A lot of people are watching the spectacle of Apple vs. the FBI and the Homeland Security Theatre and rubbing their eyes, wondering why Apple (in the person of CEO Tim Cook) is suddenly the knight in shining armour on the side of consumer privacy and civil rights. Apple, after all, is a goliath-sized corporate behemoth with the second largest market cap in US stock market history—what's in it for them?
As is always the case, to understand why Apple has become so fanatical about customer privacy over the past five years that they're taking on the US government, you need to follow the money.
Apple wasn't very good about customer security in the early days of iOS. Early iterations of the iPhone notoriously lied about the security of SSL connections to email servers; my understanding is that this led to them being banned from some corporate and government accounts for a few years. But then they seem to have realized that security wasn't merely a useful feature to pitch to their customers, but a necessity. And the reason it's essential is Apple Pay.
It used to be a truism that General Motors was an insurance company wit a car-manufacturing subsidiary. GM's pension fund had grown so large (over most of a century) that GM had to invest the money somewhere in order to generate a return on investment that would keep the pensioners going: selling cars was simply not a big enough business. And today Apple is sitting on the largest cash stockpile in US corporate history. Its legendary $120-150Bn in cash has attracted the attention of activist investors like Carl Icahn, but even share buy-backs will only get you so far when you're taking 90% of the profits of the entire global smartphone industry. Some analysts have opined that if Apple maintains its current turnover and earnings, and continues to buy back shares at the current rate, by 2024 AAPL will revert to private ownership ... and still be sitting on $100Bn in cash.
Of course, if you have a tenth of a trillion dollars you can't just rock up to a bank and say "please accept this deposit, how much interest do you pay"? For one thing, if you have $0.1Tn, you have enough money to buy several banks. For another thing, money doesn't exist when it's not moving: it's a coefficient of economic velocity. Money needs to be invested and generate a return. Over the past decade Apple leveraged their cash pile to ensure they had a lead over their competitors. Given a five year product roadmap, they could project the need for some critical piece of hardware—synthetic sapphire phone displays, for example, or 5K monitor panels—years in advance. Such components didn't actually exist, but they knew suppliers who could provide them if someone loaned them the cash to build a factory (typically in the high hundreds of millions to low billions of dollars). So Apple would find a company like Sharp and say, "we're going to need a million 27 inch 5 megapixel displays in four years time. We'll front you the money to set up the factory at just 1% over the bank base rate, in return for an exclusive option to buy the first million quality-compliant components to come out of it". Everyone wins: Sharp get a factory that can mass-produce new high resolution display panels, Apple gets an exclusive lead on these panels for consumer sales, and Apple also gets to invest its money in a way that generates far more profit than merely handing it over to an investment house.
But ... Apple has too much money. From roughly 1998, when Steve Jobs returned, Apple began growing like a dot-com startup, at high double-digit annual percentage growth rates—only it started doing so from a billion dollar a year turnover base, not two guys in a garage. By 2008 it was probably clear to Steve Jobs and Tim Cook that if their strategy of becoming the dominant company in the consumer side of the post-PC world succeeded, the problem of where to find enough mattresses to stuff the $500 bills was only going to get worse. When you're making $50-100Bn a year in profit, you can't put the money in a bank: you have to become a bank. And that's what Apple Pay is about, and that's why Apple have become fanatical about customer privacy and electronic civil rights (in one very narrow field).
I'm going to assume you know what Apple Pay is: you use your iPhone, iPad, or Watch as a trusted, authenticated identity token in a shop to pay for stuff. It ties into your bank account and basically your phone swallows your debit and credit card.
Ultimately the banks are going to discover—the hard way—that getting into bed with Apple was a bad idea, about the same way that getting into bed with Amazon over ebooks was a bad idea for the Big Five publishers. Apple is de facto an investment bank, right now: all it needs is a banking license and the right back end and regulatory oversight and risk management and it will be able to go toe-to-toe with the likes of Chase or Barclays or HSBC as a consumer bank, too. And Apple has a very good idea of how risky their customers' behavior is because unlike the banks and the credit card settlement network they're not running on incrementally upgraded legacy infrastructure designed in the 1950s. Note those two words a couple of sentences ago: "risk management". Banks are not in the business of holding your money or making loans; they live or die by how well they manage risk. Apple, like Google, has a much richer relationship with their customers than any bank. They can (for example), with a customer's position, know roughly where the customer's phone or watch is moving, and thereby spot faked payment credentials if someone clones the device and tries to use it to buy something a thousand miles away. The CC networks have velocity checking but it's a really crude metric for spotting fraud: Apple can massively improve on it.
But that's not where anti-fraud methods begin and end. For example, Apple have got reasonably good fingerprint readers on their current devices, backed by long PINs and password management. The newer phones have trusted hardware stores for the cryptographic tokens that are used to unscramble the addresses where data is written in the phone's on-board storage: they support (and encourage the use of) two-factor authentication. Some analysts report Apple is working on improving their front-facing cameras to the extent that they can do iris or retina scanning. On the long-term horizon, there are already ultra-compact low-cost DNA sequencers out there; if you really want to authenticate a user via biometrics, about the ultimate trust level is a combination of a shared secret (their password) with a mixture of biometrics tested simultaneously—a fingerprint reader that can quickly confirm a match for their genome while the front camera recognizes the retina of the person holding the device. Their phones are, in many respects, more secure than the ATMs and credit card infrastructure we've used to accessing our bank accounts. And that gives the phone vendors an opportunity to leapfrog over the existing banking infrastructure in the efficiency of their risk management protocols, by reducing fraud while simultaneously knowing much more about their customers' habits and being able to spot potentially risky activity patterns early enough to reduce their exposure.
Here's my theory: Apple see their long term future as including a global secure payments infrastructure that takes over the role of Visa and Mastercard's networks—and ultimately of spawning a retail banking subsidiary to provide financial services directly, backed by some of their cash stockpile.
The FBI thought they were asking for a way to unlock a mobile phone, because the FBI is myopically focussed on past criminal investigations, not the future of the technology industry, and the FBI did not understand that they were actually asking for a way to tracelessly unlock and mess with every ATM and credit card on the planet circa 2030 (if not via Apple, then via the other phone OSs, once the festering security fleapit that is Android wakes up and smells the money).
If the FBI get what they want, then the back door will be installed and the next-generation payments infrastructure will be just as prone to fraud as the last-generation card infrastructure, with its card skimmers and identity theft.
And this is why Tim Cook is willing to go to the mattresses with the US department of justice over iOS security: if nobody trusts their iPhone, nobody will be willing to trust the next-generation Apple Bank, and Apple is going to lose their best option for securing their cash pile as it climbs towards the stratosphere.
Discuss.