Apple on Monday responded to questions from Australia's parliament about its third-party access approach to the NFC chip in its iPhones, following claims that its Apple Pay system is stifling innovation in the contactless payment technology space.
The Parliamentary Joint Committee on Corporations and Financial Services heard for-and-against arguments from Apple, Google, and others relating to whether Apple should open up access to its near-field communication (NFC) chip. Australia's big banks have also sought open access to the NFC chip on the iPhone in recent years. However, in a written response to the committee, Apple said it "provides banks with access to NFC functionality on Apple devices" through Apple Pay, which is "available to all banks in Australia on fair and non-discriminatory terms."
Apple has developed a technical architecture that comprises hardware and software components and application programming interfaces (APIs) that banks can use to facilitate contactless payments with their cards and mobile banking applications.
Apple chose to call this architecture Apple Pay because: (a) merchants need a simple way to communicate their acceptance of the service to consumers both in store and online, (b) Apple wished to facilitate consumer choice of payment method / bank by providing a consistent and simple experience, and (c) it allowed Apple to market the service to consumers without having to preference one bank over another.
According to ZDNet, Apple cited security as one of the reasons it doesn't support alternatives to Apple Pay, comparing it to Google's HCE payment system which it claimed is an inherently less secure system with a worse user experience.
Host Card Emulation (HCE) is a less secure implementation, which was adopted by Android … Apple did not implement HCE because doing so would lead to less security on Apple devices. Google likely selected this implementation because Android software is used in a variety of hardware devices offered from many different companies other than Google, and therefore had to select a software-centric solution, even though it is less secure than a secure element-based implementation.
Apple, which offers a tight integration between the operating system and its own hardware, is able to offer a fully integrated solution that is superior to Android's approach.
In response, Google denied the allegation that it had made a security trade-off in implementing the HCE system.
"Our payments apps are immensely secure … our HCE system, which is used by a very large number of banks all around the world, is audited directly by the banks … we would refute the suggestion our HCE environment is in any way insecure," Google president of partnerships in the EMEA region Diana Layfield told the committee on Monday afternoon. "I would argue the user experience on Google Pay is equal to that of Apple Pay."
The Australian parliamentary committee is still considering the arguments submitted. Elsewhere, the EU is currently considering forcing Apple to open up its NFC payment technology, and earlier this year, Germany passed anti-money laundering legislation that requires Apple to grant payment service providers access to its technical infrastructure.
