248 comments

[ 3.9 ms ] story [ 244 ms ] thread
Apple becoming a bank makes some sense. It can start quite innocuous, with iTunes balances being integrated into Apple Pay somehow. Soon, allow transferring such credit between users. "Gift your friends iTunes credit right from the app."
> Its legendary $120-150Bn in cash

For all the dramatic prose in this article about Apple's finances, they managed to miss by a fair bit on how much cash Apple has.

It's closer to $215 billion. $16.6b in cash or equiv, $21.3b in short-term, $177b in long-term marketable securities (most of which can be converted to cash relatively quickly, so when calculating Apple's cash pile that is commonly included).

If you remove their $53b in long-term debt (which has a very low interest cost on it) you get $162b. The article didn't specify that it was subtracting debt of course.

FBI only needs Apple signing keys. And as lavabit showed - they can compel Apple to produce them.

Apple are a big company - they cannot be trusted by default. And banks right now make their money in two ways - gambling with the money of the rich and using all kind of creative late fees to prey on the poor. Neither of those requires uber secure pocket ATM.

That's incorrect. The major US banks today do not primarily make their money from either gambling with the wealth of rich people, or from low income banking. Not even remotely close.

The second largest business for Wells Fargo - America's most valuable bank - for example, is wholesale banking from businesses with at least $20m in sales, where they get about 35%-40% of their profit.

You'll find that an extremely small percentage of profit is derived from 'the poor' in Wells Fargo's business (the same holds true for Citi, BofA and JP Morgan). Their community banking segment, which targets the median and higher, is their prime profit center, contributing about 60% of their profit. You don't earn $23 billion per year in profit on late fees from the poor, very few of whom have accounts with Wells Fargo to begin with.

One very quick look at the largest financial services companies that do target the relatively poor, reveals how little profit there is in that segment compared to what the big banks do. It doesn't scratch the surface for a company the size of Wells Fargo.

> That's incorrect. The major US banks today do not primarily make their money from either gambling with the wealth of rich people, or from low income banking. Not even remotely close.

For US banks - 42.3 billion collected in account fees over 12 months, 32.5 billion of which were over-draft fees. So yeah, quite a bit of it they do.*

[0] time.com/money/4071290/bank-overdraft-charges-fees/

I'm sceptical about this. The reason is that all banks in the US are subject to rather stringent know-your-customer regulation. They have to obtain documentation on their clients, which by law can be shared with the authorities. As far as I know, this makes it rather simple to trace the flow of money, at least domestically.

If Apple were to become a bank, I don't see how they would get around those regulations. In fact, I'm pretty sure that once Apple were to become a major financial institution, the authorities would certainly ask for access to data on financial flows -- and given the state of legal affairs, might have a much stronger case.

(Remark: I'm sceptical about Apple wanting to become a bank being the reason for the Apple vs. FBI conflict. I think it is nonetheless plausible for Apple to become a bank.)

I would second your remark. I think this issue is more complex with many more interests in play and Apple can create various advantages from appealing more trustworthy to customers. Nevertheless I'm very opinionated that none of the major causes is being genuinely concerned about privacy (until it is theirs) as some were championing them, especially their CEOs.
That doesn't conflict with his argument, which doesn't really make sense until the final paragraph.

He's arguing that the FBI backdoor would introduce an unacceptable backdoor into a hypothetical Apple "Bank" which bad guys could exploit.

Not sure I agree with that argument either, but it is orthogonal to your valid point about know-your-customer.

I think the argument is a bit more vague than that, quote the article:

"And this is why Tim Cook is willing to go to the mattresses with the US department of justice over iOS security: if nobody trusts their iPhone, nobody will be willing to trust the next-generation Apple Bank [...]"

All the author is talking about is a general perception of trust, not any actual backdoor.

He also mentions the phone as a tool for payment:

> I'm going to assume you know what Apple Pay is: you use your iPhone, iPad, or Watch as a trusted, authenticated identity token in a shop to pay for stuff. It ties into your bank account and basically your phone swallows your debit and credit card.

I thought that was fairly explicit. If the phone (or watch...) is going to be the primary tool of payment than its security is paramount. Apple wants at least the same level of protection against tampering as the chip inside a modern credit card.

Note that there is already a bank called Apple Bank [0] and a software product called iBank [1]. So what are they going to name their hypothetical Apple-computer-financial-institution?

