ApplePay/AndroidPay - ANZ Has It, Bring The Other Major Banks on Board!

ApplePay, AndroidPay, SamsungPay - convenient methods of mobile payment similar to all the current "tap and pay" methods we do with our debit/credit cards. These technologies are also being integrated into apps and websites (something that the banks simply can't do as they don't have the ecosystems and amount of developers to support it) and will provide an additional layer of unprecedented security.

The difference? Our card details are never transmitted. Transactions must be verified by fingerprint/passcode. Secure random data is sent instead.

The benefits? Added convenience to save you time fumbling in your wallet (includes AppleWatch), increased security that protects your cards from having sensitive information stolen or being used fraudulently across terminals, apps, and websites (roll out in progress). It's big in the USA, UK (they even use it for their public transport system), and China! Australia, it's time to catch up!

In the USA, ApplePay/AndroidPay withdrawals at ATMs is about to start which means card skimming would become a thing of the past thanks to the additional security.

Make the major banks (excluding ANZ & American Express since they already have) hop on board!! Sign this petition:
https://www.change.org/p/commonwealth-bank-bring-applepay-an...

Please share and tell your friends!!

Make ourselves heard and let's put pressure on the big banks to allow us the convenience and security of this new technology :)

Comments

  • Using a credit card or debit card is not more secure? I'm a bit careful because of so many malware.

    • +14

      When using ApplePay/AndroidPay for example, the cards are stored securely and verified with the bank that you are indeed the owner of that card. To make a payment, it's quick and simple with your fingerprint required to complete the transaction. The merchant doesn't receive your name, card number, and doesn't see it either so chances of your card being used fraudulently are significantly reduced. Instead a random tokenisation number is produced and used for each transaction which makes it more secure. No card skimming, stealing of details for online purchases etc is possible. This is for both ApplePay and AndroidPay, and SamsungPay. no fumbling around for a card, and much more secure transactions. In the USA, ApplePay will soon be used at ATMs to withdraw money which effectively makes it impossible for card skimming etc.

      • +2

        Fingerprint not always required, made a payment this morning with Android pay. FYI

      • +7

        You keep saying that ApplePay/AndroidPay hides your name, card number, expiry implying these are benefits over tap and go. If you use traditional tap and pay, none of this information is seen by the merchant (merchants only 'see' the last four digits of your card number per PCI compliance, which is useful for corroborating proof of purchase).

        Honestly the time saved over tap and go is marginal at best. It takes about as long to get my card out and tap as it does to get out my phone and tap it with fingerprint. This is revolutionary in the States where chip and pin is still foreign, so tap and go itself is a huge step forward. Here, tap and go is the norm and what these providers offer is really 'you don't have to get out your card'. I have no doubt we'll do away with cards entirely at some point but that's really the only benefit they offer.

        • +2

          Actually, that's not the only benefit. ApplePay/AndroidPay also are starting to integrate into apps and websites. This is where the biggest benefit is. Those details you expose in online forms which include all your card details is now gone. Online fraud will be significantly reduced.

          At ATMs in the future, you will be able to access them via ApplePay/AndroidPay. No more card skimming. Just a secure tap and authentication with your phone. This is happening in the USA right now.

        • +4

          I hate coins, contactless payments are so much nicer

        • You don't even have to get your card out to use it.

          I just have to flip my wallet open and place it near the reader to use it, left side for ING (though now with the 2% cashback ending i wont need to use that as much), right side for other.

        • +1

          Those tap and go options are generally for < $100 are they not? Apple Pay has no such restriction.

        • @Praeto:

          No it doesn't. But how many >$100 transactions do you do per day? Saves you like 5s at most vs just paywave and pin.

        • @Jikx:

          Which is only 5 seconds faster than swiping and pin, but funnily enough 40% of sales are contactless now, so apparently people care.

          Personally I'm looking to leave as many cards as I can at home. I've already moved all my loyalty and membership cards on to my phone, as well as my work CC. I'm looking forward to moving my remaining cards on to the phone as well. They're unnecessary, when 90% of us carry a phone.

