Apple files for patent for authorizing tokens in Apple Pay

Although a new report claims that the percentage of U.S. iPhone 6 owners who have tried Apple Pay fell from 15% in March to 13.1% in June, Apple continues to believe in its digital payment system. 

The company has filed for a patent (number 20150213443) with the U.S. Patent & Trademark Office for "tokenizing authorizations." It's for systems, methods, and non-transitory computer-readable storage media for creating sharable tokens that point to financial information stored in a secure online platform and that can be used in financial transactions.

Apple announced Apple Pay in September 2014, describing it as “a new category of service designed to transform mobile payments with an easy, secure and private way to pay.” It works with the iPhone 6 and iPhone 6 Plus through a NFC antenna design, a dedicated chip called the Secure Element, and Touch ID.

In the patent filing, Apple' says that delegating purchasing authority to another person can include allowing a merchant to conduct transactions with a cardholder with the merchant using recorded financial information. For example, some merchants offer to keep a person or business's financial card information on file so that the cardholder or his delegate can complete transactions with the merchant without a financial card being present. However, this practice carries a high risk for abuse and is also expressly forbidden by some financial card security standard bodies, such as the Payment Card Industry Data Security Standard, notes Apple. 

Other approaches to transferring purchasing authority to delegates include distributing company credit cards to employees or paying for a specific item in advance and authorizing a delegate pick up the item at a retail location. However, Apple says that company credit cards can carry a high administrative cost and can also involve a high risk that employees will abuse their authority. What's more, in-store pickup approaches do not allow delegates to make purchasing decisions for themselves and are typically limited in whom can pick up the products. 

Finally, other approaches for allowing delegates to make purchasing decisions involve issuing gift cards to delegates and simply handing out cash. However, Apple says that giving out gift cards or cash to a delegate provides too many opportunities for misappropriation, theft by another, etc. Plus, handing out gift cards or cash in a business environment doesn't allow for "adequate accounting, accountability, ability to depreciate goods, etc.," the company adds.

Apple thinks its "tokenizing authorizations" technique is better. The technology involves a user authenticating himself with a tokenization service and requesting a token that points to the user's financial information. The tokenization service can encode the financial information into a token and send it to the user. Then, the token can be decoded and used to carry out transactions. 

The token can also be transferred from the user to one or more delegates and used by the delegate for carrying out transactions. By virtue of the cardholder being uniquely authenticated by the tokenization service, the cardholder device can still view, change, or cancel the token. Apple says this allows the cardholder to maintain ultimate control over the financial information despite the token being transferred and usable by a delegate.