Apple has cautiously been dipping its toes into the mobile payments pool. But a freshly-published patent filing describes an entire backend system designed to secure electronic payments made through your phone.
Published Thursday by the US Patent and Trademark Office, a patent dubbed "Method to send payment data through various air interfaces without compromising user data" envisions how electronic transactions would securely travel using your existing mobile phone's technology.
You'd start out by paying for an item using your phone. The retailer's point of sale (POS) device would be connected to a backend system designed to handle commercial transactions.
A secure link between your device and the POS would be established using a wireless technology such as near-field communications. However, Apple has yet to jump on the NFC bandwagon, so the patent filing mentions Wi-Fi and Bluetooth as actually more desirable for maintaining the link over a longer time.
A second secure link between your phone and the backend server would then be established using a "shared secret" known only to the two devices along with an alias that identifies your credit card or other method of payment. That secret may contains symmetric keys, public private keys, or some other type of encrypted information.
A crypto key is generated from the shared secret and securely stored on your phone. The server then creates a key based on the secret and compares it with the key from your phone. If the keys match, the server deems the transaction legitimate, and your credit card is charged. If not, the payment is cancelled and the transaction denied.
Consumers haven often cited security fears as one reason why they're wary of paying for items on the go via their mobile phones. Apple's patent filing attempts to address that concern by establishing two separate and hopefully secure links for your mobile phone. But as always, a filing doesn't necessarily mean Apple's mobile payments system will ever see the light of day.