        • @Praeto:

          On mine anything above $100 can be tapped but will also require my pin

        • +1

          Can confirm, have lived in the US before at length, they don't even know what paywave is. Some merchants accept it but 90% of sales staff have no idea what it is or how it works, even when they offer it on their systems. Had an encounter at Walgreens where the assistant told me 'the wave thing doesn't work,' and proceeded to be flabbergasted when it did for my card. People were trying non-paywave enabled cards and thinking it was borked when it didn't do anything. I had no worries I'd be skimmed there, nobody uses it.

          Chip and pin is not that much better over their either; they still use signatures most of the time for unfathomable reasons, with ID all the freaking time. So 'the USA is adopting it!' is not a selling point at all. The US is super behind in CC technology.

        • @ceebee: I couldn't believe when I was in France that I was once again signing for everything like the olden days, let alone being able to use chip+PIN!
          And in Germany you are lucky if they even accept CC at all…

      • -1

        hmm, so thieves are going to start chopping off peoples' fingers as well now …

        • +1
        • -3

          @jkcat: It's not hard to fool the fingerprint sensor with 3D printer. Getting the fingerprint would be hard from screen per se (because you'd be missing bits and pieces), that said, chopped off finger (so your missing bits and pieces) I assume would be easier to work with.

          http://thenextweb.com/insider/2016/07/22/3d-printers-might-a...

          Though the point is, fingerprint is not as secure and people chopping up fingers to break into someone's phone might be more plausible than it seems.

        • +1

          @Oversimplified: If iPhone was equipped with those old fashioned optical readers then a fake finger might have worked. The 3D printer way is yet to prove itself per https://nakedsecurity.sophos.com/2016/07/25/police-ask-for-3...

          Fingerprint enabled payment is definitely not bulletproof secure, but I would say it's reasonably securer than the ordinary card based wave & go which barely has any security at all.

        • @jkcat: It's kinda moot point because I think the reason that they didn't go through with it is because iOS and some newer model phones "requires a passcode if you haven’t used fingerprint unlock in a given period of time".

          Anyways, I assume they've not given full information on it because it's an ongoing investigation, but straight from your link, it seems to me that they are on their way on making a replica for even "more sensitive capacitance fingerprint scanning technology" (which they have not linked to any phones on the article) that uses conductivity with "3D printed fingers with a thin layer of metallic particles" which of course, has not been tested yet.

          That said, even the capacitive ones seem to be prone to 3D printers to some extent (I assume newer ones are "more sensitive ones" they were referring to with the metal particle one), because Touch ID sensor on 5s was apparently conductive one, so is S5 I think (which all, according to your article, have been compromised before with 3D printer).Anyways, they have shown that they can fool the scanners on S6 (which does have Samsung Pay) and Honor 7 (which I assume can be used for Android Pay?). So yay, finger choppy time.

          Kinda think I went fear mongering mode, that said I do agree that fingerprints do provide some form of security and it's not the only form of security features that they can utilise nor use alone (i.e. pins to two factor validation in addition to fingerprints etc). That said people chopping up fingers to break into someone's phone might be more plausible than it seems.

        • so thieves are going to start chopping off peoples' fingers

          Not sure, but put it this way - if they ever introduce d**k recognition I'm not going to use it!

      • Using ApplePay with the watch really feels like the future. Double tap side button on the watch and tap the screen to the terminal. Takes 5 seconds max. Instead of using a fingerprint to authenticate your heart beat is used. Only wish I got the SS model coz now there's some really tiny scratches on the screen since I started using ApplePay :(

        • I've removed/minimised these sorts of scratches with meguiars scratchx automotive paint polish.

        • @YellowDieselGolf: You've repaired scratches on the screen using this? I might pop over to SCA and buy some after work today.

        • @epicttiimm:
          Yep. It's not magic though. If it's a deep scratch you'd probably have to sand the entire screen but polish can help take the edge off smaller scratches.

      • -1

        So if someone steals your phone they can make all the calls and buy everything with with your thumbprint hash? Sounds good!