[0] https://www.applebank.com/ [1] http://www.ibank.com/

Well, they could just buy applebank and ibank. There's quite a bit you can do with $0.1 trillion dollars.
They could just tell them to change their names, "It's not that big a deal."
There was a Cisco IPhone[1] before there was an Apple iPhone, Apple somehow made it work[2]. Apple Computers had also signed an agreement[3] with (the Beatles') Apple Corp in the 80's not to enter the music business, but they did[4] and also made it work[5] after breaching the agreement. Having piles of money can solve a lot of disagreements

1. https://en.wikipedia.org/wiki/Linksys_iPhone

2. http://www.networkworld.com/article/2295551/network-security...

3. https://en.wikipedia.org/wiki/Apple_Corps_v_Apple_Computer#1...

4. https://en.wikipedia.org/wiki/Apple_Corps_v_Apple_Computer#2...

5. https://en.wikipedia.org/wiki/Apple_Corps_v_Apple_Computer#2...

I am pretty sure Apple has enough pocket change to buy both of them with their morning coffee.
Yes, I'm sceptical too.

I think the article is mixing up banking with payment processing (payment processing is an important but small part of retail and wholesale banking).

Retail banks make most of their money by charging for loans - either individual overdrafts, personal loans or coporate loans. For apple to be a profitable bank they would have to start assessing businesses and individuals for creditworthiness. It seems quite far from their current business model and not obvious why they would want all the regulatory oversight that comes with it.

>I think the article is mixing up banking with payment processing (payment processing is an important but small part of retail and wholesale banking).

Well, if not a bank something like VISA.

They're better capitalized than most banks and have nearly the entire infrastructure set up for end to end payments processing, I'm proposing acquiring Square to complete their processing arm. So why not be a bank AND a payments processor? They can run the bank as a separate entity and not have the regulatory scrutiny come down on the whole company.
>I'm sceptical about this. The reason is that all banks in the US are subject to rather stringent know-your-customer regulation. They have to obtain documentation on their clients, which by law can be shared with the authorities. As far as I know, this makes it rather simple to trace the flow of money, at least domestically. If Apple were to become a bank, I don't see how they would get around those regulations.

They wont.

But that's about Apple Pay transactions, which are logged into their central servers anyway, and will be given to the government when asked, as all banks do.

This is not about data on Apple Pay transactions, but about Apple Pay's security itself.

You wouldn't use an easily compromisable phone as your be-all-end-all wallet, the same way you wouldn't use an insecure banking portal.

If the article's point is just that Apple wants to maintain customer trust in the security of the iPhone, well, Tim Cook has stated exactly that numerous times. I don't understand why it took a whole post full of ill-considered speculation about banking to echo that sentiment.
>If the article's point is just that Apple wants to maintain customer trust in the security of the iPhone, well, Tim Cook has stated exactly that numerous times. I don't understand why it took a whole post full of ill-considered speculation about banking to echo that sentiment.

Obviously because the whole point of the article is not to merely echo the sentiment, but to attempt a guess at the reasons behind it.

Do we really need a secret Apple bank plan for this to make sense? Heck, millions of people already bank on their iPhone, using apps.
Banking systems don't need impenetrable security for people to use them. People pay online and use online banking every day from easily compromisable laptops. They do so because banks and credit card companies have good fraud coverage (unless you're negligent).

I think the real reason for Apples worry is that they want people to trust the smartphones for way more then just payments, for instance Health information. And people might just end up much more reluctant to do so if they know the phones are easily hackable.

> Banking systems don't need impenetrable security for people to use them. People pay online and use online banking every day from easily compromisable laptops. They do so because banks and credit card companies have good fraud coverage (unless you're negligent).

Author's claim was that they defend security of their platform to outcompete other payment processors on fraud insurance costs.

Apple Pay transactions are not logged on Apple's "central servers". Apple has absolutely zero insight into what you buy with Apple Pay. The tokenization protocol is run by the card networks, not Apple.
Well, that's orthogonal to the argument.

Wherever they are logged, they will be available to the government -- Apple doesn't care about those data, but about the security of Apple Pay.

>As far as I know, this makes it rather simple to trace the flow of money, at least domestically.

Only for the FBI/law enforcement though. A backdoor has no such restrictions, making a backdoored iPhone vulnerable to attacks by black hats.

Pity Apple don't have a widespread network of retail storefront locations....
It's an interesting line of thought but I feel like there is no indication Apple execs really think this way. It still seems to me like they think they're a consumer electronics company. Tim Cook and Jony Ive slavering over entering the financial industry, I just don't see it.

When you're analyzing something, "follow the money" is always good advice. But I think it's much simpler here, following the money just means that at this point, Apple is the iPhone company, and they're going to do everything they can to guard that business. That's why they went so berserk with lawsuits regarding Android.

They are into cars, too.
Which are essentially consumer electronics in 2016.
They are into cars, too.
>It still seems to me like they think they're a consumer electronics company

It's their bread and butter, obviously.

