In iOS 11.2 or later and watchOS 4.2 or later, Apple Pay can be used on an iPhone, iPad, or Apple Watch to send, receive, and request money from other users. When a user receives money, it’s added to an Apple Cash account that can be accessed in the Wallet app or within Settings > Wallet & Apple Pay across any of the eligible devices the user has signed in with their Apple ID.
To use person-to-person payments and Apple Cash, a user must be signed in to their iCloud account on an Apple Cash–compatible device, and have two-factor authentication set up on the iCloud account.
When the user sets up Apple Cash, the same information as when the user adds a credit or debit card may be shared with our partner bank Green Dot Bank and with Apple Payments Inc., a wholly owned subsidiary created to protect the user’s privacy by storing and processing information separately from the rest of Apple, and in a way that the rest of Apple doesn’t know. This information is used only for troubleshooting, fraud prevention, and regulatory purposes.
Money requests and transfers between users are initiated from within the Messages app or by asking Siri. When a user attempts to send money, iMessage displays the Apple Pay sheet. The Apple Cash balance is always used first. If necessary, additional funds are drawn from a second credit or debit card the user has added to the Wallet app.
The Apple Cash card in the Wallet app can be used with Apple Pay to make payments in stores, in apps, and on the web. Money in the Apple Cash account can also be transferred to a bank account. In addition to money being received from another user, money can be added to the Apple Cash account from a debit or prepaid card in the Wallet app.
Apple Payments Inc. stores and may use the user’s transaction data for troubleshooting, fraud prevention, and regulatory purposes once a transaction is completed. The rest of Apple doesn’t know who the user sent money to, received money from, or where the user made a purchase with their Apple Cash card.
When the user sends money with Apple Pay, adds money to an Apple Cash account, or transfers money to a bank account, a call is made to the Apple Pay servers to obtain a cryptographic nonce, which is similar to the value returned for Apple Pay within apps. The nonce, along with other transaction data, is passed to the Secure Element to generate a payment signature. When the payment signature comes out of the Secure Element, it’s passed to the Apple Pay servers. The authentication, integrity, and correctness of the transaction is verified through the payment signature and the nonce by Apple Pay servers. Money transfer is then initiated, and the user is notified of a completed transaction.
If the transaction involves a credit or debit card for adding money to Apple Cash, sending money to another user, or providing supplemental money if the Apple Cash balance is insufficient, then an encrypted payment credential is also produced and sent to Apple Pay servers, similar to what is used for Apple Pay within apps and websites.
After the balance of the Apple Cash account exceeds a certain amount or if unusual activity is detected, the user is prompted to verify their identity. Information provided to verify the user’s identity—such as social security number or answers to questions (for example, to confirm a street name the user has lived on previously)—is securely transmitted to Apple’s partner and encrypted using their key. Apple can’t decrypt this data.