Loading User Information from Channel 9
Something went wrong getting user information from Channel 9
Loading User Information from MSDN
Something went wrong getting user information from MSDN
Loading Visual Studio Achievements
Something went wrong getting the Visual Studio Achievements
And Apple Pay also works with the watch, though no one seems sure how.
There is a sensory mesh covering the watch face that can read the amount of force applied to the screen by a finger. It's possible that could be used as a new type of fingerprint reader. But if this was the case then Apple would have mentioned it.
My guess is that it has to be used in conjunction with the phone:
You put the watch on and the credit card tokens are transferred from your phone. You are also given a number to enter to unlock the tokens.
You enter the number into the watch and leave the house – without the phone.
You buy your coffee by presenting the watch to the reader. You don't have to enter the number.
You take the watch off (for some reason) and when you turn around, it's gone. Aside from feeling a little foolish, you know your money is safe because the card tokens are only unlocked while the watch detects a heartbeat. Remove the watch from your wrist and the security code has to be entered again.
The thief heads straight for his favourite crack house and tries to score a day's supply. He presents your watch to his dealer's reader and the watch asks for a code to unlock the card tokens. He tries three numbers and the watch locks up completely. His dealer shivs him for wasting his valuable time. Job done.
Not quite. The new hardware will work with any supported service, of which Apple Pay is just one.
New hardware is already happening. The Apple Pay news leaked before the keynote because a lot of folk noticed that chains such as MacDonalds had started replacing their card readers just a few days before. Coincidence? Apparently not. MacDonalds was one of the companies (others include Disney, Subway, Macys, Nike, Staples and ToysRUs) that has already signed up and replaced their readers.
But what about the smaller outfits. Will they be prepared to replace their card readers. Well, they don't really have a choice.
As of October 2015, any merchants that do not support EMV credit cards – smart cards with integrated circuits that enable point of sale authentication and help prevent fraud – will be liable for the fraudulent use of counterfeit, lost, and stolen cards. EVM cards are read at the point of sale by inserting the end of the card featuring the chip into a payment terminal, rather than swiping the familiar magnetic stripe on the back of the card. Consumers then enter a PIN to authorize the transaction. (If you've traveled internationally, you're likely familiar with this system).
And you can guarantee that the banks and card issuers will be pushing the readers that support Apple Pay. Apple has been negotiating with the major financial players since January 2013 apparently. The banks like the security, and Apple has been reasonable about the rates they're charging them for the service. There's also the fact that Apple's customers do seem to drift towards the higher income bracket, and don't seem to mind spending it.
So what's Apple's cut? About 0.15% of the transaction fee, which should add a few pennies to the Apple Poor Fund.
The more I hear about it the more I realise that this keynote was all about the payment service.
Not new, really. This was something the credit card companies have played with in a different form for a few years. Essentially, it's a throwaway credit card number linked to the main account that can only be used once. My guess, though is that given the number of digits on a credit card that can be used for uniqueness, that won't scale.
Scalability won't be a problem because the system doesn't use credit card numbers.
You take a picture of your credit card.
The phone encrypts it and sends it to the card issuer. The original picture is not stored on the phone.
The card issuer sends back an encrypted token which is stored in the phone's secure storage.
When a transaction is made, the token is used to generate a unique transaction code which is transmitted to the card issuer. The shop does not know your card number, your expiry date or your 3-digit code on the reverse. Neither does Apple.
According to MacWorld, the phone will respond to any attempt to remove the phone's processor so as to ensure the token doesn't fall into unsavoury hands.
Each transaction will need a thumb print, which will prevent anyone from making transaction with a lost or stolen phone.
It is possible to spoof the touchID (as of last year sometime) reader, but the process to do so requires hours of painstaking, careful work; a very clean finger print (for the correct finger); an expensive lab setup; and is limited to about five attempts before the phone locks out. Beyond most thieves, and should certainly give the phone's owner time to get to a PC, log into their account and wipe the phone.
And because the card details are not stored on the phone, there is no need to cancel credit cards.
I don't get why they went with control via the digital crown. The crown on traditional watches is used solely for setting the time. It's small and fidgety to use while wearing the watch (and is fidgety even if you're using it while not wearing the watch), but that doesn't matter because setting the time is something you only do every couple of months.
The Apple Watch now uses that same tiny fiddly knob for stuff that you need to do a couple of times every day. I can't imagine that being a pleasant experience.
Why didn't they go with a touch strip along the side? You can easily operate that with one finger.
The touch strip along one side would limit them to the shapes they could use for future watches. The crown is actually larger than the small twiddly thing found on most watches, and it apparently has a smoother action with less of the ratchet. I'd have to try it before I'm convinced.
Heh, no one could view the live stream. A complete disaster.
But yes, they've started with a range of watches that people want to wear (not people here, obviously). Three ranges with interchangeable straps (though I don't want to know the price of the gold range). They've pretty much covered every hipster/metrosexual/fitness-freak with a disposable income, and they've done it with very few actual models.
Given that Apple is obsessed with making their stuff anorexically thin, I was a bit surprised how thick it was, but then they showed off the digital crown(??) dial and it made sense; the watch needs to be that thick so that chunky-fingered body-builders can use it.
Apple is very quiet on the battery life though; my guess is they're still working on that.
So aside from the awful live feed, Cook has hit another home run. I was disappointed that they didn't announce their own data network though.
Yeah I will believe that when I see it. They will charge more in fees because they can and if they could not they would NOT support this. Credit card companies have never cared about security in the US or we would not be using the simple cards we are using. That being said, I would like a better system but you still end up with a card number that someone can still steal.
Also, who wears a watch anymore? I have 5 in my dresser drawer that I think I might scrap for the gold on them. Call it something else than a watch.
Nothing new from Apple for me but I know others will join the herd and buy some of it.
Obviously, the credit card companies care a great deal about security because they have to fork out money for the fraud. Not passing your credit card details to the vendor should stop card cloning.
I would imagine so, since existing machines record and transmit credit card details. Visa, MasterCard and Amex have signed up, so I imagine that's most of the credit cards on the planet covered.
I guess the incentive is lower transaction fees for the shop owners. The credit card companies charge lower fees with higher security.