But as the article makes clear, there is a specific type of problem associated with having as much money as Apple does, and it becomes a business in itself trying to manage those finances. Eventually, if it hasn't already, that management becomes the business, whether Jony Ive wants it to be or not.

Still, an executive can only do so much in a day and I imagine their time is used up on the electronics they make. The argument here is that they were literally thinking and acting as a bank in response to the FBI's actions.
What does that have to do with becoming a bank or payments processor, though?

I think the article is premised on a misunderstanding of what banks are and are not. A company does not need to be a bank or payments processor to manage a huge pile of money for a profit goal. In fact it's way easier to do that if a company is not a bank or processor.

It is about our freedoms and we've got to defend them!
I just don't see it. Haven't we learnt over the last few years that consumers just don't seem to give a shit about their data? Conversely, even Apple not handing over keys to the FBI still doesn't put privacy-concerned folks like us at ease about an Apple Pay service (my peers and I, at least).

I actually kind of see it as being of no importance which way the coin falls here on what's been triggered by the San Bernardino case. The security oblivious will remain oblivious regardless of the outcome (identity politics and the Kardashians are far more compelling than encryption). Equally, the skeptical amongst us will remain skeptical - even if Cook holds onto the Iphone encryption we'll always be suspicious of backroom deals or potential backdoors. Whatever the fallout, neither scenario infringes on the legitimacy of Apple as a financial institution - should that even be their play.

I'm curious what your privacy concerns are regarding Apple Pay. Tokenized authentication seems notably more secure than any of the traditional card-based offerings. The seller only gets what you permit them to have, which in most cases is simply the token for the transaction to hit whatever card or bank account you have tied to it. The only reason merchants can ask for more, as far as I'm aware, is for shipping related purposes. If there's more to it though I'm certainly curious to know!
>I just don't see it. Haven't we learnt over the last few years that consumers just don't seem to give a shit about their data?

No, when it comes to their banking accounts and e-wallets, we haven't.

Every user of Mint is evidence to the contrary, no matter what their lips say.
Given access to your financial info to a third party is not the same as being OK with said party being insecure.
Say what? It adds yet another vector upon which you can lose control of your data. But that's not the original point anyway.

Keep in mind, the original parent was discussing privacy of data, not security. It's very aparent that a majority of people don't give a shit based on their actions.

I suppose you are free to not believe this, but it's quite obvious.

In any case, not "giving a shit", and "not giving a shit AFTER your payment processor was compromised" is a very different thing.

They might not give a shit in principle. But they sure will raise hell if anything happens to them -- especially a big breach affecting tens of thousands or even millions.

And if Apple is the one having the breach, the media will also have a field day, like with all the BS -gates (antennagate, bending-gate, etc), but this time with a very real and very important issue...

I was the initial developer on a system where the customers gave us access to their bank account and we would use their transactions to come up with (ultimately) an overall credit score.

Not just read-only access: their username and password. I was sure that would never fly. I was wrong - they had at least a few thousand customers in three months after launch. I don't know if that's a success, given the US population, but more than the zero I expected.

So... I think convenience trumps even bank account privacy.

> username and password

That's fairly strong evidence of ignorance, not consent.

Explain Mint. And debit cards.

People are overwhelmingly happy to share their spending data for some convenience.

Explicitly sharing your data to a third party doesn't mean you're OK with them getting hacked and exposed to the internets, or getting to the wrong hands.
> consumers just don't seem to give a shit about their data?

This meme is more projection and wishful thinking than fact. People do "give a shit" about their data. Unfortunately, many people are do not understand the details about how much data they are giving up, or what alternatives are available.

Claims that people don't care about their data are useless until tech companies stop over-promising their features and security, and when data is only collected after verifying someone has giving their informed consent.

It seems more likely Apple wants leverage over banks to cut exclusive deals in order to sell more devices.

The retail banking industry suffers from low consumer satisfaction, as it earns the bulk of its profits via fees, personal loans, and mortgages. Apple historically wants no part of that. Competing on margin by mitigating fraud doesn't make sense.

Not just Apple Pay or being a bank, also about health data and about being trusted in other markets than United States. Good article, though.
This doesn't add up. The biggest asset that the US TBTF banks have right now is their tight relationship with the federal government.

Apple could certainly start competing on their home turf with respect to payments and checking accounts, but there's very little profit in that.

