “network effect” that’ll impact the adoption curve in the US, a new feature that other platforms are missing, and that Apple will enjoy a few dozen, maybe even a hundred million US devices enabled before Samsung can figure how to tie its shoelaces.

    • berult

      You can easily appraise the security level of the Apple ecosystem by measuring the elapse time between new Apple-product availability and China’s official authorization for distribution of said new product.

      Secure enclaves within a secure enclave run the clock slower, possibly to a standstill, within a Chinese frame of reference. Some sort of relativistic distortion in the Middle Kingdom security/privacy field.

      Extremely secure; China-proof secure. Extremely secure; eBay-panic secure. Extremely secure; U2-internet-hubbub secure. Shall I carry on…? I can’t help with direct measurement of a ‘ celestial empire’ phenomenon, but I can measure distortion through the lens effect. And it provides me with an inferred answer to a ‘state-of-the-art/state-of-the-union’ query.

      The level of security is inversely proportional to the level of insecurity felt by a roaring competition, be it political or commercial. Unsatisfactory to the inquisitive mind, I know…

    • Space Gorilla

      We’ve had Chip+PIN here in Canada for quite a while, couple years or more I think, it’s everywhere now. The fraud that I’m aware of is criminals actually swapping in their own card reader which allows them to gather card info, then at some point they swap it back and the retailer possibly isn’t even aware of what happened. Not sure about the technical details.

      While Chip+PIN is pretty easy, I would prefer Apple Pay, it’s as convenient and looks to be more secure.

    • Martin

      Apple’s system is quite secure.

      The bank issues a token (a credit card alias) and some kind of private security key that resides in the Secure Enclave. The POS terminal receives the token and a cryptogram that is an encrypted version of the token. The cryptogram is unique per transaction. It cannot be unique per merchant because the iPhone doesn’t know what merchant it is at. Chip+Pin generate repeating cryptograms because the cryptogram is generated by the POS terminal and use a different algorithm. How Apple varies the cryptogram isn’t clear but the transaction system must be able to invalidate already used cryptograms, so either an encryption chain (using each cryptogram to salt the next one so everyone who knows the private key and the last few cryptgrams can predict what the next ought to look like) or a time-based one like an RSA Secure ID. I suspect the latter because the system encourages competition of TSPs and encryption chains would require they coordinate. The time-based solution doesn’t. I happen to know that Apple’s secure element chip is a custom design, unique to Apple, and suspect it is keeping an independent clock synced with a common server which all Token Service Providers (TSPs) use as well. There are other ways it could work, but it’s probably not terribly important.

      The token+cryptogram are sent with the payment information through the acquirer and to the TSP (who can be the network processor, the issuer, or a 3rd party – but not the acquirer or merchant). The TSP decodes the cryptogram and validates the token. The token is then sent to the issuer who correlates it with your Primary Account Number (PAN) and clears payment. The token and clearance are then passed back up the chain to the merchant.

      The token is in the clear, but since it’s not a PAN, it can only be processed after the TSP validates the token using the cryptogram. The difficulty of generating an expected cryptogram is the key to the system. That the process of generating the cryptogram securely on entirely on the iPhone or Apple Watch (the watch has all of the elements needed to do this) and not the POS, is how this system can work with equal security inside apps or eventually via the web.

      But none of that is actually all that interesting, as it happens. It’s somewhat more secure than chip+pin for card-present transactions, and definitely more secure for online, but the real innovation here is on the other end. Most people think about security in too narrow a way. Think of a key and a lock. We focus intently on making sure the lock can’t be picked and if we achieve an unpickable lock determine that we’re secure. But we’re not, because we haven’t secured who gets to have a key. The key can be loaned, stolen, lost, duplicated, and all sorts of things and security broken. That’s the side of the problem that is currently failing the worst. Kevin Mitnick didn’t find loopholes in computer systems, he just conned people out of their passwords – he simply coped the key rather than try and pick the lock. In Apple’s system the key is two entirely different things than the PAN – the token and the primary key. That’s true for Google wallet as well – but the innovation in Apple Pay is who controls those things and who has access to them.

