Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Apple Pay security: We find out if there are any risks using Apple Pay

Nik Rawlinson | June 26, 2015
Apple Pay arrives in July - here's what you need to know.

The Apple Pay interface on your iPhone screen will be tailored to the outlet in which you’re making your purchase.

Apple Pay arrives in the UK in July. Once in place, it will let you buy a coffee at Costa, open the gates on the London Underground, or settle your bill for a cheeky Nando's with nothing more than a tap of your iPhone or Apple Watch on a regular contactless reader. You can also use it in apps - but not on websites - to pay for downloads, tickets, and physical products scheduled for delivery.

But is it Apple Pay safe?

The short answer is yes. Apple wants us to think of its payment gateway the same way we think about PayPal or Visa. After all, it's only through gaining our trust that it will win our custom, and without our custom it won't earn commission from retailers.

To that end, it's spent a lot of time and money on making things secure. It's edging us all towards using six digit passcodes rather than four, and the only iOS devices through which you can authorise a payment are those with NFC (Near Field Communication) and the device-unique Secure Element chip built in. So, if you don't have an iPhone 6, 6 Plus, iPad Air 2, iPad mini 3 or Apple Watch, you'll have to upgrade - or stick to alternative payment options.

Can anyone get your card details from Apple Pay?

The Apple Pay interface on your iPhone screen will be tailored to the outlet in which you're making your purchase.

If you already have a credit or debit card registered with your Apple ID, you can add it to Apple Pay directly, so you don't need to send it again over the air. If not, or you want to add a new card, Apple encrypts the whole process from end to end, wrapping up the card details in a unique identifier before handing it over to your card operator.

Assuming you're credit-worthy, the operator sends back an authorisation key that's stored in the Secure Element in the iOS device or Watch. Secure Element, is an industry standard chip, so you're not relying on just Apple to maintain the technology, and because each one is unique to the device in which it resides, it reliably ties your device to your account. That way, the card processor knows exactly whose account to debit without passing your details over the network again or handing them to the retailer itself.

Is using Apple Pay on the high street safe?

So, the transaction is secure in transit as it's effectively useless data, but that's only half of the equation. Apple has also come up with a way to keep the physical interaction between your device and the reader safe, too.

 

1  2  3  Next Page 

Sign up for CIO Asia eNewsletters.