TL;DR: Apple announced a payment thing called Apple Pay.
I've seen a few knowledgeable people talking about it recently, and apparantly either getting it wrong, or missing some of the point (or only covering half of it)
- Xero Blog
- John Siracusa on ATP, at around 1h22.
- Various blogs and news sites (I really should use something to keep track of these)
The bit I think they are missing (in the case of John) or possibly ignored (in the case of Matt Vickers from Xero, who's article is a really good read) is that it's two distinct products rolled into one. They are related, but not really the same.
The first is an NFC-based, tap and pay system. NFC-based payments are not that common in the US yet, but they are in the UK, EU, NZ and AU, and possibly in other places too (I've not been to many of them recently). Most countries with Chip and Pin cards (which is almost everywhere but the US) are moving to the Visa Paywave / Mastercard PayPass NFC system.
In the UK and AU, "stickers" which stick on the back of your phone, are quite popular - it's basically a small NFC chip with your credit card info on it. Think about the small loyalty cards you stick on your keyring, but stuck to your phone. Works like a tap-and-pay credit card otherwise. Very handy, and aside from the obvious internal smarts, very easy and cheap to roll out. The banks can even do some smart things like put a unique card number on, and work out which one of your accounts to charge on the back end - makes it easy for you to pick which real account to use from their mobile app.
For the hardware side of Apple Pay to work, Apple needs to "just" add it to their phone, which they have done with the iPhone 6 and 6+. Your card details (or some form of them) are stored securely on the phone, and when you tap it (and use TouchID to authorise it), it pays, the same way as your credit / debit card would if you used it at a store (and which I've done 3 times today, so far). Android can also do this, with the Nexus 5, Galaxy S5 and a few others.
Infrastructure-wise, Apple needs to do a fair bit - they didn't expose the interface between the user-level of the phone (where we can write apps) and the secure element - only Apple can write to it (on Android, anyone with permission can write to it), so they have to be the go-between between your bank and the secure element. This is why it's US-only - they have only got deals with the US banks. That will change.
On Android, anyone with permission can write to it, so a bank could write their own mobile wallet app, authenticate you how they see fit, and write the appropriate thing to the secure element. Anyone else could, too, but the block of data that's written is encrypted by the bank, the same way that it's encrypted on your credit card, so you can't write anything useful into the secure element.
BTW, taking a photo of your credit card is only a quick way to get the data in - you could type it - it still has to go back to your bank and be "swapped" for the secure block that is written to the secure element.
The second part is, confusingly, also called Apple Pay. This part is also about paying for things in the real world, where In-App Purchase isn't allowed, but it's not about tapping to pay: it's about standing in the queue at Starbucks, putting your order into the SB's app on your phone, paying using your iTunes Store-connected credit card, and having that integrate into the store's POS system (and get presented with a decidely average coffee).
Think of the (US only) Apple easy-pay thing, where you buy a physical apple product on your phone, walk into the store, pick it up (off the shelf) and walk out. Sounds like a security nightmare, but they have made it work.
In New Zealand there is a crowd called "YQ" who do this already. I can get off the ferry, select my local cafe, put an order in for a coffee and pick it up when I walk in the door. The payment is done between YQ and the coffee shop (I loaded my card into YQ) - this is just Apple making it really easy for developers to do this: YQ had to go to a local payment provider to sort out the payment, and I'd assume, is paying more than Apple is per transaction.
Expect to see Amazon do an app which pays with this method. It's all about physical goods.
This is all Apple. They charge the card, their apps - that we write - present the UI, and it can use any credit card or other payment method that Apple supports. I suspect it's not taking 30% either, like a normal IAP.
It could hit the same source credit card, but thats up to how you have it configured. This should work on any iPhone - tho they may make it require TouchID to keep the credit card companies happy and get a better rate, but thats up to Apple.
It does not, however, allow you to pay a random merchant you just walked into - thats the "other" Apple Pay.
Thats really it - the two sides of Apple Pay. Similar, and not mutually exclusive, but not that same.