Apple Pay security and privacy overview

Apple Pay protects your personal information, transaction data, and credit, debit, and prepaid card information with industry-leading security. Learn more about Apple Pay security and privacy below.

Using Apple Pay is easy, secure, and private. It’s simple for you, and it’s built with integrated security in both hardware and software, making it a safer way to pay than with your credit, debit, and prepaid cards.

Apple Pay is also designed to protect your personal information. Apple Pay doesn't collect any transaction information that can be tied back to you. Payment transactions are between you, the merchant (or developer for payments made within apps and websites), and your bank.

Keeping your payment information secure

To help ensure the security of Apple Pay, you must have a passcode set on your device and, optionally, Touch ID. You can use a simple passcode, or you can set a more complex passcode for even greater security. On Apple Watch, Wrist Detect must also be enabled.

When you add credit, debit, or prepaid cards

When you add a credit, debit, or prepaid card to Apple Pay, the information that you enter on your device by typing or using the iSight camera is encrypted and sent to Apple servers. If you use the camera to enter the card information, the information is never saved to the device or stored to the photo library. Apple decrypts the data, determines your card’s payment network, and re-encrypts the data with a key that only your payment network (or any providers authorized by your card issuer for provisioning and token services) can unlock. Then it sends the encrypted data, along with other information about your iTunes and App Store account activity (such as whether you have a long history of transactions within iTunes), information about your device (such as phone number, name, and model of your device, plus any companion iOS device necessary to set up Apple Pay), information about your device usage (such as percent of time device is in motion), as well as your location at the time that you add your credit, debit, or prepaid card (if you have Location Services enabled) to your bank.

Once your card is approved, your bank or your bank’s authorized service provider creates a device-specific Device Account Number, encrypts it, and sends it along with other data (such as the key used to generate dynamic security codes unique to each transaction) to Apple. Apple can’t decrypt it, but will add it to the Secure Element within your device. The Secure Element is an industry-standard, certified chip designed to store your payment information safely. The Device Account Number in the Secure Element is unique to your device and to each credit, debit, or prepaid card added. It’s isolated from iOS and watchOS, never stored on Apple Pay servers, and never backed up to iCloud. Because this number is unique and different from usual credit, debit, or prepaid card numbers, your bank can prevent its use on a magnetic stripe card, over the phone, or on websites.

Apple doesn’t store or have access to the credit, debit, or prepaid card numbers you added to Apple Pay. Apple Pay only stores a portion of your actual card numbers and a portion of your Device Account Numbers, along with a card description, to help you manage your cards.

When you pay using Apple Pay in stores

Paying in stores that accept contactless payments with Apple Pay uses Near Field Communication (NFC) technology between your device and the payment terminal. NFC is an industry-standard contactless technology designed to work only across short distances. If your iPhone is on and it detects an NFC field, it will present you with your default card. To send your payment information, you must authenticate using Touch ID or your passcode. No payment information is sent without your authentication. On Apple Watch, you must double-click the side button when the device is unlocked to activate your default card for payment.

After you use Touch ID or enter your passcode on iPhone, or double-click the side button on Apple Watch at a payment terminal, the Secure Element provides your Device Account Number and a transaction-specific dynamic security code. This information is sent along with additional information needed to complete the transaction to the store’s point of sale terminal. Neither Apple nor your device sends your credit, debit, or prepaid card number. Before they approve the payment, your bank or payment network can verify your payment information by checking the dynamic security code to make sure it’s unique and that it’s tied to your device.

When you pay using Apple Pay within apps or websites

To securely transmit your payment information when you pay in apps and websites, Apple Pay receives your encrypted transaction and re-encrypts it with a developer-specific key before the transaction information is sent to the developer or payment processor. This key helps ensure that only the app or website you’re purchasing from can access your encrypted payment information. Every website offering Apple Pay must also verify their domain every time Apple Pay is offered as a payment option. As with in-store payments, Apple sends your Device Account Number to the app or website along with the dynamic security code. So neither Apple nor your device sends your actual credit, debit, or prepaid card numbers to the app.