      Almost every existing payment network requires the banks to trust a 3rd party to perform ID&V (identification and verification). The merchant needs to check your signature, or a photo ID, or the PIN, or whatever. That’s not bad for card-present, but online it’s impossible. Even with chip+pin you’re still giving Amazon your PAN and security code, and that’s the information that just got stolen out of Home Depot, so chip+pin doesn’t really buy you that much. The bank is trusting Amazon to verify you are who you claim. That’s also true for Google Wallet. And the banks are trusting them to not lose that information once the acquire it.

      What Apple does is create a secure connection from your device to your bank. Apple is not a middle man here. The bank gets to completely control the ID&V. Once they are convinced you are the rightful card holder, they electronically place the token and private key into Apple’s secure enclave. Here’s the important part – you can’t see it or get it out. You can delete it, but you can’t change it and you can’t share it. So you can’t be phished, or social engineered or any of the other ways that this information gets out. The only way to get it out of an iPhone is with your fingerprint – which you can’t share, post online, etc. You MUST have physical access to the authorized phone to unlock the token and generate the cryptogram. The bank doesn’t need to trust anything more than Apple’s hardware security layer. There’s no network to compromise, no way to skim the information on the way to the POS or anything else like that. That’s revolutionary and that’s what Apple brought to the banks. It gives the banks control they never had before and it creates a system that is almost impossible for the end user to compromise. The most you could do is approve someone else’s fingerprint onto your phone.

      There’s nothing proprietary on the POS side of things – they’re building on top of a bunch of existing systems. That’s too much infrastructure for Apple to try and replace. The network processors have some work to do here, but there aren’t that many of them. The banks have a LOT to do here, but they’re getting all of the benefits. The TSPs need to be created, but that’s easy. Apple is also building customer support systems with the banks to ease any problems there (much like Apple built with the carriers). This is designed to overlay on chip+pin and fix many of its flaws without competing with it. Cleverly designed.

      Apple has a variation on this as well where Apple plays the role of the issuer. They issue a token that represents your AppleID. When you pay with the ‘Pay with Apple’ option, it sends the transaction to Apple to approve, who then looks up your credit card number (those 800 million on file) and generates a 2nd, standard transaction and sends the results of that transaction back up to the merchant. This is how Apple gets small banks on board at launch – your little credit union may not yet be participating, but Apple can still process their card as they always have when you bought an app or a song. It also means that user uptake should be much higher as every existing Apple user buying an iPhone 6 will already be set up to buy stuff using the card they’ve already given Apple. This is a powerful arrangement.

      But here’s what everyone is missing:

      Apple built a generic, almost foolproof device-level identity security system around TouchID, Secure Enclave, and custom secure element hardware at the lowest level of iOS that can be opened up to pretty much anyone Apple wants to let in. This is unique, and I don’t see anyone else who can replicate this. Apple is merely renting this security service out to the banks for the price of a percentage of the transaction. They don’t need to build a proprietary payment network, or even be a link in the payment chain. And this system can work equally as well for health providers securing user identity to exchange HIPAA covered health data for Healthkit (for a modest fee, naturally). They can rent it to employers to secure their employee identity – not just for getting into corporate applications but add HomeKit into the mix and a company can put an NFC lock on a door, issue tokens to the iPhones of the 10 employees allowed into that room, and that gives them the ability to unlock the door with their iPhone following a positive fingerprint check. The employer can remotely revoke those tokens as needed. This is effectively a way to replace username and passwords for anything from your iPhone or Apple Watch, if Apple builds it out to its full potential. It relieves the burden of choosing good passwords, remembering them, securing them, and puts all of the control on the agency that needs to control the security, rather than on the one being secured. The recent partnership with IBM might make more sense now.

      Apple has spoken quite a lot about privacy the last few days. They’ve deleted their own copies of encryption keys that would let them get access to our devices. I don’t think this is coincidental, nor do I think it’s a message to users. I think it’s directed at the banks, health providers, and other companies that Apple is looking to build services for, telling them that they truly have a secure place in our devices to store identity credentials. And Apple can speak about not wanting to monetize our data, because that doing so would completely undermine the effort.

