Collective bargaining with Apple would enhance security, APCA says
Banks bargaining collectively with third-party mobile wallet providers over security standards would provide a net public benefit because it would promote greater safety, according to the payments industry peak body.The Australian Payments Clearing Association has given its support to the banks' application in a submission to the Australian Competition and Consumer Commission. While attention has been focused on the banks' bid to gain access to the NFC chip in Apple's iPhone, APCA said there were also important security issues raised in the application.The applicants - Commonwealth Bank, Westpac, National Australia Bank and Bendigo and Adelaide Bank - want to bargain collectively with third-party wallet providers in order to maintain what they describe as "consistent and best practice standards relating to fraud management, security and identification and verification in mobile payments."The applicants want to require third parties to comply with any agreed industry standards or guidelines that may be in place at the time of negotiation.According to their application, Apple's bargaining power and negotiating strategies have resulted in Apple Pay being introduced in other countries in circumstances where security falls short of best practice."Third party wallet providers focus on the ease of customer experience. There has not always been the same emphasis on the security of loading credentials," the application said.The applicants argue that high security standards and an open system go hand in hand and they point out that "studies show that customers are worried about the security of mobile payments.""In Canada major issuers were committed to standards of security but were unable to insist on these standards when faced with individual negotiations on a take it or leave it basis," the application said.APCA has developed third-party digital wallet security guidelines, which provide members with a statement of voluntary industry best practice.They are also a frame of reference for implementing third party wallet tokenisation services. And for managing fraud risk, data transaction security risks and privacy risks inherent in third-party mobile wallet implementations.APCA said in its submission: "It is our view that the adoption and use of the guidelines by members and third parties will promote the safety and security of mobile payments in Australia and mitigate liability for fraud and unauthorised transactions."We support the [banks'] application on the basis that a common set of security standards will provide net public benefits to all parties in the mobile payments ecosystem."