​Apple: Oz bank NFC demands would set ‘troubling precedent’ for iPhone security

Apple has hit back at a petition from three of Australia’s major banks to collectively negotiate with it over access to iPhone hardware.

The iPhone maker has argued that if it gives into the Australian bank’s demands for access to the Near Field Communications (NFC) chip on the iPhone, it would set a “troubling precedent” that could undermine the iPhone’s security.

Apple was responding to a July application to the Australian Competition & Consumer Commission (ACCC), by three of Australia’s big four banks: National Australia Bank (NAB), CommBank (CBA), and Westpac (WBC).

The banks sought special permission to join forces in talks with Apple concerning access to the NFC chip on iPhones. The petition was filed three months after ANZ — which is not participating in the ACCC application — broke ranks to become the only 'big four' Australian bank to support Apple Pay.

While Apple is a dominant player in Australia’s smartphone market, Apple argues in its response that Apple Pay is a new entrant to a payments market otherwise dominated by Australian banks.

The three Australian banks are contesting interchange fees that occur between the bank that issues cards to consumers and the acquiring bank that handles a merchant’s transactions. The banks also want access to the iPhone’s NFC chip so that their digital wallets can use Apple Pay with equivalent functionality to Apple’s own wallet — the only wallet that does have access to the iPhone’s NFC chip.

The banks argued that Apple’s stance on NFC access set it apart from Google, Samsung, and Microsoft, which do provide access to NFC chips on certain devices.

They also cited the experience in Switzerland of the recent Apple Pay roll out: a digital wallet called Twint, backed by Swiss banks, UBS and Credit Suisse, uses Bluetooth to achieve comparable contactless functionality, but it is constrained by the fact that Bluetooth at payment terminals isn’t as widely supported as NFC.

The banks frame Apple as a monopolistic third-party digital wallet provider, which due to its scale and control over hardware and software, “could be in a position to negotiate terms that would be likely to result in reduced competition and innovation, and increased risk in the security and transparency of mobile payments.”

Apple’s reply, penned by Marj Demmer, a former senior exec in ANZ’s cards and payments division, said the complaining banks didn’t understand Apple Pay.

“The applicants rely on innuendo and misstatements to support their application. Most have little direct insight into Apple Pay or Apple’s terms,” wrote Demmer, who called out one bank for refusing to sign a non-disclosure agreement that would have given them privileged access to Apple Pay’s technical details.

“Now they ask the ACCC for explicit permission got negotiate with Apple as a collective group. The goal of which is to force Apple and the third party providers to accept their terms, allow them to charge consumers that choose to use Apple Pay, and force Apple to undermine the security of its mobile payments service by opening access to the NFC antenna.”

Join the CSO newsletter!

Error: Please check your email address.

Tags CBAWestpacANZACCCCiPhone securityUBSNABApple PayAppleNFC paymentsNFC payment security

More about AppleAustralian Competition & Consumer CommissionCredit SuisseGoogleMicrosoftNABNational Australia BankNearNFCSamsungSwitzerlandWestpac

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Liam Tung

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts