Apple Pay security and privacy overview

Apple Pay protects your personal information, transaction data, and credit, debit, and prepaid card information with industry-leading security. Learn more about Apple Pay security and privacy below.

Using Apple Pay is easy, secure, and private. It’s simple for you, and it’s built with integrated security in both hardware and software, making it a safer way to pay than with your credit, debit, and prepaid cards.

Apple Pay is also designed to protect your personal information. Apple Pay doesn't collect any transaction information that can be tied back to you. Payment transactions are between you, the merchant (or developer for payments made within apps and on the web), and your bank.

Keeping your payment information secure

To help ensure the security of Apple Pay, you must have a passcode set on your device and, optionally, Touch ID. You can use a simple passcode, or you can set a more complex passcode for even greater security.

When you add credit, debit, prepaid cards, or Suica cards

When you add a credit, debit, or prepaid card to Apple Pay, the information that you enter on your device by typing or using the camera is encrypted and sent to Apple servers. If you use the camera to enter the card information, the information is never saved on the device or stored to the photo library. Apple decrypts the data, determines your card’s payment network, and re-encrypts the data with a key that only your payment network (or any providers authorized by your card issuer for provisioning and token services) can unlock. Then it sends the encrypted data, along with other information about your iTunes and App Store account activity (such as whether you have a long history of transactions within iTunes), information about your device (such as phone number, name, and model of your device, plus any companion iOS device necessary to set up Apple Pay), information about your device usage (such as percent of time device is in motion), as well as your location at the time that you add your credit, debit, or prepaid card (if you have Location Services enabled) to your bank or card issuer. The information may only be used by them to determine whether to approve adding your card to Apple Pay, and by Apple to protect against fraud.

In Japan, when you add a Suica card to Apple Pay, the information that you enter on your device (by typing or using the camera), information read from an existing card, as well as information about your device usage (such as percent of time device is in motion, approximate number of calls per week) is encrypted and sent to Apple servers.

Once your card is approved, your bank or your bank’s authorized service provider creates a device-specific Device Account Number, encrypts it, and sends it along with other data (such as the key used to generate dynamic security codes unique to each transaction) to Apple. Apple can’t decrypt it, but will add it to the Secure Element within your device. The Secure Element is an industry-standard, certified chip designed to store your payment information safely. The Device Account Number in the Secure Element is unique to your device and to each credit, debit, or prepaid card added. It’s isolated from iOS and watchOS, never stored on Apple Pay servers, and never backed up to iCloud. Because this number is unique and different from usual credit, debit, or prepaid card numbers, your bank or issuer can prevent its use on a magnetic stripe card, over the phone, or on the web.

Apple doesn’t store or have access to the credit, debit, or prepaid card numbers you added to Apple Pay. Apple Pay only stores a portion of your actual card numbers and a portion of your Device Account Numbers, along with a card description, to help you manage your cards and add your cards across your devices.

Information about your card will be associated with your iCloud account. If you add more than one card to Wallet, Apple or its partners may be able to link personal and account information associated between cards. For example, My Suica cards can be linked to non-personalized Suica cards. Aggregate, non-personally identifiable, information about setting up Suica cards may be shared with mobile device carriers on a periodic basis.

When you pay using Apple Pay in stores

Paying in stores that accept contactless payments with Apple Pay uses Near Field Communication (NFC) technology between your device and the payment terminal. NFC is an industry-standard contactless technology designed to work only across short distances. If your iPhone is on and it detects an NFC field, it will present you with your default card. To send your payment information, you must authenticate using Touch ID or your passcode. No payment information is sent without your authentication. On Apple Watch, you must double-click the side button when the device is unlocked to activate your default card for payment.

After you use Touch ID or enter your passcode on iPhone, or double-click the side button on Apple Watch at a payment terminal, the Secure Element provides your Device Account Number and a transaction-specific dynamic security code. This information is sent along with additional information needed to complete the transaction to the store’s point of sale terminal. Neither Apple nor your device sends your credit, debit, or prepaid card number. Before they approve the payment, your bank, card issuer, or payment network can verify your payment information by checking the dynamic security code to make sure it’s unique and that it’s tied to your device.

When you pay using Apple Pay within apps or on the web*

To securely transmit your payment information when you pay in apps and on the web, Apple Pay receives your encrypted transaction and re-encrypts it with a developer-specific key before the transaction information is sent to the developer or payment processor. This key helps ensure that only the app or website you’re purchasing from can access your encrypted payment information. Every website offering Apple Pay must also verify their domain every time Apple Pay is offered as a payment option. As with in-store payments, Apple sends your Device Account Number to the app or website along with the dynamic security code. So neither Apple nor your device sends your actual credit, debit, or prepaid card numbers to the app.