I completely understand why Apple is not backing down on this. Even if this backdoor is for one phone, the possibility of having that backdoor stolen is too great a risk to produce. When looking at the big picture, Apple is looking at the side effects this backdoor could produce and doesn't want to take the risk. I can hardly blame them either!
seems to me the risk of having the backdoor stolen is an overstated vulnerability. Isn't it the same risk as having the iphone source code stolen? Hasn't happened yet has it? If the source code were stolen, someone else could engineer a backdoor. I don't think the overall security risk increases by the existence of a backdoor on a single phone. Amiwrong? That said, I'm happy that Apple is pushing back, but let's be clear about the technical facts.
To be clear about the technical facts: good luck pushing that engineered backdoor to an iPhone without Apple's keys.

Having your source code stolen gives your competitors an edge by letting them know, for free, how you've implemented things that might have cost you millions/billions to research and produce.

The biggest threat to having source code stolen is exposing the potentially embarrassing paperclips, string and gum holding a product together.

> Hasn't happened yet has it?

Years ago and at the time the most profitable software company, Microsoft had its flagship products, the NT kernel and Windows 2000, source code leak.

It isn't unheard of.

> I don't think the overall security risk increases by the existence of a backdoor on a single phone.

If the precedent is set for this single phone, then the security of other phones is at stake. This is also a red herring. It is not about this singular phone.

edit: You do not need the source code to find a backdoor or vulnerability[0]

[0] every closed-source product that's ever been exploited

Putting on cyberpunk goggles, you could take the idea a step further and speculate that Apple is preparing to become a transnational entity, and doesn't want pesky nation-states dragging it down. They already have revenue around the GDP of Hong Kong or Israel.
The cyberpunk were wrong; the Internet has made nations stronger than ever. The NSA hacks Google and Apple, not the other way around.
Don't you get it, that's what they want you to think.
Hm... An article with no concrete proof.

Then, here is my story about Apple vs FBI (sceptical too).

FBI (really, NSA) knows of only one phone (company) that is easily crackable, and its IPhone.

So Why a sue?

This has to be taken utmost care. When FBI sues against Apple, and they say they can't crack (some say, hack), people think that its true, and they trust more in Iphone. Result: More sales for Iphone. FBI (NSA) has more phones crackable. Benefit is for both.

So Why Android is less crackable? Answer: It's not. But a user can easily replace it OS with something safe (like, another android like replcant OS). So, FBI (NSA) shall have to try harder to break into.

So why not windows phone? Hm... You should not store any obsolete data in your mind.

Thank you.

except the FBI changed course, not only saying that the iphone was hackable, but that it was hackable by groups other than the government, which, if someone valued their privacy, they would probably find that statement concerning
I actually think this article is a bit narrow minded. Apple wants the phone to be your central hub (and has succeeded). You can't live without your phone. You use it for a medical study, for private messaging, for intimate photos, etc. making it compromised and easy to crack would bring halt to that thinking and make the phone's utility moot.

It's not about Apple wanting to become a bank, for the same reason they aren't a carrier.

I am unable to imagine that. For me, my phone is an annoyance. It interrupts me, the only thing it has that is useful for me is mobile internet (that I use rarely), emergencies, and music.

How can one get so dependent on a piece of technology you ultimately do not really own?

> a piece of technology you ultimately do not really own

You can just buy a phone in cash, then you own it. Not owning your phone is a choice. Even if you're on a contract (at least here in the Netherlands), the phone is often legally yours, you're just paying it off.

If Apple (or anybody else) controls root access to the phone or if they can force software updates onto the phone, then you don't actually own the phone.
I'm not sure that logic really holds, what part of the definition of ownership specifies this? If you drive your car without insurance it can be forcibly taken from you, does that mean nobody truly owns their car?
Toyota doesn't[1] get to modify your car without your permission. And yes, this means "nobody" owns the stuff they buy when someone else controls it.

I take it you haven't seen Copy Doctorow's incredibly important talk[2] on this subject, which is the followup to his well-known talk about the War On General Purpose Computing. Never mind the car - if we don't stop this crap now, it won't be long before we see someone's prosthetic legs or cochlear implant "repossess itself".

[1] Actually, cars are starting to have the same problems where they can be updated remotely, in addition to the copyright crap involving John Deere's explicit claim that you don't ever own their hardware.

[2] https://www.youtube.com/watch?v=nypRYpVKc5Y

Why do you not just own a cheap flip phone and an ipod then?

Ownership is something of a nebulous concept in the digital era - copyright and licensing is far more important. You may own the device outright, but that's largely immaterial. The value of the device is in its access to the network and licensed content - music, ebooks, GPS, traffic, internet, texting, fb, chat, etc. Aside from a platform to consume content and access the network, the physical device itself offers little more than a camera.

