What if you sidestepped all the chip cleverness and just put cameras to capture the name, CC number, expiration and 3 digits? You'd still need a billing address I guess, but you might be able to get that by looking up the name and disambiguating using the location of the terminal.
Apple Cards also have the nice feature that the entire mag-stripe CC number is virtual and different/distinct from the number used by contactless/Apple Pay, the number used by the EMV, and the number given by the App for cases where something requests you manually type in a CC number. Most of those numbers can be changed in the App when needed. So even in the cases where someone skims or leaks an Apple Card CC number you typically have more protection than an average card.
A contactless card just proves physical possession of the card. An Apple Pay payment means that a password or biometric authentication was performed, AND possession of the device, which raises the barrier to fraud. So there is a good reason to wanting to discourage the use of the card when possible.
Sure, but if you have an Apple card you're going to have an Apple phone, most probably, and that can do the contactless bit for you. Not sure if apple cards and android phones work, but android-pay is the other option for most cards.
Both are more secure than using the card directly with contactless - you have verified to your phone that it is you using it, by logging in with face ID, touch ID, passcode, PIN, whatever. It's a form of cardholder verification that is missing when you use the card.
That was my (slightly snarky) point - you don't need contactless on the card when you have a smart device that does it better.
I'm not an Apple card customer either, but I use Apple pay with my cards usually on my watch, although once in a while it doesn't work at a terminal and I have to pull out my phone (which is annoying since facial recognition doesn't work with a mask on). I understand similar things exist for Android.
My credit union cards still have the old-style credit card number on the front (but no raised digits for the ker-chunk machine). My Chase card has the numbers in small type on the back in a non-contrasty color. It's not possible to read in non-ideal lighting conditions.
I said "starting" to include the US which I expect to be still far behind. I agree that in the UK it's been standard and in fact EU regulations now make this mandatory anyway.
I used to live in the UK (and still visit often) but now live in the US. You'd be amazed how far behind US banking is, even compared to the UK ten years ago.
Depends on where you bank I suppose. Also depends on where you credit.
I can't use my bank card without mutual validation, same with my credit card. Even if you do it manually we still get a challenge-response that you use a hardware device or an app for.
Vendors get much less protection when doing a card not present transaction. They also usually pay higher fees. There are also cases where an additional layer of security is used, visa secure
Another method would be a standardised QR code so that you can make a transaction from your app by scanning the qr code.
I don’t know about other countries, but this is basically the premise of QRIS Technology [0] used in Indonesia, basically to put an end on competing in QR-based payment method.
The one thing I like about the credit card system (as opposed to "app" pay system) is that the usability is so much better. You don't have to worry about your phone being smashed or running out of battery. It's also less work than a phone, all you need to do is wave your card in front of a reader. No need to get out your phone, unlock it, open the app, wave around your camera so it scans, and finally confirming the payment. Not having to install a potentially privacy invading app is also a plus.
Wouldn't work in a lot of places where there's no LTE reception, though that will probably change with things like 5G and Starlink.
I also wouldn't want my ability to pay to be tied to my phone. Not only do I want to be able to pay for things even when my phone is dead, but it just seems like it would add yet another vector of attack to steal my money.
From what I understood, it does have a way to do offline transactions. There are two kinds of QR codes: one which is scanned by the app and used for both online and offline transactions, and a second kind used when offline which is presented by the app and scanned by the POS. This second QR code contains data similar to what a chip card would return to the reader during an offline transaction, so the transaction flow after that point is similar.
