:format(webp)/cdn.vox-cdn.com/uploads/chorus_image/image/63698432/mcdonalds-drive-thru-apple-pay-iphone-nfc.0.1488495228.0.jpg)
Apple’s new mobile payments service, Apple Pay, will launch in the U.S. on Oct. 20, CEO Tim Cook announced at today’s Apple event in Cupertino, Calif.
The service is built into the latest models of iPhone and the new Apple Watch and will let shoppers tap their phone or watch at checkout terminals in stores to purchase items without a credit card or cash. Whole Foods, Macy’s and McDonald’s are among the chains that will accept Apple Pay in their stores.
The service will also let iPhone users buy things in apps with one touch, a move that could be a threat to other Internet payments services like PayPal. Apple announced today that Apple Pay will also be integrated into the new iPad Air 2, allowing for purchases in apps but not in stores.
Apps from Target, Groupon and Instacart will let their users pay with Apple Pay. This means new users to these apps won’t have to fill out credit card information if they choose to pay with Apple Pay.
Apple Pay arrives at a time when giant data breaches at retailers including Target and Home Depot have consumers worried about the security of using their credit cards. Apple’s approach adds further layers of security to transactions that take place at stores around the country.
Jim McCarthy, Visa’s vice president of strategic partnerships, met with journalists in advance of the Apple Pay launch to talk about how the payment network has used technology to try to keep ahead of fraud. The consumer takes a photo of his or her credit card to capture the number, then adds other information — such as billing address. That information is stored on the smartphone, in a digital wallet that Apple calls Passbook. When it comes time to make a purchase at, say, Walgreens, the consumer holds the phone up to a terminal that communicates wirelessly with the device and places his or her thumb on the Touch ID fingerprint sensor to authorize the purchase (no more entering PIN numbers).
Behind the scenes, the unique number that’s associated with the consumer’s device is transmitted to the bank to approve the sale, together with a unique code that’s generated at the time of the purchase that is an algorithmic mash-up of all kinds of data associated with the sale (such as the merchant’s identification number). The payment can be authorized (or rejected) by the bank, without ever exposing the consumer’s credit card number.
“Think of it as a set of fraud screens,” said McCarthy.
This article originally appeared on Recode.net.