  > Why do you not just own a cheap flip phone and an ipod then?
  > Ownership is something of a nebulous concept in the digital era
Richard Stallman told us that any piece of software that you cannot modify but someone else can has to be considered as malware. In this sense about any mobile phone must be considered as malicious, since there is (besides OsmocomBB, for which using is of dubious legality) no free baseband processor. Even more imporatant mobile phones are location tracking and bugging devices with built-in telephony functions. Thus it is no question why owning a mobile phone is a very bad idea in general (I know very few applications of mobile phones that justify these large flaws).
Your opinion is valid but it is largely not the opinion of the majority.
You've summed up my life in a sentence.
I am dependent on roads and I don't own them. I don't see the connection between ownership and dependence. Also how do you not own your phone?
Owning usually means you can use, modify and control/own what you produce with your property to your heart's and physical reality's extent.

Apple owns your data and says what you can do with its software, content and devices. Much of which you license and do not own.

How does Apple prevent you from modifying your phone? Sure you'll void your warrantee, but other than that I'm pretty sure you can do what you want with your phone.
Try running a non-Apple signed OS on an iPhone.
Been done [0], albeit not on recent hardware.

[0] http://linuxoniphone.blogspot.com/2010/04/ive-been-working-o...

Apple just has to issue a patch for the hack, and may have already, given that the project has been dead for 5+ years.

edit: in 2012, it was deemed not a violation of the DMCA to jailbreak a phone. Whoops.

I don't know what the consequences of exploiting a hole in their security implementation or possibly violating their ToS or EULA.

Trying to profit from such an exploit commercially would test the waters by attracting Apple's legal department.

That qualifier at the end is because Apple does their very best to prevent this sort of thing, and any time you see it being done, it means someone is exploiting a security vulnerability which will surely be patched.
The DMCA, for one. If there is a copyright protection mechanism on the phone, Apple has the right to prevent you from defeating said copyright protection. The language is generic enough that anything you want to modify or use on the device is subject to their approval.

To illustrate this point, imagine your phone is a rather complicated DVD player. DVDs have copyright protection, and as such, you may not modify your DVD player or DVD discs to extract or modify (or even play!) the DVDs on an unlicensed player. Similarly, you may not do anything remotely like that with Apple copyright-protected music or video files, or any other digital media copyright-protected by Apple. This means if suddenly all the data on your phone were bundled up and "protected" by Apple, you would have no right to said data, other than the right to use them the way Apple wants you to.

Of course, the DMCA has been amended over the years to allow exemptions to this (which are reviewed again every three years). Some allow jailbreaking, some allow remixing of media. Some allow disabled people to read their e-books (yes, this was illegal for a while due to the DMCA). You can only carrier-unlock your phone if you bought it before 2013 (seriously). Oh, and tablets/smartwatches can only be jailbroken since 2015.

A 2010 ruling determined that even if your purchase a phone, you do not own its software - you are merely leasing the phone software from Apple according to their EULA. You may find a way to modify their software, but you'll also be breaking the law.

> Apple owns your data

Citation? I'm aware of OS licensing and music/video downloads like itunes, but they claim "Your data"?

Data collected by Apple produced by your activity for things like product metrics, improvements, Siri, traffic data / directions or whatever they decide fits their business model at a later date.
The collection of which you can decline during the setup process. Further, even if Apple could be said to own the analytics data you're talking about, they certainly don't make any claim over my data; that is to say, the information I choose to store on my phone.
Can you opt out of App store analytics? What about data collected from Siri[0], of which Apple says it can hold on to for two years[1]?

By disabling these services you are severely limiting the advertised functionality and features of a device you purchased.

From Apple's privacy policy[2]:

>We also collect data in a form that does not, on its own, permit direct association with any specific individual. We may collect, use, transfer, and disclose non-personal information for any purpose. The following are some examples of non-personal information that we collect and how we may use it:

>We may collect information such as occupation, language, zip code, area code, unique device identifier, referrer URL, location, and the time zone where an Apple product is used so that we can better understand customer behavior and improve our products, services, and advertising.

>We may collect information regarding customer activities on our website, iCloud services, and iTunes Store and from our other products and services. This information is aggregated and used to help us provide more useful information to our customers and to understand which parts of our website, products, and services are of most interest. Aggregated data is considered non-personal information for the purposes of this Privacy Policy.

>We may collect and store details of how you use our services, including search queries. This information may be used to improve the relevancy of results provided by our services. Except in limited instances to ensure quality of our services over the Internet, such information will not be associated with your IP address.

From your reply:

>they certainly don't make any claim over my data; that is to say, the information I choose to store on my phone.

I was unclear, I never meant to imply they own the information you store on your phone.