      • +1

        You don't seem to be very well informed:
        -All payment apps use tokenisation
        -Fraud rates on Apple Pay are no lower in Aus
        -Some bank apps (e.g. ANZ Mobile Pay) do NOT require the phone to be unlocked

    • I like the idea but nothing more convenient than open up the wallet, grab the card and tap.
      Unlock the phone, select the app is too many steps for me ;)

      • It actually is more convenient.. You simply sit your phone on the terminal with your thumb on the scanner, and that's it. You don't need to unlock the phone or open anything. It takes 0 clicks. The only time you need to do anything at all beyond hold your thumb on the fingerprint sensor, is if you want to change to a different credit card.

        • Yeah, I got three cards two banks to use in different purpose.

        • @boomramada:

          I use three at the moment, and it just requires flicking up or down to the other cards.

  • +1

    whats the difference between these and the banks apps ?

    • The bank apps require you to unlock your phone, open their app, login, and then you can Tap and Pay (only available on certain Android devices). It's quicker to whip out your card. Your name, card number, etc are still provided to the merchant and can be seen by them. On ApplePay/AndroidPay/SamsungPay, you can quickly access the cards from your lock screen, verify the payment with a fingerprint, and none of your details are sent to the merchant and cannot be visible to them either - each transaction generates its own randomised token for extra security which reduces fraud significantly.

      • +2

        yup i just read that , but is it not apple/Samsung/google that is making it hard on the banks to use this tech , trying to force them to use applepay/androidpay instead of their own ?, are there not fees involved to use this ? and the petition is a joke , you are looking for 100 signatures ?

        • +1

          The website sets a default requirement which cannot be edited. As it reaches each milestone set, the target automatically increases. I don't think it's Apple/Google/Samsung making it hard at all, they provide the hardware, they provide the software, partnered with Amex/Visa/MasterCard they provide additional security which reduces fraud significantly which costs the banks a lot and consumers headache. If ANZ was able to strike a deal, then I'm sure there is not much holding other banks back. Major UK banks, American, and even Chinese have been able to strike deals. What's stopping the rest of our major ones?

        • -3

          @Lion007:
          ok did not know that about the petition, my bad.

          and im still concerned with the hidden cost of this.
          and what makes this safer ? its a untried system , CC's/Debit cards where not commonly skimmed on the first few days/years..

        • -1

          @Settero: There is no hidden cost really as the Govt has now set fixed percentages that banks/retailers can charge on transactions starting later this year for big organisations and from next year for small/medium organisations/businesses. That's my understanding.

          Basically, it gets much tougher to crack (nothin is impossible I guess!) since each transaction you do through ApplePay/AndroidPay hides all your personal card details (name, card number, expiry) and generates a random secure number each time which is authenticated with the terminal. A random number ("token") is generated each time you do a transaction. They are rolling this out to ATMs in the USA which will make stealing card details etc extremely difficult. Hopefully comes here one day!

          Be it people switching banks, signing the petition, or people like yourself becoming more aware of this technology, I'm glad it generated some awareness :)

        • @Lion007:

          the only real way to truly form ones own opinion on a topic is to question it.

          and i get it that we as consumers wont pay more , but what about the banks ? and i do not ask that because i care about the banks , but if the banks start losing profit , we all tend to pay for it one way or another.

          and really the more i read about it the less i feel it is necessary or even that usefull but im not silly enough to think it wont become "popular" and be implemented, i just cant wait for the whole "applepay scam" youtube channels to pop up ( similar to the paypal/ebay scam channels )

          i really just wish you could do this with your own banks apps instead of having to get a 3rd party involved, that is pretty much my biggest concern.

        • -1

          @Settero: The way I see it, having to unlock a phone, open the banking app, wait for it to load, login, then tap and pay whereby data transmitted is basically the same as pulling a card out of your wallet and tapping, is slow. I would rather just tap and pay with my card then.

          In regards to costs, my view is that right now the banks have to spend $$$ on developing their apps, making them more secure, and constantly updating to ensure their app method of tapping and paying is compatible and working well. With details not being secure, losses with fraud would occur too - be it digitally thru their app since all info of the card is transmitted, or by actual use of the physical card. In a way, we are probably already paying for this one way or another as customers.