When you use Apple Pay on your iPhone or Apple Watch to confirm a purchase from your Mac in Safari, Apple Pay transfers purchase information in an encrypted format between your Mac and your iOS device or Apple Watch to complete your transaction. You can disable the ability to pay on your Mac with Apple Pay by going to Settings > Wallet & Apple Pay and disabling Allow Payments On Mac on your iPhone.

When you add and use rewards cards with Apple Pay transactions in stores

When you add rewards cards to Wallet, all the information is stored on your device and encrypted with your passcode. iCloud can be used to back up your cards and keep your rewards cards up-to-date on multiple devices. iCloud secures your data by encrypting it when it's sent over the Internet and storing it in an encrypted format when kept on Apple’s servers. You can disable iCloud support on your device by going to Settings > iCloud and turning off Wallet. Learn more about how iCloud stores and protects your data.

You can choose to have a rewards card automatically presented for use in the merchant’s stores when you make an Apple Pay purchase. You can disable automatic selection of a rewards card by changing its setting in Wallet. Any time personally identifiable information is sent to the payment terminal when you use your rewards cards — like your email or phone number  — we require the merchant to encrypt the data. And no rewards card information is sent without your authorization.

If you lose your device and need to suspend or remove cards from Apple Pay

If you turned on Find My iPhone on your iPhone, iPad, Apple Watch, or a MacBook Pro with Touch ID, you can simply suspend Apple Pay by placing your device in Lost Mode using Find My iPhone instead of immediately canceling your cards. You can also permanently remove the ability to pay with Apple Pay using the credit, debit, and prepaid cards on your device and attempt to remove the rewards cards stored on your device by erasing the device remotely using Find My iPhone. On iPhone, iPad, Apple Watch, and a MacBook Pro with Touch ID, you can go to to remove the ability to make payments from cards on the device.

Your credit, debit, and prepaid cards will be suspended or removed from Apple Pay by your bank or your bank’s authorized service provider even if your device is offline and not connected to a cellular or Wi-Fi network. You can also call your bank to suspend or remove your credit, debit, or prepaid cards from Apple Pay.

Maintaining your privacy

The moment you begin using Apple Pay, strong privacy measures are already at work protecting your information. Apple has built extensive privacy safeguards into Apple Pay, iOS, watchOS, and macOS.

Adding credit, debit, or prepaid cards

Data Apple provides to your bank or your bank’s authorized service provider when you attempt to add a credit, debit, or prepaid card may only be used by them to determine whether to approve adding your card to Apple Pay or improve their anti-fraud protections.

Using Apple Pay in stores

Apple Pay was designed so that when you pay in stores, Apple doesn’t collect any transaction information that can be tied back to you. If you have Location Services turned on, the location of your device and the approximate date and time of the transaction may be sent anonymously to Apple. Apple uses this information to help Apple Pay improve the accuracy of business names in your transaction history and may be retained in the aggregate to improve Apple Pay and other Apple products and services.

When you use rewards passes with Apple Pay, Apple doesn’t receive any information about the rewards transaction other than what's displayed on the pass.

Using Apple Pay within apps and on the web

When using a website or app that offers Apple Pay, the website or app can check if you have Apple Pay set up. You can turn off the ability for websites to check this on iPhone by going to Settings >Safari and turning off Check for Apple Pay. And within Safari on Mac by going to Preferences > Privacy and turning off Allow websites to check if Apple Pay is set up.

When you use Apple Pay within apps or on the web in Safari, Apple Pay receives your encrypted transaction information and re-encrypts it with a developer specific key before it’s sent to the app or website. Apple Pay retains anonymous transaction information including approximate purchase amount, app developer and app identifiers, approximate date and time, and if the transaction completed successfully. Apple uses this data to improve Apple Pay and other products and services. Apple also requires apps and websites in Safari using Apple Pay to have a privacy policy that you can view which governs their use of your data.

Published Date: 2017-06-21