Chapter 5

Case Study:

1.  What is the value proposition that Apple Pay offers consumers?  How about merchants?

It offers ease of payment and security of purchase without the credit card information shared with merchants.  It also reads customer’s fingerprint and generates a onetime code to form a token. Info is encrypted so if intercepted it would be useless to the hackers.  They provide an insurance policy for the issuers of credit cards, and ease of customer purchases for merchants.

2.  What are some of the limitations of Apple Pay that might prevent its widespread adoption?

They are limited to working only with Apple devices, merchants need to buy NFC terminals, and consumers will need to change their behaviors.  Merchants lose some of their control over the purchase moment to upsell and offering loyalty points.   They also have many other competitors.

3.  What advantages do the Square and PayPal mobile card-swiping solutions have in the mobile payment market?  What are their weaknesses?

Advantages are they allow merchants to collect credit card payments on their tablets and cell phones.  This is advantageous for small business or people like baby sitters and at farmer’s market. Disadvantage is they still have to purchase the reader and Square works only for iPhone or iPad.

4.  What strategies would you recommend that Apple pursue to assure widespread consumer adoption of Apple Pay?

I would suggest Apple Pay find a way for other devices to use their system without buy an Apple product.  That way they could get any mobile phone user and increase their customer users.


1.  Why is it less risky to steal online?  Explain some of the ways criminals deceive consumers and merchants.

“Rather than rob a bank in person, the Internet makes it possible to rob people remotely and almost anonymously.”  Criminals can hide their identities easier online by “assuming legitimately looking identities.”  This allows them to

·         place fraudulent orders with online merchants,

·         steal information by intercepting e-mail, or

·         shut down e-commerce sites by using software viruses and swarm attacks. 

5.  Name the major points of vulnerability in a typical online transaction.

The three vulnerable points would be at the level of the; client, server and Internet communications.

10.  Briefly explain how public key cryptography works.

“The sender encrypts a message using the recipient’s public key, and then sends it over the Internet.  The only person who can decrypt this message is the recipient, using his or her private key.  However, this simple case does not ensure integrity or an authentic message.”

15.  Briefly discuss the disadvantages of credit cards as the standard for online payments.  How does requiring a credit card for payment discriminate against some consumers?

The limitations involve security, merchant risk, administrative and transaction costs, and social equity.

Millions of young adults do not have credit cards, along with almost 100 million other adult Americans who cannot afford cards, so requiring a credit card for payment is discriminate against some consumers.

20.  How are the two main types of EBPP systems both alike and different from each other?

Both are online payment systems supported by EBPP infrastructure providers.  One is direct in-house and the other consolidator model is through a third party such as a financial institution or focused portal.



3.  Comparison of three Certification Authority Companies



“Identity-based data security solutions secure governments, enterprises and financial institutions in more than 5,000 organizations spanning 85 countries.”  Headquartered in Minneapolis, Minnesota




“Serves over 115,000 customers in more than 180 countries. Our customers come from every industry, including e-commerce, education, financial, government, and healthcare, but all have one thing in common: they trust DigiCert as their partner in online security.”  Corporate office in Lehi, Utah.




“VASCO also secures access to data and applications in the cloud and provides a robust toolset for application developers to easily integrate security functions into their web-based and mobile applications. More than 10,000 customers in 100 countries rely on VASCO to secure access, manage identities, verify transactions, simplify document signing and protect high value assets and systems.”  Corporate office in Oakbrook Terrace, IL.



Of the three, Digicert has the most customers and serves in more countries.  Two big companies they serve are IBM and Paypal.