  [0] http://www.wired.com/2013/04/siri-two-years/
  [1] http://www.mynameissiri.com/siri-and-privacy/
  [2] http://www.apple.com/legal/privacy/en-ww/
I get that the Hacker News crowd maybe a bit more anti-social, but how do we continuously ignore what's going on in the general population (HN == anti-Facebook, anti-Big Bang Theory, basically, anything that's popular)?

Have you been to a concert? A family reunion? A movie? People waiting in line? People are looking at their phones constantly, even to the point, where they're ignoring everything else around them.

Yes, people live in their phones. It's so obvious.

Yup. I do, too. I understand better than most people the trade off and what price I'm paying, but he reality is, I accepted it a while ago. I keep my daughter off of all social media (she's not quite 2) because I know one day she'll be more dependent on it than I am (writing this on an iPhone) and I want her to be able to create her own digital identity and not be stuck with hundreds of baby photos defining her before she gets a chance to.

But that knowledge comes from how my wife and I use our pocket computers (because "phone" at this point is ridiculous, "mobile" is at least a bit more generic). I'm say, half way through my life. I can worry to death and stand against and whatever, or I can get on with life, and appreciate the convenience provided in the short amount of time I have left. It's just admitting it to myself. Once that's done (and it is) I can get beyond grandstanding and just cheer for encryption and join the EFF (I am a member) and so on, hoping to have some impact on pushing the privacy needle to one side vs the other, because we're going to use these things daily, likely no matter what.

The best theory of the formation of the universe is the Big Bang Theory. I check HN at least daily (often far more), and I haven't seen any posts regarding alternative theories or poking holes in the Big Bang Theory.

What origin of the universe theory does the HN zeitgeist advocate?

LMAO.. Big Bang Theory... The TV Show.

I probably should have been more explicit but the very fact that this was misunderstood, probably proves my point about HN News and pop culture..

Or maybe you're just trolling... :)

Might not be American and have no idea what it is.
I'm new to HN and the main thing I notice ( and like) is that people here don't seem so obsessed with mundane rubbish.

BBT as example - low level comedy with canned laughter that relies on silly stereotypes for literally everything. Faux-geeks love it - the people who 'know everything about tech and gadgets' but can't read a line of code, the populist sciencey crowd rather than the science people themselves.

I'm not american so maybe just cultural difference but everything about is always seemed too try-hard and populist.

If HN spurns those hangeronners then I'm happy. Happy-ish anyway.

While the value of watching a "rubbish" comedy (or TV for that matter) certainly is debatable, the content of the show, or at least the accuracy of the physics jokes, are spot on. They are pretty rigorous in their joke fact checking :

http://www.wsj.com/articles/the-big-bang-theory-has-hidden-j...

>A lot of the humor is over the heads of the general audience.

>But there are jokes inside of jokes, and for those who

>recognize the science, they’re hilarious. The show takes this

>stuff so seriously that it employs a UCLA physics professor

>to make sure it gets it right.

>Case in point: In a 2009 episode, “The Jiminy Conjecture,”

>Sheldon and Howard heard a chirp and then argued over which

>variety of cricket made the sound.

>On the whiteboard in the background is Dolbear’s law, which

>states the relationship between the air temperature and the

>rate at which crickets chirp.

>“I went to a Dolbear presentation at Tufts, and they talked

>about this, in like 1989,” says one high-profile fan of the

>show, Seamus Blackley, one of the creators of Microsoft’s

>original Xbox game console. “I remembered it!”

>“Once I realized what was going on, it was awesome,” added

>Mr. Blackley, who is also trained in physics. “It’s the No. 1

>show, and it has actual physics in it.”

I'm just not sure there's ever been a show that's attempted to deliver comedy around Schrodinger's Cat or Quantum Uncertainty. They do a phenomenal job with comedy surrounding such technical subjects, but just by acknowledging my fondness for the show, puts me in a minority here.

I know physics professors who enjoy the show.
I think this comment just reinforces his point hahahaha
You don't need to imagine it, you just need to look around and see what other people do instead of only considering your own use case.
This makes no sense. In order to act like a bank, Apple would have to track every financial transaction centrally in order to provide for auditing and reconciliation. There are already plenty of laws that give law enforcement the power to subpoena that info. Strong device security is no impediment at all if Apple is a bank.
Not if they put crypto currency wallets in there.
Susan Landau, during[1] the House Judiciary Committee hearing:

    Smart phones are increasingly wallets, and they give us access to all
    sorts of accounts [...]. NSA will tell you that stealing login credentials
    is the most effective way into a system. [...] Here's where smart phones
    are extremely important: they are poised to become authenticators to a wide
    variety of services.
While I think that Apple has good reasons to fight the FBI's order for simple constitutional reasons, they obviously are not limited to a single motive. This comment about phones being "wallets" does fit with the idea of Apple being some sort of bank (or payment processor).