When you use Apple Pay on your iPhone or Apple Watch to confirm a purchase from your Mac in Safari,* Apple Pay transfers purchase information in an encrypted format between your Mac and your iOS device or Apple Watch to complete your transaction. You can disable the ability to pay on your Mac with Apple Pay by going to Settings > Wallet & Apple Pay and disabling Allow Payments On Mac on your iPhone.

Apple Pay retains anonymous transaction information including approximate purchase amount, app developer and app name, approximate date and time, and if the transaction completed successfully. Apple uses this data to improve Apple Pay and other products and services. Apple also requires apps and websites in Safari using Apple Pay to have a privacy policy that you can view which governs their use of your data.

For your convenience, when using an app or a website that uses Apple Pay in iOS, watchOS, or macOS the app or website can check if you have Apple Pay enabled on that device. This can be managed in Settings.

When you add and use rewards cards with Apple Pay transactions in stores

When you add rewards cards to Wallet, all the information is stored on your device and encrypted with your passcode. iCloud can be used to back up your cards and keep your rewards cards up-to-date on multiple devices. iCloud secures your data by encrypting it when it's sent over the Internet and storing it in an encrypted format when kept on Apple’s servers. You can disable iCloud support on your device by going to Settings > [your name] > iCloud and turning off Wallet. Learn more about how iCloud stores and protects your data.

You can choose to have a rewards card automatically presented for use in the merchant’s stores when you make an Apple Pay purchase. You can disable automatic selection of a rewards card by changing its setting in Wallet. Any time personally identifiable information is sent to the payment terminal when you use your rewards cards — like your email or phone number — we require the merchant to encrypt the data. And no rewards card information is sent without your authorization.

When you use Apple Pay to ride transit in Japan

To make riding transit more seamless, Suica cards can be set as an Express Transit card, allowing you to pay and ride using your Suica card without using Touch ID or passcode. You can manage Express Transit on your iPhone by going to Settings and tapping Wallet & Apple Pay, and for your Apple Watch in the Apple Watch app.

If you lose your device and need to suspend or remove cards from Apple Pay

If you turned on Find My iPhone on your iPhone, iPad, Apple Watch, or a MacBook Pro with Touch ID, you can simply suspend Apple Pay by placing your device in Lost Mode using Find My iPhone instead of immediately canceling your cards. You can also permanently remove the ability to pay with Apple Pay using the credit, debit, and prepaid cards on your device and attempt to remove the rewards cards stored on your device by erasing the device remotely using Find My iPhone. On iPhone, iPad, Apple Watch, and a MacBook Pro with Touch ID, you can go to your Apple ID account page to remove the ability to make payments from cards on the device.

Your credit, debit, and prepaid cards will be suspended or removed from Apple Pay by your bank, your bank’s authorized service provider, your card issuer, or your issuer's authorized service provider, even if your device is offline and not connected to a cellular or Wi-Fi network. You can also call your bank or issuer to suspend or remove your credit, debit, or prepaid cards from Apple Pay.

Suica cards can't be suspended if your device is offline. You can remove your Suica cards by erasing your device remotely on Find My iPhone or removing all cards from your Apple ID account page. If your device is offline when you try to erase it, your Suica cards might still be available for use at some terminals until 12:01 AM JST the following day. If you remove your Suica cards, the balance is recoverable. You can add them back to a device signed in with the same Apple ID after 5:00 AM JST the following day.

Using Apple Pay in stores and to ride transit

When you pay in stores or ride transit, Apple doesn’t collect any transaction information that can be tied back to you. If you have Location Services turned on, the location of your device and the approximate date and time of the transaction may be sent anonymously to Apple. Apple uses this information to help Apple Pay improve the accuracy of business names in your transaction history and it may be retained in the aggregate to improve Apple Pay and other Apple products and services.

In Japan, to enable the most seamless transit experience, when you use your Suica with Apple Pay, information like recently visited stations, transaction history, and additional tickets may be accessed by a nearby contactless reader if your card is set as your Express Transit card, or once you authenticate using Touch ID.

When you use rewards passes with Apple Pay, Apple doesn’t receive any information about the rewards transaction other than what's displayed on the pass.

See the Apple Privacy Policy and iOS Security document for more information about how Apple uses and protects your information

* Using Apple Pay on the web in Safari isn't currently available in China.

Published Date: