I've been aware of the Cambridge findings since they were released and I've never said Chip and Pin is 100% secure. As a merchant in the UK unlike signature verification, we are covered if the transaction is verified by a PIN and the card turns out to be lost/stolen. As a retailer where we can take £15k ($25k) in a single transaction that's very important. However we take further security precautions than just the pin, we visually examine the card making sure that it was (as far as we can ascertain) issued by a genuine financial institution. Then we look at the chip, has it been tampered with in any way, and isn't connected physically to something else like a computer up the sleeve for example. And finally does the information printed on the front of the card match the information printed on the merchant receipt.

Now if Apple Pay is going to cover us in case of a fraudulent transaction that's great, if not then less great. That very probably won't worry us at the moment as Apple pay may well be limited to the current maximum transaction value of ~£15 in the UK for NFC payments. Apple pay is either going to sink or swim and given the numbers of iPhones that exist it might be a big enough user base to give it a jump start. It's an interesting concept and it might be a secure way forward for payments, if the other US based system MCX doesn't cause too many headaches (retailers who sign up to MCX won't accept other mobile wallets http://www.reuters.com/article/2014/...0?feedType=RSS).

However what will help it be accepted from a merchant point of view (as I said earlier) is whether the transactions are covered in the case of fraud by: the retailer or the card issuer or the cardholder and the merchant fees. We don't take Amex as the fees are too high and Apple Pay will need to either match or undercut the current fees to make it worth our while. If as a consumer I dispute a transaction, I say I never made the payment and didn't buy the goods in a store what comeback do I have? will Apple Pay be able to prove that a specific phone was used, what will the retailer have to identify the card used above this unique number, possibly nothing? There's also a need to have an NFC equipped terminal to be able to take the payments, these aren't cheap so who's going to pay for them? It could be great but at the moment I'm on the seriously undecided fence.