The Apple Retail Payments Patent Has Arrived!
In the early fall of 2012, while most of the world did not know of Touch ID and the Secure Enclave, Apple was slowly and methodically submitting patents for the iWallet. Today January 16th, 2014, just about an hour ago, the US patent office released a September 28th 2012 patent application, created one year before the release of the iPhone 5s, this patent that will change the world of retail payments forever with true innovation:
METHOD TO SEND PAYMENT DATA THROUGH VARIOUS AIR INTERFACES WITHOUT COMPROMISING USER DATA 
Self indulgent detour warning:Said To Me: “Sir You Are A Heretic And Charlatan To These Payment Startups, Just Stop Talking And Posting”– A well known “advisor” to startups
I have been advising Silicon Valley payment startups since 2008 that Apple will enter into the retail payments space. Some listened and avoided huge wastes of time, talent and money, some literately called me a heretic and charlatan, words I had not heard since the Salem Witch Trials. My premise was and is very simple: if you own the hardware and you own the software, you control a product’s destiny.The Apple Shaped Turtle Will Win The Race
I have been tracking patents for over 30 years and in the case of Apple since the late 1970s. In particular I started tracking payment based patents from Apple. I tracked a path the started with securing the mobile device, later to be identified as an iOS type device with a fingerprint scanner. In 2008 almost no one could understand that Apple would put a finger print sensor on any device. I then tracked a number of rather interesting patents that clearly spelled a path for retail payments for Apple. Each new payment centric patent presented more clarity. This combined with close relationships to people at Apple working on these projects gave me a unique perspective. By the time Apple release the iPhone 5s with Touch ID and the Secure Enclave , it finally be came beyond obvious that the iWallet was on the way.The Apple iBeacon, Secure Enclave, iWallet Retail Payments Patent
This is a massive patent when it comes to the details and uses case that Apple exposes. The most important aspect is the manner in which Apple will utilize NFC, Bluetooth, WiFi, Magnetics, IR and Cellular channels to melt together a new paradigm shifting payment system.
I have limited space here but many of my clients (Startup founders, VCs and Wall Street analysts) already have my 300 page report on Apple’s plans in retail payments and this patent fills in the last part of the puzzle. In this posting I will decode some of the highlights. In future positing I will dive into more detail.
I will quote the patent and intersperse my insights as comments below:
METHOD TO SEND PAYMENT DATA THROUGH VARIOUS AIR INTERFACES WITHOUT COMPROMISING USER DATA
A commercial transaction method is disclosed. The method first establishes a secure link over a first air interface by a purchasing device. This secure link is between the purchasing device and a point of sale device. The method further identifies a second air interface, which is different from the first air interface, and the second air interface is used to conduct a secure commercial transaction.
I think this says it all in just the abstract. This is a retail payment system that uses a TWO wireless methods to connect the iOS device to the merchant’s POS system. But we are only just getting started. I will break this down with comments as we read through important aspect of this patent.
 FIG. 2 shows the portable device 102 conducting a secure commercial transaction using a second air interface 110 or 112 in accordance with one or more embodiments. The second air interface 110 or 112 is different from the first air interface 114 that was used to establish the secure link. As an example, FIG. 2 shows the portable device 102 conducting a secure commercial transaction using the WIFI air interface 110, for a secure link that was established using NFC 114. In this way, purchase information may be transferred through the WIFI interface 110 instead of the NFC interface 114. WIFI is more convenient than NFC for users, since the limited communication range of NFC requires the portable device to be in close proximity to the POS device, e.g., within 3 to 6 inches. The second air interface 114 can be used, for example, to send information such as offers by customers or merchants, coupon offers and redemptions, receipts, follow up information, and so on. The second air interface 114 link can be closed upon completion of the transaction(s) by, for example, sending a completion or termination message.
 FIG. 2 further shows the secure element 108 passing encrypted credit card data (CC data*) 206 to the application processor 104. Normal, i.e., plaintext, credit card data (CC data) 106 includes a credit card number, expiration date (exp date) and other information. Encrypted credit card data (CC data*) 206 includes an alias 234 and other cryptographic data 238 such as counter number, merchant ID, etc.
 Devices located in close proximity to each other can communicate directly using proximity technologies such as Near-Field Communications (NFC), Radio Frequency Identifier (RFID), and the like.
Yes Apple is still talking about NFC, in fact NFC is mentioned in over 100 Apple patents and every single retail payments based patent.
These protocols can establish wireless communication links between devices quickly and conveniently, without, for example, performing setup and registration of the devices with a network provider. NFC can be used in electronic transactions, e.g., to securely send order and payment information for online purchases from a purchaser’s mobile device to a seller's point of sale (POS) device.
This is really quite clear, Apple is working with rather then against the Merchant’s POS systems and not another Apple device. Contrast this to the methods some payment startups are using requiring the merchant to have an iOS device. Apple is not talking about an iPad POS system and this is quite interesting
 Currently, payment information such as credit card data in mobile devices is sent directly from a secure element (SE) located in a device such as a mobile phone through proximity interfaces, such as near field communications (NFC), without an associated application processor (AP), such as an application program in the device, accessing the payment information. Preventing the AP from accessing the sensitive payment information is necessary because current payment schemes use real payment information (credit card number, expiration date, etc.) that can be used to make purchases through other means, include online and via the phone, and data in the AP can be intercepted and compromised by rogue applications.