      Samsung cannot easily follow this. They could do the SoC work that Apple has done without any real effort, but they would also need to build or aquire a biometric interface of adequate reliability. They exist but are quite expensive and would be difficult to justify at Samsung prices. Apple bought the company that developed the relatively cheap one. But Samsung would need low-level access to Android, and while they have that, they don’t control it. The carriers also see that code, and Google exerts a fair bit of control as well. It’s why Google rebuilt Google Wallet around an app-level, software only, networked approach (what Apple does in hardware on the iPhone, Google does in the cloud and sends you via WiFi). But it was the only way Google could retain complete control over it. Samsung could do it in Tizen, but not Android. Amazon could do the software, but not the SoC and they’re less likely to be able to do the sensor. Google could in their hardware, but they sell so little of that. Microsoft could, but same problem.

      Apple patented this idea in 2009. They’ve been working on it a long time. The bought AuthenTec to get another piece in. Bringing their SoC work in-house helped to do this. They’ve hired countless financial services people to do this. And they’ve been working with the banks for at least a year on it, and I believe they’ve been running a closed subset of this system to secure their 800 million cards-on-file for several years (I believe Amazon is doing this as well).

      This is much bigger than mobile payments and Apple’s head start is enormous. I think some cheap clones of this system are possible within 2-3 years, but I can’t envision a path for anyone to match, let alone pass Apple. Nobody controls the OS, SoC, sensors, and infrastructure like Apple does. Oh, and this should allow Apple to virtualize the carrier SIM. That’s important in many scenarios, particularly that enterprise one above. A current or future iPhone may be able to carry multiple virtual SIMs to allow it on multiple carriers. That’s important in some geographic regions, but it also allows enterprise to have clean separations of work and personal data. An employer should be able to have a carrier ID provisioned to them and then pushed out to a phone just like a token (or revoked), without any physical access needed. Apple has a patent on that as well.

      • Walt French

        Wow, just WOW. Terrific on factual details AND market analysis. THANK YOU.

        I *will* note that if Apple Pay is as big a deal as *I* think it is (even more so after reading your note), that other brands now have a huge incentive to find a similar level of security. They may not be able to use Apple’s (patented) approach to the Secure Enclave, but a similar feature is designed into recent ARM chips, so there must be at least a nearly-as-good solution that even a user of generic ARM chips could spec as a minor customization. Maybe, in as short as a year for new devices, with all the relationship-building etc accelerated thanks to Apple having laid the groundwork at all the third parties, meaning initial rollout could perhaps happen in a bit less than the 2–3 year window you suggested. Basically, Windows’ and Google’s entire high-end US product lines are at risk otherwise. That’s a LOT of incentive.

        Or did I miss some critical point among your many details?

        And some more on implementation: under your extended usage scenario (personal, but especially corporate security), this should cause the docs to take BB off life support. Microsoft, which has a toehold in the Enterprise only, would likewise seem severely disadvantaged without a major cash infusion to what could well be a hopeless effort with it.

        Anyhow, thanks again.

      • Martin

        My pleasure.

        I don’t think they can catch Apple so quickly, mainly because the partnerships that would need to form are among competitors. Almost every Android phone has 3 agents that can change the OS – Google, the OEM (Samsung, etc.) and the carrier. The carriers have their solution (Softcard) and have every incentive to undermine everything else. Also threatening them from Apple is that this security setup, with the secure element chip that Apple has added almost certainly will allow Apple to virtualize the SIM. Apple has a patent on that:

        This is therefore also a play by Apple to grab more control of the device from the carriers. Virtualizing the SIM is very attractive – it allows easily adding a prepay carrier code when traveling, having a personal and work SIM, and so on. But the SIM is important leverage for the carriers. Take that, and VoLTE and WiFi calling and the carriers are just dumb data pipes and they’ve worked damn hard for a long time to not wind up as dumb data pipes. So I think the carriers are going to fight doing what the handset makers are desperate to do.

        So introducing a comparable security layer likely threatens the carrier’s core business. The carriers are desperate to keep the security layer on the SIM. Google wants it on the hardware so the carriers don’t turn Google’s implementation off (as they did with the original Google Wallet). Some OEMs want it on the hardware, but not in Google’s control. And nobody is talking to the financial services industry about what they want.