          By letting Apple/Google in conjunction with Visa/MasterCard take care of the software/security - their app development costs, fraudulent claims reduction, would be significantly reduced. Also, having the convenience of quickly being able to pay may result in consumers transacting more than usual, resulting in more transaction fees for them. How much of a cut they give Apple/Google, that's up to them since they command most of the power here in Aus I guess.

          Have to go, thanks for the discussion! Have a good day :)

      • You don't have to open the bank apps, it's unlock the phone and Tap and Pay (that's what NAB and Commbank ones were like, though it's been awhile since I've seen my gf using her phone for Tab and Pay, so I might be wrong with Commbank).

        The point I am trying to raise is, I do like the idea of more banks supporting Apple Pay, Android Pay and/or Samsung Pay. That said, bank apps are not as awful as you are making them sound like in terms of usability. Settings under NFC even let you choose what bank app should be opened for payment when you tap the phone to the card reader.

        • True, I just discovered this. However there are plenty of iPhones in use and that'll never happen with Apple. Further, the added security for the integration of ApplePay/AndroidPay in apps and websites where all your details are exposed in normal circumstances and submitted will become a thing of the past. That's a huge benefit in security. Plus ATMs where card skimming becomes non existent (rollout has started in the USA)

        • @Lion007: If you do look at my comment, I did say I like the idea of more banks supporting "Pays". I was just saying that bank apps are not that awful to use like you were saying (with manually opening it, waiting it to open, yaddi yadda).

        • +1

          @Oversimplified: the NAB app is terrible I use it everyday.

        • @billybob1978: Do you need to "unlock a phone, open the banking app, wait for it to load, login, then tap and pay" or is it just unlock the phone and tap to pay?

          I do agree that NAB bank app's kinda awful (for awhile it was the only one that was causing issues on my phone), but the point I was making is, process is not awful like that. NFC doesn't work when the phone is locked, unless you root your phone and allow NFC to work (I believe it was for security). They (Samsung or Google) may have loosened that for the "Pays", I have my doubts on that though.

        • @DisabledUser134838: oh I wasn't talking about "tap and pay" (didn't even know NAB had it???) but the app overall.

  • +4

    Joining Apple Pay isnt a quick thing.

    Reading all tthe press indicates that ANZ wrong footed the other banks here in Oz.

    The best survey is to switch to ANZ, then the other banks will get the message more than your little petition

    The other banks will take 6-12 months even if they decide today. Back end systems that need checking etc before the switch.

    And probably one or or more are already planning this given the ANZ is reported to have good number switched over.

    • Of course! Switching is the easy answer and as you've stated, a good number have switched over. Including me! This petition is to just add some additional pressure because not everyone wants to switch banks depending on their various financial setups. If the petition gains traction, it's an added bonus. Hopefully the backend isn't too hard to setup for ApplePay/AndroidPay since they'll just need to be able to verify cards and all current Visa/MasterCard tap and pay terminals seem to be compatible already. Fingers crossed!

    • Apple was asking a fortune in fees so none of the banks wanted to use it. ANZ was the first to waiver.

      • Apple reduced their fees according to rumours, at least this is what happened in the UK. The same is happening with AndroidPay. I doubt ANZ would have sacrificed much of their transaction fees to Apple and Google, the plus side being a reduction in losses due to fraud. I notice ANZ even have "tap" at ATMs now to access their ATMs. ApplePay/AndroidPay for ATMs support can't be too far off like in the USA which would make it even more secure.

    • I've been a Commbank customer for decades, and I just cancelled my card with them and moved to ANZ. Hopefully if enough people do it, they'll get the idea.

      • Im a longtime Commbank guy as well. Just got a American Express issued card and now have Apple pay.

  • +3

    Not too fussed about this. Whether I take out and quickly tap my card or my phone makes no difference to me. It is just another way for Apple to make money from me.

  • +3

    ING Android Pay is coming next month, so the 'Big 4' can shove it.

  • +2

    I feel like it'll be a bit awkward having to hand your phone over at a drive thru window or passing it through a slot at the night counter of a petrol station etc. Big potential for damage there as the drive thru person has dropped my card a few times but I suppose you can always bring a conventional card as backup.

    • +2

      They should have EFTPOS machines that are portable in that case, like the ones at DJs.

