For starters, it uses a variety of security measures to protect your payment data, such as tokenization, fingerprint authentication and a secure method for storing the data.
Instead of transferring your credit-card information with each transaction, Apple Pay uses a stand-in “token” that’s exchanged between your iOS device and the point-of-sale terminal. It’s essentially a surrogate for the actual number.
The token works with another security measure called a cryptogram, a number generated specifically for the transaction. The cryptogram uniquely identifies your device to make sure the transaction isn’t fraudulent.
Other mobile payment platforms, like Google Wallet, use token-like systems too, but Apple Pay transactions work with the iPhones’ Touch ID fingerprint sensors to authenticate purchases. In order to complete a transaction, users need to put their fingerprint on the device’s sensor to verify they are who they say they are.
Secure element for information storage
All sensitive material — like your device’s unique account number and your fingerprint — are stored on what’s called a secure element, a segregated portion of your phone that isn’t part of the iOS system. It can’t be easily accessed, so it shouldn’t be vulnerable to hacking.
We can’t wait to offer Apple Pay to our members.
Look for the announcement soon!