        The technology to do it is there, but the shared benefit isn’t, and only Apple has positioned themselves in such a way that they don’t need to strike that kind of cross-industry agreement. Adding to the challenge are the margins on these products. Apple’s margins also make it easier to justify adding these things. I got a fairly large sapphire crystal on my iPhone 5S a full year before Apple announced the service it was designed to enable. How many OEMs are going to forgo those profits until they get paid security rent? I’m thinking not many. How often have we heard Steve Jobs or Tim Cook say ‘it’s critical to control the core technology’? He said it just this week to Charlie Rose. This is it – right here. This is the payoff of that approach. And nobody else has it. Worse, I don’t see any evidence that anyone else even realizes it. They’re so fixated on NFC that they missed it.

        And yes, this should be a grave threat to Blackberry. However Apple still has many pieces to put in place. You can’t do enterprise solely off of iPhones. This needs to be in the next iPad. This also needs to get in Mac laptops (Intel chips have something comparable to Secure Enclave). Apple needs to hook this into MDM solutions (perhaps they are with IBM). This is difficult stuff to implement and how much rent Apple chooses to charge will matter. In the case of payments it’s easy – there’s about $7B in fraud annually. Work out what percentage of that you can eliminate and charge that much. What will that EMR integration cost? There’s no clear opportunity cost on that one.

        And it creates interesting opportunities for anyone who can do that identity verification as a trusted third party. That I haven’t quite worked out yet but there must be an opportunity for a trusted third party to provision an identity token that other agencies would trust. That’s all a passport or driver’s license is – a token (of relative poor security) given to you once you prove your identity to the state, and your employer trusts that token. So who gets set up as the central tent pole of this security tent? It’s not required, but I bet smaller banks and employers would need it to get on board. Who provide the universal ‘drivers licenses’ of digital identity? Would Apple work with government agencies on this? This will be very interesting to watch…

      • BMc

        Martin, great information in your two posts above – thank you! Would be interested in your opinion regarding the virtual SIM potential with Apple’s implementation, and if you believe this is leverage that Apple can use in negotiations with carriers regarding subsidies? There have been public statements from CxO’s at large carriers about the need to cut back on subsidies, but it would seem that Apple’s ability to do a virtual SIM (that would benefit users/enterprises) would clearly affect some of the lucrative roaming revenue of the carriers.

        Or do believe that Apple would implement virtual SIM anyways in a future iPhone (or iOS) version?

      • r.d

        Virtual Sim is an industry standard.
        No leverage can be gotten or given from it.
        Only thing, it allows Apple to have one skew for all the ipad
        instead for each carrier. Verizon doesn’t participate. AT&T locks the SIM to their network. There goes your advantage.

        Contracts stipulate iphone subsidy require Carrier Sims.
        So it is not going to help Apple to introduce unlocked iphone with Apple Sim. It is not like roaming charges won’t affect Apple SIM unless the carriers allow it to mimic their SIM.
        It is only available in US and UK. So there is long march ahead.

      • r.d


        Secure Enclave is a separate Cortex M processor (coprocessor) uses encrypted memory and includes a hardware random number generator. Its microkernel is based on the L4 family, with modifications by Apple.
        Communication between the Secure Enclave and the application processor is isolated to an interrupt-driven mailbox and shared memory data buffers.

        Secure Element is a NFC standard using JavaCard technology. Currently it only has maximum of 8 credit card that can be stored plus one for Apple Key for processing in-ap purchases.

        Most of this information Apple released in iOS_Security_Guide_Oct_2014.pdf

        So Secure Element can’t be used for anything more than banking because of this.
        Secure Enclave is not going to store secure keys from third party if ever. right now it encrypts the entire device and ensures secure communication between touch_id and itself. That last part is the reason Apple can’t bring Touch_id to Intel unless there some custimization like A8.

      • Maxim Harper

        Could I get a source on Apple’s specific SE being JavaCard?

