Apple Pay component security
Apple Pay uses several hardware and software features to provide secure, reliable purchases.
Secure Element
The Secure Element is an industry-standard, certified chip running the Java Card platform, which is compliant with financial industry requirements for electronic payments. The Secure Element IC and the Java Card platform are certified in accordance with the EMVCo Security Evaluation process. After the successful completion of the security evaluation, EMVCo issues unique IC and platform certificates.
The Secure Element IC has been certified based on the Common Criteria standard.
NFC controller
The NFC controller handles near field communication protocols and routes communication between the Application Processor and the Secure Element, and between the Secure Element and the point-of-sale terminal.
Apple Wallet
The Apple Wallet app is used to add and manage credit, debit, and store cards and to make payments with Apple Pay. Users can view their cards and may be able to view additional information provided by their card issuer, such as their card issuer’s privacy policy, recent transactions, and more in Apple Wallet. Users can also add cards to Apple Pay in:
Setup Assistant and Settings for iOS and iPadOS
The Watch app for Apple Watch
Wallet & Apple Pay in System Settings (macOS 13 or later) or System Preferences (macOS 12 or earlier) for Mac computers with Touch ID
In addition, Apple Wallet allows users to add and manage transit cards, rewards cards, boarding passes, tickets, gift cards, student ID cards, access cards, and more.
Secure Enclave
On devices that use biometric authentication and Mac computers with Apple silicon that use the Magic Keyboard with Touch ID, the Secure Enclave manages the authentication process and allows authorized transactions to proceed.
On Apple Watch, the device must be unlocked, and the user must double-click the side button. The double-click is detected and passed directly to the Secure Element or Secure Enclave, where available, without going through the Application Processor.
Apple Pay servers
The Apple Pay servers manage the setup and provisioning of credit, debit, transit, student ID, and access cards in Apple Wallet. The servers also manage the Device Account Numbers stored in the Secure Element. They communicate both with the device and with the payment network or card issuer servers. The Apple Pay servers are also responsible for reencrypting payment credentials for payments within apps or on the web.