    • +1

      You can't actually hand your phone through to an EFT terminal as your fingerprint/passcode (or wrist if you are using a smartwatch such as the Apple Watch) would be required for verification. Most of these terminals at drive throughs are now wireless or have a long wire so the assistant can bring the terminal to you.

      • In case you're not aware, fingerprint sensing isn't required to use AndroidPay with ANZ. I don't even have to have my phone unlocked, I just have to have the screen on and then place it on the card reader (though I personally don't use this option). In the last year I've had to hand over my card to several fast food places and just last week I had to pass my card through the night counter of a Caltex petrol station. My point is there are still situations where only having your phone to pay with will make the process more difficult. I'm still all for people having the option to pay with their phone but I'd definitely recommend a physical card as a backup for now.

        • Those would definitely be annoying situations! As software is updated over the course of the year, I expect these incompatibility issues to cease. Definitely agree having your card as a backup is a good idea :)

        • Correct me if I'm wrong but you would have to have a physical card as well, as not all businesses have the paywave available or working.

  • +6

    i have samsung note 4 edge and westpac have had this feature for quite a while but i never use it. like matt12321 said cannot be bothered using it, tapping my card is much easier

    • +1

      For Citibank Users, SamsungPay is already available. However, certain terminals cannot use Samsung Pay, for example, I would imagine like CostCo Petrol where you actually have to insert the card.

      So what I did was get a phone case (and my Note 4 was an excellent size) that has a slide on the back of it and put in two cards. One for example is Licence and one is my Citibank Credit Card.

      All I did then tap and pay for all terminals as normal and for CostCo Petrol, I opened the slide and grab the card and put it in as normal.

      Best of both worlds!

      Example of such case.

      https://www.amazon.com/Spigen%C2%AE-Shimmery-Advanced-Absorp...

    • The feature is slightly different in that you would be using AndroidPay, and as that is rolled out thru development into apps and also websites, your personal data will be much more secure as it won't be visible to anyone.

  • HSBC user here. No Android Pay :(

  • If you've rooted your android device to gain root access then you'll never be able to use mobile pay apps anyway as KNOX will lock you out, they also don't work if your phone case has magnets in it (ie: those wallet / phone combo cases that you see on Ebay).

    • Systemless root doesn't trip KNOX and is an option.

      • Unfortunately that still won't work. Android Pay and banking apps don't actually use KNOX to verify device security, they use Google's "SafetyNet API" which still detects systemless root

        • I don't understand. Android Pay works fine on my Nexus with systemless root.

  • +2

    Signed! Yes the banks are a bit behind the rest of the world by the looks.

  • I'm happy with the Commbank App. The only thing 'missing' is faster access and fingerprint support, but even then, it's not a huge deal to me.

    • -1

      How do you pay for things in store using the Commbank App?

      • With NFC? It's functionally similar to Apple / Android Pay, and it's been there for years.

        • -1

          Whilst it does work not too badly thru the CommBank app on certain android devices, the CommBank App Tap & Pay does not provide the added layer of security whereby ApplePay/AndroidPay do. Commbank's tap & pay mobile is just a replica of the card, whereas the other solutions don't transmit your card data but replace it with random numbers ("tokens") for each transaction. Let's keep pushing them to upgrade terminal software and releasing alternatives that give us more security for not only tap & pay, but online transactions too - be it for the card or for the mobile. We work hard for our funds, we deserve the best security solutions :)

        • My question was genuine, not sure why I was downvoted -_- All I knew about was the faux-NFC solution of that little card CBA gives you to stick your phone.

        • @Lion007: this is incorrect. When I turn on the tap and pay on Commbank app it issues a "token card" with a different number from my real card. Same thing with Android Pay.

