The Green Sheet Online Edition
August 22, 2016 • Issue 16:08:02
Press a finger, pay remotely
I've heard that Apple Pay will soon be available on both mobile and desktop ecommerce websites. Its use of fingerprint authentication looks like the right solution at the right time to circumvent CNP fraud, which is expected to increase exponentially as EMV acceptance becomes more widespread. Do you agree?
Mike Hunter, Merchant Level Salesperson
The new Apple Pay functionality looks promising, and Apple Inc. has indicated it should be available in time for the booming year-end holiday season. You are correct that biometric authentication, in this case fingerprints, is more secure than the passwords currently in use for card-not-present (CNP) ecommerce.
It is possible to steal fingerprint scans, but making use of them in conjunction with the iPhones associated with them poses significant obstacles for fraudsters, so it's not a lucrative proposition for them right now. Also, Apple does not store fingerprint data in a central database; it is only stored locally on each phone, so thieves can't grab massive amounts of biometric data in one intrusion.
Apple fans who already have iPhones and Mac computers won't have to acquire anything new to use Apple Pay for the web on their desktops (desktop transactions are still more prevalent than mobile web transactions). The downside is that people who do not own an iPhone and an Apple computer will not be able to use Apple Pay for the web to shop from their desktops. It only works with an iPhone in conjunction with a computer running the Safari browser.
The good news for those left out of the Apple Pay loop is that Google stated it is working to bring Android Pay to websites. If this happens, and we have every reason to believe it will, ecommerce payment giant PayPal just might get a run for its money.
What's our take on biometric ID?
If they are stolen, fingerprints and retina scans can't be replaced the way passwords can. Does this give you pause, or are you confident criminals won't be able to use stolen biometric data to their advantage? Let us know what you think at firstname.lastname@example.org.
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.