There have been on-again, off-again rumors about NFC capabilities in Apple’s iPhone for years. Recently the dial swung to “on” when a patent surfaced that combined a novel fingerprint sensing tech with an NFC sensor–with some added spin considering Apple seems to be using this system to read your fingertips. But, sadly for some, there is no NFC in the new iPhone 5S. That’s because Apple has iBeacon.
iBeacon was a tiny throwaway detail on a slide Apple showed about iOS 7 during its WWDC presentations earlier this year. But as GigaOm points out, more details about the service have emerged thanks to Estimote–a company that plans to integrate with the iBeacon system.
The key phrase to bear in mind about iBeacon is probably new for you: micro-location. We’re all aware that location-based services (LBS) are a very rapidly emerging trend, be it “check-in” type services like Foursquare, or Apple’s “apps popular near me” feature in the brand new iOS 7 App Store refresh. The principle behind these services is simple: If your device can tell where you are with reliable accuracy–say within a hundred yards at least–it can use this information in some way to either deliver you relevant information about your locale, or it can tag some piece of information you’re sharing online with the location so it can be used by other users or services. But using a-GPS and Wi-Fi technology (such as navigation systems use to get you from A to B and which some department stores use to track the whereabouts of their patrons) means this sort of LBS isn’t a wonderfully accurate system. And since there’s not necessarily much security built in to these systems, there’s a problem with positive authentication of a user’s identity.
That’s one of the issues NFC payment technology can tackle. It’s effectively an incredibly precise “micro-location” system that positively identifies a user from data in their phone or, more simply, their NFC-enabled credit card. It works wirelessly and over what are typically very short ranges–such as the air gap between your NFC phone and a payment pad at a cash register in a store. During NFC payment transactions a simple process takes place: The register handshakes with the phone or credit card’s circuitry over radio. The phone or credit card detects the signals, and responds with a coded answer that contains the user’s payment data, and acts as a de facto authentication device. The NFC system is saying, effectively, the user identified with this payment data is the real owner.
But this is a very simple interaction between cash register and payment device. It’s a modern analog of the chip-and-PIN system popular in Europe, where the card reader interrogated an encrypted chip embedded in the card, and it works in a similar way–just offering the bonus of a slightly speedier interaction because you don’t have to plug your card into a slot. NFC isn’t capable of very much more than this.
And this is where iBeacon comes in. It’s based on Bluetooth Low Energy technology, which is a new variant on Bluetooth that works over shorter ranges than the typical 20-plus yards “normal” Bluetooth is capable of. This allows it to be run with a much lower energy burden on devices, which can run for significant periods off the equivalent power of a small wristwatch cell. Bluetooth is, of course, a wireless data channel that can handle much more bandwidth than a typical NFC interaction–it is powerful enough to carry live stereo audio signals, for example.
When BLE is applied to a payment system there’s a lot of potential for more sophisticated interactions between the payee and the merchant’s computer systems. For example, if you enter a store that’s equipped with a BLE-powered iBeacon device, you would be carrying your smartphone into a sea full of radio waves. iBeacon would immediately know that your phone is within a very short range of the beacon itself.
At this point a number of things could happen: Your phone could get an alert telling you of the special offers of the day, or share a special dedicated coupon that’s tailored to your needs, based on your previous shopping data. The iBeacon system could also direct you to the right part of a store to find a particular product–acting as “indoor GPS” if you like.
It’s also easy to imagine that wireless or “touchless” payment systems would work very swiftly over iBeacon, because the beacons authenticate a particular user by their phone’s unique codes and confirm that they’re in a particular store–perhaps even standing at a particular cash register. There would be no need to swipe a card or even bump your phone against a sensor to share your payment data because that could all happen over a secure Bluetooth interaction without you even having to get your phone out of your pocket.
If you think that’s fanciful, then remember Apple’s EasyPay service which has evolved to the point that for some Apple stores, iPhone users don’t even have to speak to an employee or visit a cash register to make a purchase: They use the App Store app on their phone, scan the code of the item they want to buy, authorize a payment over their iTunes account, and leave the store.
And there’s one last trick that the new iPhone 5S has in favor of a mobile payment system using wireless services like iBeacon: positive user identification. This could come courtesy of the phone’s built-in fingerprint sensor, which means the iBeacon system has the following set of authentication data: The user’s phone is physically present in a retail location; the phone is properly ID’d, and shares coded payment data in the right way; and that the user of the phone, and thus the owner of the payment card, is positively identified as being with their device. Added together that equates to a level of security that makes credit card signatures on a slip of paper look positively medieval in comparison. Even an NFC payment interaction looks unimpressive compared to this.
There’s just one problem, although it may be more of a perceived threat than a real one. The iBeacon service relies on an iPhone user (or, presumably an Android user with a BLE-capable phone that’s running the right app) sharing their data over the radio. Without the ability to handshake automatically with a store’s beacons, the service won’t offer any value to the user…but the user may be concerned their data could be stolen, or “officially” snooped on, or remotely hacked and exploited for criminal purposes. With the right kind of encryption, however, the hacking and theft issues go away. And if users are concerned about data surveillance, then they’re better off not even using credit cards.
If Apple plays its iBeacon cards right, it could even turn out to be the best kept secret superpower of iOS 7 and the iPhone 5S. All sorts of payment systems and LBS facilities could be created–the most interesting of which we probably can’t imagine right now. And where Apple beats a path to the future, other firms will likely follow.
And yes. That is a very big “if.”
[Image via Flickr user: Sigfrid Lundberg]