Is Apple Pay secure in store, online, and in your pocket?

Brandon Lane

Brandon Lane

Share on facebook
Share on twitter
Share on linkedin

You’ve worried about your wallet at least once in your life. And with your wallet now moving to your smartphone, should you still be scared?

ApplePay
Apple Pay In Action

Cash is king. But will it soon be dethroned by Apple Pay?

If you’re worried about the security of your bank accounts or your personal identity being hacked, you tend to use cash as much as possible. But while cash does keep your identity safe, it can be easily stolen – and not easily recovered. Apple is trying to take the crown with Apple Pay by providing advanced security features only available within the mobile wallet. But the real question is, how secure is Apple Pay itself?

Where to start

First things first. In order to use Apple Pay, your phone must have a lock screen or Touch Id passcode. What’s more, an Apple Watch must have Wrist Detect enabled (Wrist Detect is what allows the user to only have to unlock their Watch once each time they put it on), which locks the watch when the user takes it off. This is what initially prevents offline thieves from using Apple Pay from a stolen iPhone or Apple Watch. But what about Apple themselves? Or Internet thieves.

Is Adding a credit or debit card into Apple Pay Secure?

A major concern for most people who are worried about the security of Apple Pay, is adding debit or credit cards to their mobile wallet. Apple has gone to great lengths to ensure that all data is immediately encrypted and is never stored by Apple on any server or device. Your bank is the only server who stores your real information. They encrypt it, send it back to Apple, who then stores it within the Secure Element on your device, via a Device Account Number.
The Apple Pay Device Account Number that is stored within the Secure Element is unique to your device and the card you added. This number is also different from the physical number stored on your regular debit or credit cards, so that your bank can prevent the Apple Pay version being used on magnetic stripe readers, over the phone, or via websites. This process is also referred to as tokenization. Which you can learn more about here.

ApplePaycardscan
Apple Pay Card Scan

Learn how to enter a credit card via a photo

OK, but is Apple Pay secure when paying in stores?

When using Apple Pay in stores, Apple uses Near Field Communication (NFC) technology between your device and the payment terminal. As soon as your phone detects an NFC terminal, Apple Pay will automatically pull up your default card, and then in order to verify the payment, you must scan your finger into the Touch ID or enter your passcode. If using an Apple Watch, you must double click the side button when the device is unlocked in order to activate your payment – something you can only do when it’s on your wrist or unlocked with the code (for security reasons).
Once you have approved the payment, Apple Pay takes your Device Account Number, a transactional-specific security code, and any other necessary information, and sends it to the point-of-sale terminal. Your credit or debit card number is never released to the retailer. Before the payment is fully approved, your bank or payment network can verify your payment information and confirm the process. This makes it very difficult to steal any information out of a transaction.

Is it the same when paying with Apple Pay within Apps

The security measures work much in the same way as an in-store payment. The merchant will not receive your credit or debit card information, rather they will receive your Device Account Number along with the dynamic security code. The payment approval process is also the same as an in-store purchase.

Is Apple Pay secure if you lose your device?

Now for the big question. What happens if you lose your device?
First, don’t forget that someone will still need your passcode or touch ID in order to use Apple Pay. But of course, in true Apple fashion, they took security one step further. If you have Find My iPhone turned on, you can simply suspend Apple Pay by placing your device in Lost Mode. But that’s not all. Apple took one step further by allowing you to permanently remove the ability to use Apple Pay by erasing the device remotely using the Find My iPhone feature. You could also call your bank and remove your cards from Apple Pay – as well as mobile wallet content like loyalty cards and membership cards – if these security measures aren’t enough for you.

Final Verdict

Apple Pay is secure. And most likely, the most secure form of payment available today. Apple has gone to great lengths and I believe will continue to develop even more security measures to protect both the consumer and the retailer. In a world where cyber security is becoming more and more important, the security of the mobile wallet will be a major concern for anyone with a bank account. If you want any more information about Apple Pay security, Check out Apple’s overview here.

One Last Thing On Apple Pay

All of the above holds true for anything within Apple’s Passbook. Apple does not collect any data from mobile loyalty cards, coupons, or even things like PassKit’s Top Up Pass. This means that not only is Apple Pay secure, but rather your entire mobile wallet is secure. This is a big jump from the security that your back pocket provides.
To learn more about Apple Pay, click here

MOBILE WALLET MARKETING MASTERCLASS

Make the most of the Mobile Wallet Marketing opportunity with our new Masterclass. Join us in New York this August for a 3-day event with informative sessions and one-on-one workshops. Find out more information about Mobile Wallet Software