Charles Brian Quinn
Fumbling with a bunch of credit cards and a wallet is a hassle. Who wouldn’t prefer to just use their phone or smart watch for transactions? But are we giving up security in the name of convenience?
I don’t think so. Not only is Apple Pay convenient and easy to use, you will not find a more secure form of credit card payment today—period.
There are four basic things to understand about Apple Pay’s security:
The foundation of Apple’s security lies in the secure element in the phone, and the way credit cards are authenticated when they are added to Passbook. The process of adding your credit card to Passbook looks like this:
The fact that the credit card issuers are the token provider is important because at no time does Apple create, contain or store the token. The onus and liability is completely on the credit card issuer.
Additionally, the token and the cryptogram are not just encrypted versions of the credit card number. They are actually completely separate data. Therefore, the token and cryptogram cannot be decrypted to reveal your actual credit card number.
So, how secure is the secure element, really? The secure element is a chip inside the iPhone 6 and 6 Plus where the token and cryptogram are stored. The software accesses this hardware only when you link a credit card to Passbook or a transaction is being made. The data on the chip is never passed to the software for use within the operating system, which is where breaches normally occur. If someone were to hack your operating system, there would be no way to extract the financial information.
The token stored on the secure element is unique to your device, not just a replacement of your credit card number. Tokens are meaningless mathematical strings, which cannot be decrypted back to an account number. Furthermore, they’re useless on their own because they require both the device and the cryptogram to work. Only the token provider can map the token back to the account, and as I mentioned earlier, Apple cannot do this. The token isn’t stored in Apple’s servers anywhere—it is stored only on the secure element in your phone.
When you make a purchase with Apple Pay, Touch ID is required as part of the authentication process. The biometrics of touch ID are not completely 100% secure, as we’ve seen in the past few months. However, it is still leaps and bounds ahead of any signature or PIN-based user authentication. I would rely upon my fingerprint over a PIN any day.
When you make a purchase:
The cryptogram is a layer of security in which part of it is dynamically created per transaction; it links the token to the device and that particular transaction. Tokens can never be used without an accompanying cryptogram and the cryptogram ensures that the token can only be used from the device in which it was originally linked.
The important fact here is that the retailer never has possession of your actual credit card number in any part of the transaction. That is a distinct difference from the credit card magnetic swipe we have today, where the exact credit card number is unmasked and sent directly to the retailer’s point-of-sale system. This is the weak point where hackers have intercepted credit card numbers at Target, Home Depot and others.
Apple does not store your credit card number in the cloud during any part of linking your credit card or making a transaction. The only thing stored is the token and that is stored in the secure element. This is a distinct difference between Apple Pay and Google Wallet. Google actually stores your credit card number in order to facilitate the transaction. The authorization of the transaction first hits their servers, is decrypted, and then goes to the bank that issues the credit card. Google also requests and stores your Social Security Number when setting up Google Wallet.
With Apple Pay, the only party to actually store the credit card number and associated token is the credit card issuer themselves.
Credit cards with magnetics strips are the least secure form of payment. There are many tech companies vying to replace your old credit card, but if we’ve learned anything from the recent data breaches, it’s that we should not trust a payment solution that decrypts and stores our account numbers in a server that can be compromised by hackers.
While banks still hold this information, the responsibility for storing our financial data should be on the banks, and not with tech companies or retailers. Apple Pay does just that.
Charles Brian Quinn