        The fact it’s a proprietary ESE could mean that it could have been modified by Apple (much like the enclave) to run more than just (standard 8 card) JavaCard functionality right? Given the amount of patents Apple’s taken out with regard to non-banking SE functionality I imagine this is the case.. Though if I’ve misunderstood please correct me, eager to know more.

      • r.d

        here it is quote from the Apple security document.
        iOS_Security_Guide_Oct_2014.pdf – just google it you will get it from Apple’s website.

        “Secure Element: The Secure Element is an industry-standard, certified chip running the Java Card platform, which is compliant with financial industry requirements for electronic payments.”

        8 card limit is also from the document.

        You will have to read EMVco standard as well to get more info.

      • r.d

        My guess is that proprietary part of the chip is that it gets its authorization directly from the Secure Enclave when your fingerprint is verified.
        I think it is mention in the document but I am not 100% positive.

  • Guest

    A helpful visualization via Goldman Sachs

    • Walt French

      Yes, that’s an interesting chart that says almost nothing about where Apple fits in.

      At least it gives us the approx measure that fraud is about 0.53% of CC use today; presumably by Apple eating any such costs, banks can benefit by paying Apple up to 0.52% to move users over.

      Which reports say is closer to 0.15%. No wonder the banks see this as a sustaining innovation, one that they’re happy to promote for Apple.

  • Mordechai

    Horace, I enjoyed your exegesis on Apple Pay and agree that reduction of fraud risk is a primary benefit for merchants and issuing banks. However, I think that privacy is a great benefit for end-users, much more so than merely being able to pay faster. The ability to keep your credit card number secure and simply present the merchant with a token in lieu of your actual credit card info is, to me, a great benefit. I’ve been using virtual credit card numbers for online purchases since 1999 when they were first introduced by American Express. Amex stopped offering the service in 2001 (probably because of no critical mass and a very awkward implementation). Happily, Citibank began offering virtual credit card numbers and has continued to this day. (See

    As we all know, merchant systems and the credit card info that they store are vulnerable, either because of an inside job or because of outside hacking. With virtual credit card numbers (or tokens) it doesn’t matter if someone steals the credit card info since (a) it is a one-time use number and (b) it can’t be linked to my actual credit card info by the thief. As I mentioned, this has worked wonderfully for me for online purchases. Why should I trust that merchant XYZ has properly implemented payment system security? With virtual numbers I don’t care. virtual numbers are also great to use with subscription services that insist on auto-renewal. Because the virtual number typically expires the next month the service is forced to contact me when it’s time for renewal at which point I can decide whether to do so or not. That’s much easier than trying to cancel a subscription after the fact.

    From my perspective, Apple Pay extends the benefits of virtual payments to physical retail locations. I no longer have to present my actual credit card information for storage by Staples or other participating merchants. If Apple Pay catches on at restaurants and smaller retail establishments it will be a great boon to individual users who want to protect themselves against credit fraud.

    My only issue with Apple Pay (and it may not turn out to be an issue) is that it seemed that it could only be used online with Merchants who retrofit their web store to support Apple’s protocols. It would be a real killer feature if Apple Pay could also generate one-time use credit card numbers that could be used with non-participating merchants. (A one-time use credit card number looks just like a regular credit card number with both a security code and expiration date.)

    • Walt French

      I’ve seen at least one claim that a bad actor at the merchant (or somebody who’s compromised their POS) can submit the one-time card multiple times in a day, creating shipments that can be re-directed. The commenter was very unhappy about the issuer refusing instant credit against the multiple use.

      This is why I’d like to see a more technical writeup of the Apple technology — it seems to go beyond the one-time credit card that might not be as secure as it looks but I think it’s premature to say it is completely secure.

      • Mordechai

        I think one time really means “by only one merchant”. I’ve seen multiple charges against a one time use card primarily due to partial shipments. Another safeguard that Citibank offers in their implementation is to restrict the total amount that can be charged against the virtual card. I use that feature on occasion. In any event, notwithstanding the bad actor scenario that you describe, I still think it reduces exposure dramatically.

        I agree with you that I would very much like to read a more detailed writeup of what Apple is actually planning to implement.

