The Australian Parliamentary Joint Committee on Corporations and Financial Services questioned Apple on Monday about its third-party access approach to the NFC capabilities of its iPhones. Apple Pay competitors in the country claim that Apple’s NFC access restrictions are stifling innovation in the contactless payment technology space.
The committee is hearing arguments from Apple, Google, and other companies over whether Apple should open up access to the iPhone’s near-field communication (NFC) chip. Australia’s big banks has long sought access to the NFC chip on the iPhone.
Apple, in a written response to the committee, said it “provides banks with access to NFC functionality on Apple devices” through Apple Pay, which is “available to all banks in Australia on fair and non-discriminatory terms.”
Apple has developed a technical architecture that comprises hardware and software components and application programming interfaces (APIs) that banks can use to facilitate contactless payments with their cards and mobile banking applications.
Apple chose to call this architecture Apple Pay because: (a) merchants need a simple way to communicate their acceptance of the service to consumers both in store and online, (b) Apple wished to facilitate consumer choice of payment method / bank by providing a consistent and simple experience, and (c) it allowed Apple to market the service to consumers without having to preference one bank over another.
Apple cited security as one of the reasons it doesn’t support alternatives to Apple Pay.
Host Card Emulation (HCE) is a less secure implementation, which was adopted by Android … Apple did not implement HCE because doing so would lead to less security on Apple devices. Google likely selected this implementation because Android software is used in a variety of hardware devices offered from many different companies other than Google, and therefore had to select a software-centric solution, even though it is less secure than a secure element-based implementation.
Apple, which offers a tight integration between the operating system and its own hardware, is able to offer a fully integrated solution that is superior to Android’s approach.
However, Google denied that it had made a security trade-off in implementing the HCE system.
“Our payments apps are immensely secure … our HCE system, which is used by a very large number of banks all around the world, is audited directly by the banks … we would refute the suggestion our HCE environment is in any way insecure,” Google president of partnerships in the EMEA region Diana Layfield told the committee on Monday afternoon. “I would argue the user experience on Google Pay is equal to that of Apple Pay.”
The Australian parliamentary committee is still considering the arguments.