[1] https://www.youtube.com/watch?v=g1GgnbN9oNw#t=12977

Wallets is too limited though. Increasingly a phone is not only a wallet replacement, but also a replacement for filing cabinets, bookshelves, photo albums… to the point where having unfettered access to a smartphone is akin to having access to someone's living room and office.
> photo albums

Dr. Landau mentions this kind of use just prior to my t=12977 link to the hearing. I'm specifically quoting the part that seemed relevant to Stross's banking theory.

If the FBI get what they want, then the back door will be installed and the next-generation payments infrastructure will be just as prone to fraud as the last-generation card infrastructure, with its card skimmers and identity theft.

How Stross made the leap from a special version of the OS that the FBI could use to eventually crack a password to the easy clone-on-use nature of a card skimmer is completely farcical and looks like something that the mainstream non-tech press would come up with.

Just as prone to fraud? I don't understand the need for that kind of hyperbole in an article that looks like it was intended to be taken seriously.

Look I dislike that kind of hyperbole also. But I think there is a clearly defined middle step. If the FBI can force Apple to create a new OS. They can force them to install backdoors in every new OS. Then the phones become "...just as prone to fraud as the last-generation card infrastructure."

And given Juniper systems was likely a government placed backdoor, there is ample evidence this is true.

Probably more related to the concerns that a judge would compel Apple to turn over their source code and signing key to software, which basically gives the government and any agent with access unlimited authority to tamper with Apple software and devices. Cracking passwords is also bad.
>The FBI thought they were asking for a way to unlock a mobile phone, because the FBI is myopically focussed on past criminal investigations, not the future of the technology industry, and the FBI did not understand that they were actually asking for a way to tracelessly unlock and mess with every ATM and credit card on the planet circa 2030 (if not via Apple, then via the other phone OSs, once the festering security fleapit that is Android wakes up and smells the money).

Except the phone they were asking is a 5C, which doesn't support Apple Pay because it doesn't have a secure enclave or fingerprint reader.

Risk management: call me back when they figure it out. http://www.nytimes.com/2015/03/17/business/banks-find-fraud-...

Risk management: call me back when they figure it out

Quoting article you linked: "the banks may largely have themselves to blame."

Apple Pay appears to be a secure system, and was designed by engineers to be such. The process of getting a credit card loaded into Apple Pay appears to be a woefully insecure system, and was designed by banks to meet the bare minimum of regulatory compliance and no more.

Some banks actually perform some due diligence; one of my cards, when I added it on my phone, required some verification steps to prove to the issuing bank that I was indeed the cardholder I was claiming to be. But another simply loaded onto the phone instantly with no verification. It doesn't take me long to figure out how that leads to fraud.

>Because Apple wanted its system to have the simplicity for which it has become famous and wanted to make the sign-up process “frictionless,” the company required little beyond basic credit card information about a user.

>Some bank executives acknowledged that they were were so scared of Apple that they didn’t speak up. The banks didn’t press the company for fear that they would not be included among the initial issuers on Apple Pay.

Sounds like there was pressure from Apple.

Regardless, there's absolutely no sign of the security claimed by OP. You'd at least expect parity security, not an order of magnitude more.

Apple Pay sits on top of the credit card industry. Do you believe they will remove that layer one day, and tie directly to your bank account? As I understand the payment industry is incestuous and has become a commodity. Its ripe for anyone to replace it. Apple seems to be in a good position to do that over time.
I don't know why they would bother.

Apple Pay as architected now outsources all the pains in the butt to the existing payment processors: getting terminals into stores, dealing with chargebacks and fraud, and providing regulatory compliance.

Apple gets to deal only with with their existing customer base, take a tiny tax for authenticating transactions, and enhance the value perception of the iPhone and Watch, which is where they actually make their money.

Credit Cards, issuers, acquirers, gateways, etc - the whole payment intermediary grabs around 3%. Most of that could all go to Apple one day. Why leave it on the table?
I think Rogers in Canada has already done that, haven't they? It might be hard, but it is not impossible to get a banking licence, if you have the money for it.
Apple doesn't have to become a bank. There is a lot of money to be made sitting between the bank and the customer (2%~5% of a transaction). Today, VISA and Mastercard grab most of that. Apple could replace them. In a few years, there will be more Apple devices with Apple Pay than issued VISAs. When Apple Pay is accepted everywhere, credit cards will be doomed.
I think the premise of following money is interesting, but the conclusion I completely disagree with. I believe Apple's focus on privacy is a direct challenge to Google's business model. Apple makes all their money from mobile device sales, don't they?
But maybe the growth in the phone business is limited - so they look for various services like music/tv, and banking could be one such service.
The FBI already has incredible insight into banking transactions. This would not be an extraordinary power for them.