  • Giovanni

    Only 10% of merchants have NFC readers, which has been a major block for adoption of NFC payments. However, starting October 2015, merchants will be liable for credit card fraud and, thus, likely to upgrade their readers. So, availability of merchants who support NFC is in the verge of skyrocketing. This is yet one more reason, where others have failed, Apple Pay is likely to succeed.

  • Great podcast as always Horace! Your comments re Amazon were really interesting to me because they show the downsides of strategic actions that increase rivalry. Amazon probably can’t or won’t offer an Apple Pay type product because they’re rivals with every merchant on the planet (I realize this may be unavoidable). Amazon can’t partner with companies like Disney (and have someone like Bob Iger on their board) because they’re getting into the media content business. Amazon seems to consistently take steps that increase industry rivalry (one of Michael Porter’s five forces), to the detriment of all industry players.

    Many sustaining and disruptive innovations — like Apple Pay and the original iPod –are only possible through corporate partnerships. Apple can enter these partnerships because they only pursue projects where they can really add value through their hardware/software/services expertise. Apple’s selectivity keeps industry rivalry low and often increases the size of the total market “pie” (as with Apple Pay).

    I’m generalizing too much, but it seems like Amazon and Google, with their boundless ambition, their desire for industry dominance, and their defensive efforts to protect/preserve market share, often make mutually beneficial, win-win partnerships difficult or impossible.

    A dominant strategy may be good for market share over the short term, but over the long term I’d argue that it leads to mediocre products, increased rivalry, and price-based competition. Increased rivalry makes ground-breaking, win-win innovations — enabled through effective corporate partnerships — more difficult. One company can’t do it all.

  • Arcmor

    I wonder if Apple will make a small stand-alone gadget with Touch ID and NFC that can be used by people who do not have iPhones, something you can put on your key chain and go.

    • Walt French

      Frankly, I was a bit surprised that the Apple watch was NOT that device.

      • Sacto_Joe

        It’ll happen, but at Apple’s typical glacially slow speed….

      • BMc

        Glacially slow, for the one company that appears to soon be heavily in the lead for such mobile payments? Sounds trollish.

      • Martin

        It lacks TouchID but it appears to be able to to do the payments without being tethered to an iPhone by resorting to a PIN. I suspect that Apple is working on using those LEDs and cameras on the bottom of the Watch to do something similar to Hitachi’s VeinID.

      • BMc

        Well, they did say that Apple Watch would support Apple Pay – they just have not explained the “how” yet. As we have seen, Apple thinks these things through, so I expect it to work. It might be one of the key use cases for Apple Watch (for those that don’t have an iPhone 6/6+, or simply for the convenience of not even having to pull out the phone – just tap the watch to the NFC reader).

  • normm

    One comment. Every iPhone 6 (and presumably all next generation iPads) have the hardware needed to be an NFC point of sale terminal. This should presumably speed take-up among small businesses.

  • Sacto_Joe

    I’m not totally convinced that ApplePay isn’t disruptive, at least in part. PayPal is screaming in pain for a reason.

  • morph

    PayPay is seeing it’s move into the physical world being stiffled by Apple Pay, as well as it online payments dominace being challenged, when (not if) Apple Pay become another online payments option. The value proposition for an online merchant are the lower fees, compared to PayPal’s. Those online merchants will be beating a path to Apples door to put a Apple Pay option on their web site. The major banks have already signed agreements with Apple so the can’t say much.

    If I were a PayPal exec I would start cashing out, the future is grim (remenber Palm Pilot, Sun microsystems, CD players, N64, Hayes modems)

    • BMc

      It will be very interesting to see how quickly online vendors move to support Apple Pay with a web-based option. As you note, the incentive of lower fees is huge and should drive the necessary work (if it can work in an App, then it should be possible in a browser over a secure connection – just hit an “Apple Pay” button at checkout on the website). I would expect TouchID and Apple Pay as part of the next set of iPads, and possibly next Macs. The iPad is already a leading web e-commerce shopping platform, and this could greatly move it forward. No need to have credit card information at multiple sites any longer, and no need for PayPal. Touch and pay – simple.