Why Apple Pay is The Fort Knox of Online Payment Security

Apple Pay is built into every 6 and 6 Plus and is due to go live later this month. With all of the recent iOS 8 bug issues, we’re expecting some hesitation from users on whether or not to trust Apple Pay as being secure.

But we’re here to tell you why we think Apple Pay is more secure than Fort Knox!

1. Secure Element Chip

secure element

  • When you upload a credit card or start using cards associated with your iTunes account in Apple Pay, the details will first be encrypted.
  • It will be sent securely to the credit card network to validate that it is in fact your card.
  • When validated, a token will be sent to the device and will be stored in the secure element chip.

This is a ‘secure memory and execution environment’ for storing application code and data. It defines the boundaries of memory for each application to encrypt, decrypt and sign the data package. Basically, it’s mega secure.

For more info on the Secure Element check this article.

2. A Token Gesture

So back to the token. Your credit card details are turned into a token or unique device account number. Before you get worried, as it does share the last 4 numbers of your credit card, the token is useless on its own. As the tokens are not mathematically generated, it isn’t possible to decrypt them.

3. Touch ID

To make your token of use to you, you need to validate it. This is where the fantastic simplicity of Touch ID comes in. You will not be able to verify your payment process without authorising it with Touch ID.

You’ll be able to see all your payment cards in Passbooks, but none of the details will be useful in the hands of anyone other than you.

4. Cryptograms

But wait…there’s more! As your transaction is happening, Apple will send a dynamically generated CVV (security code) along the chain with a cryptogram. The cryptogram is a one time dynamic security┬ácode to verify that the token is coming from your device. The CVV is like the 3-digit code on the back of your credit card, but this is algorythmically generated and tied specifically to the token you are using. So the token is connected to your device via a CVV and cryptogram.

5. What if it’s Lost or Stolen?

If you lose your iPhone, or worse, someone steals it, you can go to Find My iPhone and suspend all payments from that device. But unless they have your fingerprint too, it won’t do them much good anyway. Your details are pretty difficult to get hold of in this impressive system of codes.

Overview

Check out this video from the Apple Media event to get a quick recap in more plain English:

October 8, 2014

Need to Know More About iCloud? Then sign up for this FREE 10 Essential Tips Guide To help get you started.

x