How Secure Is Apple Pay?
By Paul Liu
Saturday, January 3rd, 2015
Apple Pay is a contactless payment technology introduced by Apple along with iPhone 6. The technology relies on Near Field Communication (NFC) to make payments and aims to plug the security vulnerabilities that plague the current swipe based credit card payments. While iPhone 6 and 6 Plus would come equipped with a NFC chip to support Apple Pay, the technology can also be used with iPhone 5, 5c and 5s through Apple Watch. After the launch of iPhone 6, customers would be able to use the payment technology at over 220,000 retail locations as well as for in-app purchases.
How Does Apple Pay Work?
Apple Pay makes use of the Passbook app to make payments so you would need to enter your credit card details into the app before using the payment system. To make a payment through the system, you just need to launch the app and place your iPhone near the NFC credit card terminal of a participating store. The payment also needs to be authenticated via Touch ID (PIN for iPhone 5) which adds another layer of security to the entire process. As soon as the Touch ID (or PIN) is verified, the system will use the payment details already present in your Passbook app, combine it with a dynamically generated security code and relay the information to your bank and payment processor. The payment processor will validate the request and approve/deny the payment to complete the transaction process.
Is Apple Pay Really Secure?
While Apple wants to revolutionize the mobile payment landscape with Apple Pay, most people would be a bit cautious before warming up to the technology. After all, there are already several mobile payment systems available but the number of people using them remains extremely low. Most customers are worried about the security challenges associated with mobile payment technologies so they expect Apple to offer foolproof security through its new payment system.
Here is how the Apple Pay system addresses the security issues:
The system eliminates the need of swiping a credit card or revealing payment information at any stage of the transaction thus making it almost impossible for hackers or card skimmers to steal your card details. And although you need to enter your credit card details in the Passbook app, the payment information is never stored on your device or even Apple’s servers. Instead, Apple Pay assigns a unique device number and stores it in an encrypted format on the NFC chip present on your device (iPhone 6 or Apple Watch). So the entire payment is not only tied to your credit card but also to your device. And even if you happen to lose your iPhone, the thief won’t be able to buy anything with your payment information since every transaction needs to be authenticated with Touch ID.
The system further enhances the transaction security by using a system generated dynamic security code. The code is valid only for one transaction so even if someone is able to sniff out the transaction data, they won’t be able to use it to make a new purchase. Apple even promises not to keep a record of your transactions so your payment history cannot be tied to you in any way. And since NFC is considered a lot more secure than other technologies, the entire payment system should offer more security to end users.
Most security experts have welcomed the security features available with Apple Pay. However, some of them are worried that criminals would be able to breach into the system since the biometric security available with iPhones is not considered 100% secure. All in all, the Apple Pay system does promise to usher a new era in the mobile payment industry.