I'm so disappointed that the 5s doesn't support Apple Pay for in-app purchases of physical goods (the payments product Stripe partners with Apple to provide).
I've yet to discover any reason why except marketing/branding – ostensibly consumers would be confused that they can use their 5s for purchases through apps but not in retail stores, due to the lack of NFC.
From a technical perspective, there doesn't seem to be anything holding the 5s back. The A7 has a secure element/"enclave" like the A8 (a cryptographically secure place on the SoC to store payment tokens, fingerprints, and the like), and the 5s has an A7 and the TouchID sensor.
EDIT: The secure element is in fact distinct from the secure enclave. agnokapathetic explains below.
The technical reason is that while the iPhone 5s has the Secure Enclave co-Processor (SEP), it does not have an Apple Pay Secure Element (SE).
The SEP is a ARM TrustZone-like separate processor running a stripped down L4 derived microkernel. This manages encryption keys, the secure boot-loader and OS update signing.
The Apple Pay Secure Element is a separate chip which runs a Java-Card-OS. "Cards" in the java-card-OS are cryptographically "personalized" by the payment network (VISA, AMEX, MasterCard) with per-device keys and the device personal account number (DPAN)--the tokenized device only credit card.
This is the same java-card + payment network personalization that physical chip-and-pin cards, Google Wallet and most other NFC payments use.
So my guess is that the Payment Networks were not comfortable using the Secure Enclave Processor and preferred to reuse the same technology used by chip-and-pin, with a separate Secure Element chip.
Thanks for clearing that up. Assuming the Secure Enclave has a level of security comparable to the Secure Element, it'd be nice if the payment networks would trust it, but they're so notoriously conservative...and understandably want everyone using the same base tech to keep complexity lower.
I think the bulk of my disappointment is that I upgraded to a 5s anticipating I wouldn't be totally shut out of Apple's (at the time rumored) impending launch of a payments product. Oh well, at least we get TouchID auth for apps.
They're notoriously good about this. If a phone's processor lacks a component necessary to make it function, it will be difficult to compensate for that through software. I'm sure Apple would've loved to get an extra 50m folks using a payment network that they get a cut of, but they couldn't, so buy an iPhone 6 if you want to use it.
'"Cards" in the java-card-OS are cryptographically "personalized" by the payment network (VISA, AMEX, MasterCard) with per-device keys and the device personal account number (DPAN)--the tokenized device only credit card.'
Is this 'tokenized device only credit card' the same concept as the Point-of-Sale seeing a unique CC # (generated) for the transaction? (What I believe is one of the selling points for Apple Pay). Are there other products that do this?
I was under the impression that Secure Element is separate from Secure Enclave. Secure Element is for CC information and Secure Enclave for fingerprint data. Since the 5s lacks Secure Element, it makes sense why even Apple Pay in apps wouldn't work. I have not been able to find anything to suggest one way or the other, so I could be wrong. Please correct me if I said something wrong.
I've yet to discover any reason why except marketing/branding – ostensibly consumers would be confused that they can use their 5s for purchases through apps but not in retail stores, due to the lack of NFC.
From a technical perspective, there doesn't seem to be anything holding the 5s back. The A7 has a secure element/"enclave" like the A8 (a cryptographically secure place on the SoC to store payment tokens, fingerprints, and the like), and the 5s has an A7 and the TouchID sensor.
EDIT: The secure element is in fact distinct from the secure enclave. agnokapathetic explains below.