We have this patent speaking of the secure element. This is a standard feature of first generation NFC phones and was controlled by the cell phone providers with in the mobile phone’s SIM card. However this patent is speaking of another secure element, the A7’s Secure Enclave. Thus as we read through we can see how important the Secure Enclave is to this retail payment system
 Thus, there exists a need for a secure method of executing a commercial transaction that is both secure and user friendly.
This is achieved using a secured device, Touch ID and the Secure Enclave interfering with existing legacy systems.
 In one or more embodiments, a portable device can make purchases by using near field communications (NFC) to establish a secure link with a point of sale (POS) device connected to a backend system that is configured to execute commercial transactions.
Once again NFC and existing legacy POS systems.
This secure link can be established by positioning the portable device to be within close proximity of the point of sale device. Increased mobility is provided to users of the portable device making purchases by establishing a second secure link that uses a different protocol, such as WIFI or Bluetooth, that has more desirable characteristics for maintaining the link over time than NFC.
I pointed out there were TWO wireless links above. It is now confirmed here as NFC and WIFI/Bluetooth. As I have stated for almost 3 years here on Quora, Apple has not abandoned NFC, it will be used in conjunction with other protocols. This patent confirms this and the premise.
 In one or more embodiments, a second secure link is established using a shared secret known to the portable device and the backend server, and using an alias to identify a purchasing account such as a credit card.
This is the basis of an iWallet system where Apple is passing the payment card data to the merchant’s legacy POS system
When a request to make a transaction using the credit card is submitted to the backend server, the server determines whether the combination of the alias and crypto data is valid using a shared secret that is known to a secure element in the portable device and the backend server. The backend server uses the shared secret (e.g., symmetric keys, public private keys, etc.) to verify the alias and the crypto data.
The Secure Enclave would control the flow of encrypted payment card data to the legacy POS system.
The backend receives the alias from the portable device via the point of sale device and combines the alias with other information, such as counter value known to both the backend and the secure element 108. The backend can then generate the same crypto data using the shared secret and received data, and compare the result with the received crypto data. If the comparison indicates that the values are the same, then the credit card that corresponds to the credit card alias is provided back to the partner, and the transaction proceeds as normal. Otherwise, the credit card alias is rejected and the transaction is denied.
The second combination channels: Cellular, WiFi, Bluetooth verify the transaction but is not actually authorizing the payment card. This is done via the merchant’s legacy system.
 In one or more embodiments, a method of performing a commercial transaction is provided. The method includes establishing a first secure link over a first air interface by a purchasing device, the first secure link between the purchasing device and a point of sale device, identifying a second air interface different from the first air interface, establishing a second secure link over a second air interface, the second secure link between the purchasing device and a backend server, and conducting, using the second air interface, a secure commercial transaction between the purchasing device and the backend server using payment data secured by a shared secret known to a secure element in the purchasing device and to the backend server.
Well this really says a lot about the dual method Apple is using to be compatible with legacy POS devices yet implant a new layer of other wireless protocols to not only allow for the iWallet to operate but to create great new values to the merchant and the consumer.
 Embodiments of the invention may include one or more of the following features. The payment data may include an alias associated with a payment account, and establishing the second secure link may include encrypting the payment data by the secure element at the purchasing device using the shared secret as an encryption key.
The alias mentioned here is the token created by the Secure Enclave.
Establishing the second secure link may include decrypting, at the backend server, the payment data using the shared secret, and verifying, at the backend server, the payment data, where verifying includes comparing the payment data to independently known payment data stored at the backend server. Comparing the payment data to independently known payment data may include retrieving an alias from the decrypted received payment data, identifying a credit card account associated with the alias, determining if the alias is associated with the credit card account according to an association stored in a memory of the backend server, and, in response to determining that the alias is associated with the credit card account, approving the commercial transaction. Comparing the payment data may further include retrieving a counter value from the decrypted retrieved payment data, and comparing the counter value to an independently known counter value stored in a memory of the backend server. Establishing the first secure link may include establishing a near field communication link between the purchasing device and the point of sale device. Identifying a second air interface different from the first air interface may include identifying an air interface having properties more desirable than the first air interface to communicate data to a user over a time period longer than the time used to establish the first secure link.
This long paragraph speaks to a more robust system where Apple has a backend relationship with the merchant and thus can offer a deeper integration with perhaps more features and benefits. Message To Legacy Companies And Payment Startups: Change Your Business Plans TODAY
In this “Post Target Breach” world, Apple has arrived in perfect timing with a Touch ID and Secure Enclave. You and I will witness a huge political shift in payments where the magnetic stripe on the payment card will be replaces with EMV and wireless EMV (NFC) at a rapid fashion .Phil Schiller presenting Touch ID and use cases. Note the obvious and the non obvious examples. I highlighted the payment card terminal (Equinox T4220) This is a road map to the future of Touch ID.
I think it is abundantly clear at this point that the iWallet is on the way. Apple has presented a rather robust and compressive roadmap on how these systems will work. This will create huge opportunities for countless legacy and startup companies. However business plans need to be adjusted, changed or discarded today. Find the right advisors with empirical praxis
Waiting for Apple to announce these amazing plans, perhaps as early as this summer will be a guaranteed way for your company to be rendered redundant and perhaps irrelevant as Apple controls the hardware and the operating system and thus control the future of their products and a great deal of the mindshare of the tech world and the greater world.
 United States Patent Application: 0140019367
 Brian Roemmele’s answer to Apple Secure Enclave: What is Apple’s new Secure Enclave and why is it important?
 How The Payment Card Breach At Target Will Change Everything.