Apple Cash security in iOS, iPadOS, and watchOS
In iOS 11.2 or later, iPadOS 13.1 or later, and watchOS 4.2 or later, Apple Pay can be used on an iPhone, iPad, or Apple Watch to send, receive, and request money from other users. When a user receives money, it’s added to an Apple Cash account that can be accessed in the Wallet app or within Settings > Wallet & Apple Pay across any of the eligible devices the user has signed in with their Apple ID.
In iOS 14, iPadOS 14, and watchOS 7, the organizer of an iCloud family who has verified their identity can enable Apple Cash for their family members under the age of 18. Optionally, the organizer can restrict the money sending capabilities of these users to family members only or contacts only. If the family member under the age of 18 goes through an Apple ID account recovery, the organizer of the family must manually reenable the Apple Cash card for that user. If the family member under the age of 18 is no longer part of the iCloud family, their Apple Cash balance is automatically transferred to the organizer’s account.
When the user sets up Apple Cash, the same information as when the user adds a credit or debit card may be shared with our partner bank Green Dot Bank and with Apple Payments Inc., a wholly owned subsidiary created to protect the user’s privacy by storing and processing information separately from the rest of Apple, and in a way that the rest of Apple doesn’t know. This information is used only for troubleshooting, fraud prevention, and regulatory purposes.
Using Apple Cash in iMessage
To use person-to-person payments and Apple Cash, a user must be signed in to their iCloud account on an Apple Cash–compatible device and have two-factor authentication set up on the iCloud account. Money requests and transfers between users are initiated from within the Messages app or by asking Siri. When a user attempts to send money, iMessage displays the Apple Pay sheet. The Apple Cash balance is always used first. If necessary, additional funds are drawn from a second credit or debit card the user has added to the Wallet app.
Using Apple Cash in stores, apps, and on the web
The Apple Cash card in the Wallet app can be used with Apple Pay to make payments in stores, in apps, and on the web. Money in the Apple Cash account can also be transferred to a bank account. In addition to money being received from another user, money can be added to the Apple Cash account from a debit or prepaid card in the Wallet app.
Apple Payments Inc. stores, and may use, the user’s transaction data for troubleshooting, fraud prevention, and regulatory purposes once a transaction is completed. The rest of Apple doesn’t know who the user sent money to, received money from, or where the user made a purchase with their Apple Cash card.
When the user sends money with Apple Pay, adds money to an Apple Cash account, or transfers money to a bank account, a call is made to the Apple Pay servers to obtain a cryptographic nonce, which is similar to the value returned for Apple Pay within apps. The nonce, along with other transaction data, is passed to the Secure Element to generate a payment signature. When the payment signature comes out of the Secure Element, it’s passed to the Apple Pay servers. The authentication, integrity, and correctness of the transaction is verified through the payment signature and the nonce by Apple Pay servers. Money transfer is then initiated, and the user is notified of a completed transaction.
If the transaction involves:
A debit card for adding money to Apple Cash
Providing supplemental money if the Apple Cash balance is insufficient
an encrypted payment credential is also produced and sent to Apple Pay servers, similar to how Apple Pay works within apps and websites.
After the balance of the Apple Cash account exceeds a certain amount or if unusual activity is detected, the user is prompted to verify their identity. Information provided to verify the user’s identity—such as social security number or answers to questions (for example, to confirm a street name the user lived on previously)—is securely transmitted to the Apple partner and encrypted using their key. Apple can’t decrypt this data. The user is prompted to verify their identity again if they perform an Apple ID account recovery, before regaining access to their Apple Cash balance.