In the last couple of days, Apple has added security questions to iTunes store accounts. Credit card companies should now be very worried.

Why?

As I have said before, and as now drives my work in mobile strategy and implementation, in the world of mobile, user experience is king. A king with the potential to change the way we use the web. By focussing on controlling your access to their network and protecting SMS revenues, carriers held back mobile potential and ultimately reduced themselves to being a dumb pipe.

Wresting control of the hand-sets back from the carriers has given us apps and a usable mobile web. Billing and purchasing have remained with the carriers, though they have failed to do anything with this.

Now that I’ve been living in the US and India, I have a renewed appreciation for how painful the experience of purchasing online can be. The credit card companies and merchants may or may not force me through a horrible gauntlet of slow loading, ugly and hard-to-use web pages to verify my card. Typically by asking me for information I don’t have. Most of the time I actually fail to buy anything. I now view paying for things online with much trepidation. PayPal is not an improvement. Using PayPal is worse than a credit card.

Buying music or TV shows from the iTunes Music Store is wildly different: I click “Buy”, I type in my password. There is no step three.

Sure, there are other problems (DRM on TVs and movies for one.) But in contrast to the abject failure that is just about all other online stores, this is streets ahead. The world of credit card purchasing is desperately in need of a user experience re-vamp.

Currently, Apple’s iTunes purchasing process can only be used to buy items from Apple’s stores (apps, music, media, computers) or content for apps purchased from their store. What if that same process could be used to purchase other items?

This is not a question of technology. The tech for payment gateways has existed for a long-time. This is a question of user-experience.

Except for one piece of technology: near-field communications. This allows data to be exchanged just by touching devices. Imagine if you could touch your iPhone to the cash register, type in your password and pay for your purchase? Convenient. And secure: your phone would never leave your hands. This is the Google Wallet dream, and I want it (perhaps without the creepy track-all-my-purchases spice Google will add.) But unfortunately Google sees this as mainly a technology problem, not as an experience problem.

There is a major new iPhone due out this year, if Apple continues their current release schedule.

So, online payment sucks, except for the iTunes store. Carriers have failed to capitalise on their billing relationships. Apple understands experience as the critical factor deeper than the other large companies in these worlds. But why should credit card companies be afraid just because Apple has added security questions? Because why has Apple suddenly added these? Are they planning an expansion? What if they released a Square-like POS device at the same time as they included NFC chips in the next iPhone? What if they offered an iTunes payment gateway for web purchases?

Because, given the choice between all the current options and using my iTunes account I know which I’d choose.