The reason Apple is being defensive is because of Edward Snowden. Apple supplies smart phones to the WORLD. Putting on a strong front to the FBI is a PR boon for selling smart phones abroad. They don't want the rest of the world to make a trusted Android fork because they can't trust Google and Apple. They want them to trust and buy Apple products! Unlocking that smart phone would cost Apple billions in foreign purchase orders.

Curious, what do you make of China's demands on Apple related to the "security" of iOS and the iPhone? Why do you believe this hasn't cost Apple billions in foreign purchases?
> The FBI already has incredible insight into banking transactions. This would not be an extraordinary power for them.

So, since the FBI has that insight now, it's inconsequential for them to have it in the future? Where did you come up with this logic?

>Apple supplies smart phones to the WORLD.

This has been my assumption from the start of this case too. Apple can't afford to lose China, if only for the purpose of avoiding negative quarterly growth reports. Becoming known by the Chinese to be hackable by the FBI, wouldn't go over well there.

Not to mention the (obvious, ugly) next step: every country in the world demands the exact same privileges the fbi get. And why shouldn't they?

This may not be avoidable. Even blackberry had to do this ([1], dozens more). But if anyone has strong enough market power to push governments towards privacy, it's apple.

[1] http://www.theguardian.com/technology/2010/aug/10/blackberry...

It's too far fetched esp given a very simple incentive exists for Apple to be pro-privacy - market differentiation.

Given Tim Cook's background he may also truly believe in privacy for the masses but that's a byproduct. Apple knows that with all their competitors slowly but steadily stepping up their game and offering solid smartphones for 1/3rd of the iPhone's price and little practically left to do for Apple to stand out in non-USA markets, privacy is their one big appeal. That plus lower priced iPhones and Apple's brand value practically guarantee that Apple will stay ahead - take out one leg and it starts to look shaky.

I think they'll continue to emphasize it to sell iPhones until they find another market that's as lucrative as the iPhone is.

As much as I like Antipope, I think he is overestimating the long term thinking of the Apple business because the time to have started the "Apple Bank" process is 2014 because they should have just acquired Simple:

http://techcrunch.com/2014/02/20/simple-acquired-for-117m-wi...

Then moved on from there and making it into "Simple, The Apple Bank". The fact they didn't move in that direction makes me think it never really occurred to them.

I don't think Apple will become a bank. They could however replace VISA and Mastercard in the long term, and grab the 2% to 5% of payment fee over each transaction. Vertical integration to its best. To get there, merchants need to support Apple Pay, and Apple needs to continue selling phones. In the near future, there will be more Apple Pay enabled devices in circulation than VISAs and Mastercards. When the scale tips, credit cards will be doomed.
Don't you need credit cards to use apple pay?
Sure, now. In 5 years who knows? I could definitely see AAPL partnering with visa/mastercard/amex or even directly with banks for direct account access on a program that doesn't require a physical card. Plastic cards will become the new cash (right now cash-only businesses are a little behind the times but they still exist) and phone payments will become the new plastic.
Partnering? Sure! I think this will be the way forward, but the GP says Apple is out to get VISA and MC (as companies) and will leapfrog them with one clean swoop. This will most definitely not happen.
Currently, yes. The article is positing that once Apple has the infrastructure in place for end-to-end transactions, removing the VISA/MC puzzle piece will be easy. Ultimately, you'd put money into an Apple account and spent it on your iPhone.
I don't think you are very familiar with how the payments industry works. Credit cards offer much more than a means to pay. Apple will need to double their headcount to compete with Visa. Or do you think that this is a feasible scenario?
I don't think so. The payment industry is over complicated and in my mind a real commodity. Apple is in a good position to simplify that.
2% to 5% for moving bits around, with a smattering of security and antifraud, is no way to run a modern payments system.

It didn't even cost that much to move cash and checks around in the old days.

Retailers, for whom it's a big chunk of their margins, are up in arms about it, the Fed is up in arms about it and pushing a move to intraday EFT and ACH, and tech like Bitcoin and better security of e.g. Apple Pay is moving against it. Payments are going to change.

For all the over the top rhetoric, the basic claim that securing the device against any and all hackers is critical to Apple's brand and ambitions, and the idea that Apple could do an end-run around the credit card companies and banks and try to run the table in payments, are totally on target.

Keep in mind that Apple gives law enforcement everything it knows in response to a legit request, the phone doesn't make the payments system less transparent to law enforcement. On the contrary, Apple's ability to maintain a closed garden is key to maintaining a degree of control over payments and comms.