Paying with cards using Apple Pay
Apple Pay can be used to pay for purchases in stores, within apps and at websites.
Paying with cards in stores
If iPhone or Apple Watch is on and detects an NFC field, it presents the user with the requested card (if automatic selection is turned on for that card) or the default card, which is managed in Settings. The user can also go to Apple Wallet and choose a card, or when the device is locked, can:
Double-click the side button on devices with Face ID
Double-click the Home button on devices with Touch ID
Use Accessibility features that allow Apple Pay from the Lock Screen
Next, before information is transmitted, the user must authenticate using Face ID, Touch ID or their passcode. When Apple Watch is unlocked, double-clicking the side button activates the default card for payment. No payment information is sent without user authentication.
After the user authenticates, the Device Account Number and a transaction-specific dynamic security code are used when processing the payment. Neither Apple nor a user’s device sends the full credit or debit card numbers to merchants. Apple may receive anonymous transaction information such as the approximate time and location of the transaction, which helps improve Apple Pay and other Apple products and services.
Paying with cards within apps
Apple Pay can also be used to make payments on iPhone, iPad, Mac and Apple Watch apps. When users pay within apps using Apple Pay, Apple receives the encrypted transaction information. Before that information is sent to the developer or merchant, Apple re-encrypts the transaction with a developer-specific key. Apple Pay retains anonymous transaction information, such as approximate purchase amount. This information can’t be tied to the user and never includes what the user is buying.
When an app initiates an Apple Pay payment transaction, the Apple Pay servers receive the encrypted transaction from the device prior to the merchant receiving it. The Apple Pay servers then re-encrypt the transaction with a merchant-specific key before relaying it to the merchant.
When an app requests a payment, it calls an API to determine whether the device supports Apple Pay and whether the user has credit or debit cards that can make payments on a payment network accepted by the merchant. The app requests any pieces of information it needs to process and fulfill the transaction, such as the billing and postal address and contact information. The app then asks iOS, iPadOS or watchOS to present the Apple Pay sheet, which requests information for the app as well as other necessary information such as the card to use.
At this time, the app is presented with city, state and postcode information to calculate the final postage cost. The full set of requested information isn’t provided to the app until the user authorises the payment with Face ID, Touch ID or the device passcode. After the payment is authorised, the information presented in the Apple Pay sheet is transferred to the merchant.
App payment authorisation
When the user authorises the payment, a call is made to the Apple Pay servers to obtain a cryptographic nonce, which is similar to the value returned by the NFC terminal used for in-store transactions. The nonce, along with other transaction data, is passed to the Secure Element to compute a payment credential that’s encrypted with an Apple key. The encrypted payment credential is returned to the Apple Pay servers, which decrypt the credential, verify the nonce in the credential against the nonce originally sent by the Apple Pay servers, and reencrypt the payment credential with the merchant key associated with the Merchant ID. The payment is then returned to the device, which hands it back to the app through the API. The app then passes it along to the merchant system for processing. The merchant can then decrypt the payment credential with its private key for processing. This, together with the signature from Apple’s servers, allows the merchant to verify that the transaction was intended for this particular merchant.
The APIs require an entitlement that specifies the supported Merchant IDs. An app can also include additional data (such as an order number or customer identity) to send to the Secure Element to be signed, ensuring that the transaction can’t be diverted to a different customer. This is accomplished by the app developer, who can specify applicationData on the PKPaymentRequest. A hash of this data is included in the encrypted payment data. The merchant is then responsible for verifying that their applicationData hash matches what’s included in the payment data.
Paying with cards at websites
Apple Pay can be used to make payments at websites on iPhone, iPad, Apple Watch and Mac computers with Touch ID. Apple Pay transactions can also start on a Mac and be completed on an Apple Pay–enabled iPhone or Apple Watch using the same iCloud account.
Apple Pay on the web requires that all participating websites register with Apple. After the domain is registered, domain name validation is performed only after Apple issues a TLS client certificate. Websites supporting Apple Pay are required to serve their content over HTTPS. For each payment transaction, websites need to obtain a secure and unique merchant session with an Apple server using the Apple-issued TLS client certificate. Merchant session data is signed by Apple. After a merchant session signature is verified, a website may query whether the user has an Apple Pay–capable device and whether they have a credit, debit or prepaid card activated on the device. No other details are shared. If the user doesn’t want to share this information, they can disable Apple Pay queries in Safari privacy settings on iPhone, iPad and Mac devices.
After a merchant session is validated, all privacy and security measures are the same as when a user pays within an app.
If the user is transmitting payment-related information from a Mac to an iPhone or Apple Watch, Apple Pay Handoff uses the end-to-end encrypted Apple Identity Service (IDS) protocol to transmit payment-related information between the user’s Mac and the authorising device. The IDS client on Mac uses the user’s device keys to perform encryption so no other device can decrypt this information, and the keys aren’t available to Apple. Device discovery for Apple Pay Handoff contains the type and unique identifier of the user’s credit cards along with some metadata. The device-specific account number of the user’s card isn’t shared and it continues to remain stored securely on the user’s iPhone or Apple Watch. Apple also securely transfers the user’s recently used contact, shipping and billing addresses over iCloud Keychain.
After the user authorises payment using Face ID, Touch ID, a passcode, or double-clicking the side button on Apple Watch, a payment token uniquely encrypted to each website’s merchant certificate is securely transmitted from the user’s iPhone or Apple Watch to their Mac and then delivered to the merchant’s website.
Only devices in proximity to each other may request and complete payment. Proximity is determined through Bluetooth Low Energy (BLE) advertisements.