McDonald's is not alone in supporting Apple Pay right out of the gate. Apple says the NFC-based payments system will be available at 220,000 retail locations. Retailers that have already announced support include Walgreens, Duane Reade, Nike, Panera Bread, Staples and Whole Foods. Credit and debit card companies immediately supporting Apple Pay include Bank of America, CapitalOne, Chase, Citi, American Express and Wells Fargo.
McDonald's plans to bring Apple Pay to its offshore locations as well, but the timeframe is not yet set.
Elephant in the Room: Security
Hall-Lefevre is reluctant to discuss specific security precaution as Apple Pay goes live, for fear of giving hackers hints that could be used to steal customer data.
During her discussion with CIO.com, Hall-Lefevre emphasized two key points: McDonald's does not store customer data on its network; and the company trusts the security and privacy features Apple built into Apple Pay.
McDonald's is so confident in Apple's security that it is not using any safeguards beyond those provided by Apple and the rest of the financial payments network. "Apple Pay transactions will be handled like any other cashless transaction," Hall-Lefevre says.
One reason Hall-Lefevre is so comfortable with Apple's security precautions, says IDC Analyst James Wester, is that Apple has a lot of the line — including a very large chunk of potential profit.
Although Apple will not confirm it, Wester believes the company will receive 5 cents for every debit card transaction and a percentage of every credit card transaction from the issuing banks. In return, Apple is willing to take some of the risk by paying for all or part of any fraudulent transactions, Wester says.
The financial services network behind Apple Pay is not new, and it's been tested from a security perspective. "There's nothing there that the players haven't done billions of times for trillions of dollars over 40 years," says Wester. "They know how to do it, and do it well." Apple's new security measures, which include tokenization and fingerprint authentication, are also strong, he says.
Sandy Shen, a Shanghai-based analyst who follows mobile payments for Gartner, agrees. "The combination of Touch ID [Apple's fingerprint reader], secure element and tokenization makes the security stronger than cloud-based mobile payments used by in-app payment today. I don't see it as necessary for retailers to take additional measures, and [they] can accept Apple Pay as they do for other payments today," Shen wrote in an email.
Given the plethora of well-publicized data breaches during the past few years, one of the most significant challenges facing any retailer using Apple Pay will be to convince customers that it is, in fact, safe.
Sign up for Computerworld eNewsletters.