Tired of being ineffective and unloved? It's time to act different
Sep 16, 201
When Apple Pay was announcedlast week, I very quickly saw IT folks at retailers and elsewhere
saying it was old technology. Platform partisans were quick to point out
that Android phones have had the required NFC chips for several years,
and Google has its own wallet technology. I also heard CIOs quickly
declare that because Apple was a technology company, Apple Pay would not
be secure.
Those reactions were, to be blunt, stupid. And they're emblematic of the
dilemma that IT finds itself in: unloved by users, distrusted by
managers, considered an incompetent, expensive, yet necessary evil to
keep thing running. InfoWorld's editor in chef, Eric Knorr, was asked at
a recent VC conference about IT's role in this era
of cloud computing and technology-savvy users, and the question brought
him short, as it did his fellow panelists. Houston, we have a problem.
Although the "think different" theme is now cliché, it does speak to a
core reason why Apple is Apple and no one else comes close. If IT
organizations and their management partners understood the Apple way,
perhaps they could become Apples in their spheres: groups that make real
money even without majority market share, loved by their customers, and
able to drag much of the industry along. I've followed Apple as a user,
reporter, and editor for 23 years, and what makes Apple Apple is quite
clear
Lesson 1: Work through the whole problem
There are no silver bullets. Yet so many people think adding thistechnology or that business relationship will magically make them
succeed. When Google convinced its Android makers to add NFC to phones,
the banking industry and retail industry ignored it. An NFC chip may be
useful as the communications mechanism, but the issue is deeper.
The payments issue is complex, but a key challenge was that the customer
credit card data was being stolen both at the point of sale through
magnetic skimmers and shifty employees, as well as from the data centers
by insiders working with cyber criminals. Moving the credit card data
from a magnetic strip to a chip-and-PIN to NFC does you no good if the
sales terminal is compromised, as we saw with Target last year and with Neiman Marcus and Home Depot this year.
If you move valuable information through lots of networks and accessible
devices, you have an indefensible perimeter. Apple Pay does away with
that issue by sending one-time codes from the iPhone to the sales
terminal, matched to a unique user ID. The reconciliation happens on the
back end through presumably highly secured, low-footprint connection
On the phone, the unique ID is stored on the Secure Elements chip,
inaccessible from apps. The fingerprint in the Touch ID is likewise
stored in that chip. Thus, the attack surface is smaller and hardened,
and the data is abstracted from the credit card itself. (John Beatty has
written a great technical description of what Apple is doing on the security front for Apple Pay.)
To develop Apple Pay, Apple had to work through several issues: the
communications technology, the security issues (on the device, at the
sales terminal, and at the data centers), the user experience, and the
card collection method (through the Passbook app, in this case).
Note "user experience" -- this is an area where IT usually fails.
Technical persona are different than business persona, but that's become
a convenient "why we can't" explanation to keep IT down. People use
technology, and it needs to feel and work "right." As long as IT ignores
this or pays lip service to it, it won't be working through the whole
problem it needs to.
| InfoWorld
No comments:
Post a Comment