Payment authorization with Apple Pay
For devices with the Secure Element, a payment can be made only after it receives authorization from the Secure Enclave. This involves verifying that the user has confirmed their intent to pay and that the user has authenticated themselves using one of the following methods:
Biometric authentication
Device passcode or password
Double-clicking the side button of an unlocked Apple Watch
Biometric authentication, if available, is the default method, but the passcode or password can be used at any time and is automatically offered after three unsuccessful attempts to match a fingerprint, or two unsuccessful attempts to match a face. After five unsuccessful attempts, the passcode or password is required.
A passcode or password is also required when biometric authentication isn’t configured or turned on for Apple Pay.
Using a shared pairing key
The Secure Enclave and Secure Element communicate through a serial interface. The Secure Element links to the NFC controller, which connects to the Application Processor. Although the Secure Element and Secure Enclave don’t connect directly, they can, however, communicate securely using a secret created during runtime. In the factory, both are set up with each other’s long-term public keys. The Secure Enclave’s public key comes from its UID key and the Secure Element’s identifier. The corresponding private key is stored in hardware, hidden from software. During runtime, the long-term public keys create a shared secret using the Elliptic Curve Diffie-Hellman (ECDH) key agreement protocol. This shared secret ensures secure communication.
Authorizing a secure transaction
When the user authorizes a transaction, which includes a physical gesture communicated directly to the Secure Enclave, the Secure Enclave then sends signed data about the type of authentication and details about the type of transaction (contactless or within apps) to the Secure Element, tied to an Authorization Random (AR) value. The AR value is generated in the Secure Enclave when a user first provisions a credit card and persists while Apple Pay is enabled, protected by the Secure Enclave encryption and anti-rollback mechanism. It’s securely delivered to the Secure Element by leveraging the pairing key. On receipt of a new AR value, the Secure Element marks any previously added cards as terminated.
Using a payment cryptogram for dynamic security
Payment transactions originating from the payment applets include a payment cryptogram along with a Device Account Number. This cryptogram, a one-time code, is computed using a transaction counter and a key. The transaction counter is incremented for each new transaction. The key is provisioned in the payment applet during personalization and is known by the payment network or the card issuer or both. Depending on the payment scheme, other data may also be used in the calculation, including:
A Terminal Unpredictable Number, for near-field-communication (NFC) transactions
An Apple Pay server anti-replay value, for transactions within apps
User verification results, such as Cardholder Verification Method (CVM) information
These security codes are provided to the payment network and to the card issuer, which allows the issuer to verify each transaction. The length of these security codes may vary based on the type of transaction.