        • @GalaxyNexus: I read about this being the case with NAB on their website, yet not on the CommBank one. Still, these banks don't have the capability to be integrated for payment into apps and websites the way ApplePay & AndroidPay will be since they are a standard developers can easily utilise and results in more security

        • @Lion007: obviously you don't know what you're talking about. Commbank doesn't make a replica of your card, rather it create a new virtual card exclusively for tap and pay. So if anything goes wrong then you always know where the problem happens. Even if someone dodgy intercept your card data then it's very unlikely they can do anything about it and Commbank can always cancel the virtual card and generate a new one. On the other hand, Apple pay or Samsung pay has to get all your card details to generate the token so there's always risk of these information being intercepted if your phone is compromised. And if that happens your gonna need your bank to issue a new one.
          And there're heaps of other things you can do with Commbank app that Apple and Samsung can't with their fancy service, like getting your balance and transactions details, cashless card or transfer money to someone else. Get yourself stuck to Apple pay or Samsung pay and you still need to use your bank's app anyway.

        • @lgacb08: CommBank doesn't easily show me that this is the case on their website. Can you please show me? NAB makes it easy to understand from their website that they use tokenisation. In the event CBA do use tokenisation, that's great! From my understanding, Apple in particular use their secure enclave on device to store card details then need the card to be verified by the bank. After that, all transactions are through the security of the secure enclave. CBA can't do that. They have to rely only on the security of their app.
          Agreed, CBA's app allows for transaction look ups etc. But I don't think ApplePay or AndroidPay are trying to be that. Just a focus on payments - not only at the terminal, but also online.

  • +1

    Signed…totally agree can't wait until all the banks are onboard. Will even consider getting an ANZ credit card if they don't.

    • Thanks for signing, please share! The more momentum the petition has/people talking about the issue, the quicker change is to occur :)

  • +1

    I don't think petition should be primarily aimed at CommBank. They're the ones most desperately clinging to their own crappy solution and probably least likely to budge.

    Should take aim at all banks equally IMO.

    • The petition has all banks listed, Commbank being "called out" since they have been most vocal against ApplePay/AndroidPay

      • +1

        Because Commbank has the most advanced platform and they've been doing it for years even before apple think about fitting nfc into their device. So they deserve their credit. Apple just think of us the same like the retarded banks in the states who still stick with swipe and sign and think that they can come here to enlighten us with their fancy platform while we've been enjoying contactless payment for years.

        Of the big four, ANZ is the most retarded so it's understandable that they decided to back down and go with apple/samsung, otherwise it'd take them another decade to come up with an usable smartphone app. So there's nothing to praise about them. Similarly to citibank, oh they're even worse

        • CommBank has built their platform on iOS and Android. They have evolved over time and their app is undoubtedly the best banking app out there in Aus. So why not continue evolving and remain at the forefront and allow payments thru ApplePay & AndroidPay? ANZ has a bad app, but credit is due for deciding to innovate in the payments space.

          In the UK, tap & pay has been prominent just as much as here and all their major banks and public transport system are on board. Their fee rates are similar to here as well. Why didn't they fight?

          CommBank can't integrate into apps and websites for secure payments the way ApplePay and AndroidPay can. This is where these systems will make the most impact. CBA have a great banking platform, but not the kind of ecosystems where developers all around the world would be willing to include them. The benefits in security and reduction of fraud is great for consumers and even banks.

    • Cheers for the read!! The petition was created in response to the banks going to the ACCC. Not only are they taking Apple on, but Google too since they won't adopt AndroidPay either.

    • +3

      To me it seems like the banks are crying poor. Boo hoo

  • Tried it just now and it failed. So embarrassing since I didn't bring any cash/card.

    • Tried it where?

      • I tried it at my local takeaways. It worked fine at woolies few days ago.

        • +1

          I think it depends on which scanner they use. Not sure on the exact ones but pretty sure they need to be the newer models.

        • +1

          Yea it depends on the actual eftpos machine. Some Samsungs support the magnetic strip (MST Capabilities) in case the NFC chip doesn't support your phone.

  • +1

    I don't really like to use the phone to tape on the terminal. I like to pull out the card from my wallet just to show off my LV wallet and some of the Platinum and Black cards I applied to get the bonus points haha.

    • +1

      *tap

    • Currently there's no digital solution for that unless you get your phone plated in the finest gold lol

  • +1

    Signed it.

  • I have my citibank credit card registered with Samsung Pay. The commbank app also has electronic cards and uses NFC.

    Android pay is pretty irrelevant to me at this point.

  • Give me a +ve vote if you have never really thought about/cared about, how long it takes to pay for something.

Login or Join to leave a comment