Apple Pay is Apple’s mobile payments service. Apple Pay also lets users make one-tap purchases within apps that have adopted the Apple Pay API, and it is available on the web with iOS 10 and macOS Sierra. Devices capable of using Apple Pay within iOS apps or on the web include the iPhone 6, iPhone 6s, iPhone 6 Plus, iPhone 6s Plus, iPhone 7, iPhone 7 Plus, iPhone SE, iPad Air 2, iPad mini 3, iPad mini 4, and iPad Pro models. All of these devices feature Touch ID and contain an NFC controller where the “Secure Element” of Apple Pay is located, keeping customer information private.
To keep transactions secure, Apple uses a method known as “tokenization,” preventing actual credit card numbers from being sent over the air. Apple also secures payments using Touch ID on compatible iPhones and continual skin contact on the Apple Watch.
Apple is aiming to replace the wallet with Apple Pay, and the one-step payment process prevents people from needing to dig through a purse or wallet to find credit or debit cards. Because it is built on existing NFC technology, Apple Pay works anywhere NFC-based contactless payments are accepted.
How It Works
In a retail store, when approaching a point-of-sale system compatible with Apple Pay, the screen of the iPhone will light up and open Wallet automatically, where a user can tap on a credit card to be used or pay with the default card.
A payment is made by holding a compatible iPhone or Apple Watch near a checkout system that includes NFC, most of which look like standard card checkout terminals within stores. A finger registered with Touch ID must be kept on the home button for a short amount of time (or the Apple Watch must be kept on the wrist), after which a payment is authenticated and the transaction is completed. A completed payment is denoted by a slight vibration, a check mark on the screen, and a beep.
At times, Apple Pay may not be much more convenient than swiping a card, but it’s important to recognize that Apple Pay is still more secure than a traditional card-based transaction. With Apple Pay, a cashier does not see a credit card number, a name, an address, or any other personally identifying information. There is no need to take out a credit card or confirm the authenticity of a credit card with a driver’s license or ID card, because all of that information is stored on the iPhone and protected by several built-in security systems, including Touch ID.
Making a payment online via Apple Pay is just as simple as an in store payment because it uses the same credit card and authenticates with Touch ID in participating apps that have adopted the Apple Pay API. Using Apple Pay in an app bypasses all of the steps that are usually required when making an online purchase, including entering shipping and payment information.
After an item is added to an online cart and a user initiates the checkout process, Apple Pay can be selected as the payment method. The shipping/billing address associated with the credit or debit card on file is automatically entered, as is a user’s name, and the purchase is confirmed via Touch ID. During this process, information like shipping address can be altered, which is useful when ordering a gift. Online payments using Apple Pay for the web follow the same process.
Online and retail store payments are both limited to participating merchants. Apple Pay is only available within apps and on websites that have adopted the Apple Pay API and to make a payment in a retail location, the shop will need to support Apple Pay directly or allow NFC payments.
In More Detail
Apple Pay in stores is available for the iPhone 6, 6s, 6 Plus, 6s Plus, SE, 7, and 7 Plus,, all of which contain near-field communication (NFC) chips that have not been incorporated into previous-generation iPhones.
Apple Pay also works with Apple Watch, the company’s wrist-worn wearable device. The Apple Watch allows owners of older iPhones, including the iPhone 5, 5c, and 5s, to use Apple Pay in retail stores. Though the Watch needs to be paired with a phone, Apple Pay can be used when the phone is not present.
Apple puts a heavy emphasis on security when advertising Apple Pay, to assure iPhone owners that their payment information is safe, and, in fact, safer on an iPhone than inside of a wallet. According to former credit card executive Tom Noyes, the way Apple Pay has been designed to work makes it “the most secure payments scheme on the planet.”
When a credit or debit card is scanned into Wallet for use with Apple Pay, it is assigned a unique Device Account Number, or “token,” which is stored in the phone rather than an actual card number.
The iPhone itself has a special dedicated chip called a Secure Element that contains all of a user’s payment information, and credit card numbers and data are never uploaded to iCloud or Apple’s servers. When a transaction is made, the Device Account Number is sent via NFC, along with a dynamic security code unique to each transaction, both of which are used to verify a successful payment. The dynamic security code is a one-time use cryptogram that replaces the credit card’s CCV and is used to ensure that a transaction is being conducted from the device containing the Device Account Number.
Whenever a transaction is conducted with an iPhone, a user must place a finger on Touch ID for the payment to go through. With the Apple Watch, authentication is done through skin contact. When the watch is placed on the wrist, a user will be prompted to enter a passcode. After a passcode is entered, as long as the device continues to have contact with the skin (which is monitored through the heart rate sensors), it will be able to be used to make payments. If the watch is removed and skin contact is lost, it can no longer be used to make payments.
Both Touch ID and the skin contact authentication method in the Apple Watch prevent someone who has stolen an iPhone or Apple Watch from making an unauthorized payment.
Furthermore, if an iPhone is lost, the owner can utilize Find My iPhone to suspend all payments from the device, without needing to go through the hassle of canceling credit cards.
Banks are confident in Apple Pay’s security, and have opted to assume liability for any fraudulent purchases made both in retail stores and online using the system.
Apple has been careful to point out the company does not store or monitor the transactions that people make with Apple Pay. Apple says it does not know what people are purchasing, nor does it save transaction information.
Compatible Credit Cards and Banks:
Apple has partnered with the major credit card companies in the United States: Visa, MasterCard, Discover, and American Express. Apple has also signed deals with major banks, including Bank of America, HSBC, Capital One, Chase, Citi, American Express, and Wells Fargo, and it’s established deals with hundreds of smaller banks across the country.
A current list of partners can be found on Apple’s participating banks support document. Apple is continually working to add additional partners and as of 2016, Apple Pay is accepted by more than 1,000 issuers in the United States.
APPLE PAY LOYALTY CARD INTEGRATION
In the fall of 2015, Apple Pay began working with various store loyalty programs, allowing customers with loyalty cards stored in the Wallet app to use them over NFC in participating stores. Loyalty cards from eligible stores added to Wallet will pop up at NFC terminals just like credit cards.
posted on February 20, 2017
posted on February 8, 2017
posted on February 25, 2017
posted on April 18, 2017
posted on December 16, 2016