On Thursday, AppleInsider announced that Apple had filed a patent application with the U.S. Patent and Trademark Office for a “method to send payment data through various air interfaces without compromising user data.” As more companies move towards making wireless point of sale transactions available to customers, the way Apple patents mobile payments systems will be a sign of where the industry is heading.
According to AppleInsider, the company’s previous patent applications have pertained to the user experience, but this newest filing relates to how the service and infrastructure will work on the back end. This infrastructure will allow point of sale transactions that are protected from wireless theft. In the language of the patent application, Apple claims that a two-step process can be used to keep customer information safe. A “secure element” is mentioned that appears to protect data in a similar way to the Touch ID fingerprint scanner on the iPhone 5s. Both systems create aliases in order to secure the outgoing data.
The two-step process begins when the mobile device, say an iPhone, sends out a signal to the nearby point of sale receiver to initiate the payment. This part of the process could be done using near field communication (NFC) or Bluetooth communication. The first wireless interface is then followed by a separate second wireless transaction, which then connects to a backend server to complete the purchase.
In this scenario, the user’s credit card data is stored securely on the mobile device and is never stored anywhere else during or after the payment transaction. Instead, the information sent from the device to the point of sale system is actually a generated alias along with a cryptographic code. This data is sent through the second wireless connection directly to the server backend, which can identify and decrypt it. The transaction is complete once the backend matches the decrypted alias with one it already has on file.
Apple continues to lead the charge for the future of wireless payment solutions. The company clearly has big plans. Coupled with the iPhone’s e-wallet, which was the subject of a new patent application last year, this new secure payment system could see Apple take the lead against competitors such as PayPal. Assuming Apple can actually secure customer data as it claims.
What do you think? Do you think a wireless point of sale service can be totally secure?
Image courtesy of MorgueFile.