Apple’s Recent Accomplishment has nothing to do with Hardware!

Apple’s Recent Accomplishment has nothing to do with Hardware!

When I started my company in 2009 on a whim, I decided to jump head first into the point-of-sale and payment processing industry.  Too naïve to understand what I was getting myself into and too stubborn to quit, I marched head on into designing a point-of-sale system (which is a glorified accounting system that accepts orders, tracks sales  and dispatches orders while also tracking employee attendance).  Little did I know just how complex it would become to integrate and certify software that can process credit and debit card transactions.  After all, I was previously involved in writing and testing software for the aerospace industry so how difficult could it possibly be to process a credit card transaction?

In fact, the credit card industry is made up of many actors including Acquiring Banks, Processors, Independent Sales Organizations, Agents, Merchant Service Providers, Gateways, Issuing Banks, Standards Councils and a new standard known as PA-DSS or Payment Application Data Security Standard.  The new standard required all merchants to use a PA-DSS validated POS software by July of 2010 or the merchant would pay heavy fines IF their system was breached.  Unfortunately, PA-DSS has never truly proven its worth.  Though it can cost around $20,000 to certify software to PA-DSS not including internal costs, it truly never addressed the problem and that problem is protecting cardholder data.  It has seemed more or less like putting lipstick on a pig.  Your auditor as well as the PCI-DSS security standards council will admit that a company can maintain 100% compliancy and still be breached.  In fact, during 2014 there have been countless high profile data breaches including PCI compliant companies such as  Target & Home Depot.  According to the Identity Theft Resource Center as of September 9th 2014, there have been 533 breaches exposing 18,721,149 credit card numbers to Identity Thief’s.  The problem is particularly troublesome in the US where less secure methods of transacting electronic payments occurs (i.e. the US lacks the implementation of Chip and PIN found in Europe).

So what does any of this have to do with Apple, a company known for innovating products from a user interface perspective?  What is it about Apple that is going to be disruptive in the electronic payments industry and how does this affect the security of your private data? 

Announced in typical Apple style with a worldwide audience watching the broken live stream on the Apple website on September 9th of 2014, Apple unveiled the iPhone 6 and their new service, Apple Pay.  Apple Pay does not store your credit card number, but instead a token.  It requires your finger print to make a transaction and you can even disable your phone if It is lost.  That stated, what Apple is doing with the iPhone is nothing earth shattering.  It uses technology that has been around for years including tokenization, fingerprint scanning and NFC or Near Field Communication.  The game changer, we believe is in Apple’s ability to negotiate partnerships and contracts as well as their marketing power and proven track record on influencing consumer trends and hence the response from Apple’s competitors in an attempt to compete.

You see, trying to innovate in the electronic payments space is a challenging proposition.  It’s not that the technology is not capable, its more so that it is difficult if not impossible to bring in all the players in the industry together on the same page.  Players that we talked about in the opening of this blog post; ISOs, MSPs, Merchants, Issuing Banks, Acquiring Banks, Processors, POS ISVs and the card brands such as Visa, MasterCard and American Express.  Trying to coordinate those actors is worse than herding cats.  It’s worse than herding cats to jump into a pond.  No person nor company has been able to build a solid momentum and consensus that would change this industry, especially in the United States until NOW.  Apple has momentum going like no other.

I run a software company in Dallas and we primarily deal with and develop Microsoft applications so I can say that I have never taken a drink from the Apple fountain of Kool-Aid®.  I just didn’t appreciate and still don’t appreciate Apple’s secrecy that leaves third party device manufacturers hanging and software vendors trying to adapt with no notice at Apples surprise events.  This time however, Apple surprised many of us with huge partnerships that were kept secret.  The cool new iPhone and watch was great to see, but their innovation in electronic payments would have been uninteresting to us without the countless partners that have already signed up to work with Apple.  Acquiring and Issuing Banks such as Bank of America, Wells Fargo,  Capital One, Chase, Citi and US Bank and others that reportedly make up 83% of the transactions in the US.  To further add momentum we learned of the merchants that they have already been working with Apple including Bloomingdales, Disney, Macy’s, McDonalds, Staples, Subway, Walgreens and Whole Foods Market.    These partnerships in this industry are unprecedented.  Forget the cool features of the watch and phone, I want to meet the people that convinced all of these major market players to join Apple’s bandwagon and join Apple’s vision, good job Tim Cook!

I too have suddenly become drunk from the Apple Kool-Aid® but I think it is due to great justification.  Apple has been able to convince major actors in the electronic payment industry to join their vision unlike any other player before.  They deserve tremendous respect and soon other companies will follow.  Paying with your phone could potentially replace the need for credit cards.  There is little doubt in my mind that Apple is a technology innovator, but don’t underestimate their influence as a trend setter and market leader.  Thank you Apple for finally changing an industry that so many others have failed move.