Last Monday, Apple released iOS 8.1 and with its new mobile operating system the Cupertino firm activated its highly-touted cashless payment system for the iPhone 6 and iPhone 6 Plus – Apple Pay.
But just how secure is Apple’s new payment and why should users use it instead of their credit cards?
To answer these two very important questions, we must first know how Apple Pay works to appreciate all the intricacies that go into the system which enables the user to make electronic payments. This is where Apple’s Token System and the TouchID Fingerprint Sensor come in.
Every time an iPhone 6 or iPhone 6 Plus user buys something from Apple’s partner resellers/establishments, all one has to do is go to the checkout counter and place the iDevice close to the payment terminal, tap the TouchID Fingerprint sensor which activates a series of rapid events between the payment terminal and the iDevice before the payment is made.
The new iPhones use Near Field Communication (NFC) to transfer the payment from the device to the payment terminal. With just a tap on the iDevice, Apple has made it that simple for the user to make the payment but in fact, the transaction goes into a complex sequence of actions before the payment is made. First off, the Apple Pay credit card information is not stored on the device itself nor is it contained in Apple’s servers.
The information is kept safe in the credit card company’s secure server. Now, when a user has to pay for something bought, the Apple Pay-enabled iPhone will request a 16-digit token from the credit card company for that particular transaction only. This means that every transaction made using Apple Pay will generate its own unique 16 digit token every single time. Sure, the last 4 digits of each code corresponds to the same last 4 digits on the user’s credit card but the rest of the 16 digit code is randomly generated and cannot be copied to be reversed engineered to get the credit card number itself. Think of it as a one-time disposable credit card number for each and every transaction.
Unlike traditional credit cards which use the magnetic stripe or the chip and pin type, both of which can be cloned, Apple’s token system coupled with the TouchID Fingerprint Sensor is far more secure than any electronic payment system in existence right now.