The COVID-19 pandemic has led many people to prefer contactless payments over cash. More and more people are using their iPhones to make contactless payments with Apple Pay. But can you really trust it? After all, you can never be too careful when it comes to protecting your financial information.
Here’s what you need to know about Apple Pay and whether it’s secure enough for you to link your credit or debit card to your iPhone.
What is Apple Pay?
Apple Pay is a digital payment system that allows users to purchase goods or transfer money using their Apple devices linked to their credit or debit card. This is better than having to carry around cash or debit and credit cards as your iPhone or Apple Watch can make all contactless payments.
Apple Pay is currently available in more than 20 countries and is located in the Wallet app on any Apple device – including iPhones, iPads, Watches and Macs.
Does Apple Pay store your credit card information?
How does Apple Pay work? The first time you create a card with Apple Pay, it will ask you for your card number, expiration date and CVV code to verify the card with your bank. This is only a one-time thing for approval, and the details are not stored at Apple. So Apple Pay does not share these details when you make a transaction.
Instead, it uses a process called “tokenization”, which creates a unique one-time code each time you make a transaction.
In addition, Apple Pay also requires additional confirmation, such as Touch ID or Face ID, before a purchase is completed. This way, it can often protect your financial information better than credit cards.
Apple stores or does not have access to the original credit, debit, or prepaid card numbers that you use with Apple Pay. Because your card information is not stored on your devices or Apple servers, none of this information is shared with resellers.
The contactless payment system also prevents your information from being swiped by a skimming device.
Apple Pay itself has no spending limits; however, shops and retailers can impose a contactless border, which is usually dependent on the laws of individual countries. For example, when you use Apple Pay, you may need to provide a signature for purchases over $ 50 in the United States.
Similarly, the general limit for Apple Pay transactions in the UK is £ 100 (GBP). Apple maintains a complete list of possible restrictions per. country that you can walk through.
Is Apple Pays Express Transit System Secure?
No payment system is 100 percent secure, and each has its own vulnerabilities and shortcomings. With that in mind, Apple Pay is still pretty secure.
However, some researchers from the University of Birmingham and the University of Surrey discovered a potential flaw in Apple Pay’s VISA Express Transit system.
The Express Transit system allows users to pay for transportation systems without authenticating the payment using Face ID or Touch ID, as they would normally do for any other transaction. This is intended to reduce the time to be pushed in or out of transit ports. To do this, simply press your device into the contactless reader, which automatically approves the payment.
Researchers were able to trick the iPhone into thinking it was communicating with a transit port when in fact it was a payment reader used by stores. This was done by identifying a unique code that was issued by transit gates or turnstiles, which was then used to interrupt the signals between the iPhone and a store card reader.
Interestingly, the error was only found on VISA cards set up with Express Transit mode. Researchers warned that the problem could be exploited to make transactions from an iPhone in someone else’s bag or pocket without their knowledge.
The researchers say they approached Apple and Visa with their concerns, but the issue is not resolved at the time of writing. Visa’s view is that this type of attack was “impractical”:
“Variations of contactless fraud schemes have been studied in laboratory environments for more than a decade and have proven impractical to perform on a large scale in the real world.”
Apple’s view on the matter was the same:
“We take any threat to user security very seriously. This is a problem with a Visa system, but Visa does not believe that this type of fraud is likely to take place in the real world given the many security layers in place.”
There is no evidence to say that this method is used in the real world by criminals to make unauthorized payments or cheat consumers.
What do the banks say?
Banks have generally confirmed their belief in Apple Pay, with many having public websites to support the payment system.
Barclays, an international bank based in the UK, says Apple Pay is very secure as it uses a unique Device Account Number. However, it further recommends keeping your card protected by choosing a device password that only you know and storing your fingerprint in Apple Pay.
How to keep your Apple Pay safe
Apple Pay is a very secure payment method for in-store, in-app and online shopping. But even its advanced data security approach will not be effective if you do not use common sense and remember the best practices around financial transactions.
Never transfer money to unknown sites or make payments at suspicious points of sale (POS). And always double check payment amount before hitting your device. This should help you keep your money safe and allow you to get the most out of contactless payments.
If you feel that you have been cheated or an unauthorized amount has been deducted from your account through Apple Pay, be sure to confirm this from the Wallet app’s transaction list and then contact your list to have the transaction canceled.
Is Apple Pay secure?
Apple Pay is one of the newer contactless payment technologies, and it makes sense that some may be skeptical about its security. We feel that the system is very secure, and this has been proven by the banks’ eagerness to embrace the technology and Apple Pay, which is expanding to many countries around the world.
Other Wallet activities such as Apple Cash have also proven to be safe.
Much of Apple Pay’s security depends on how you use it. So focus on using it with caution, awareness and care and you should be fine.
No matter how secure Apple Pay is, you should still disable it if your iPhone or Apple Watch disappears.
About the author