Much has been written about the convenience of Apple Pay, especially on an Apple Watch. Instead of reaching into your pocket or bag for your wallet, and extracting the card you want to use, you can simply double-click the side button on the Watch and hold out your wrist.

But there’s one aspect of Apple Pay that I’ve always felt fails to get the full attention it deserves: the fact that it never hands over your card details to retailers. Even on Apple’s own microsite, the feature is buried in a paragraph whose heading is about the use of fingerprints.

Yet the list of major chains who have seen customer card details compromised is virtually a Who’s Who of retailing and the hotel trade. Acer, Carphone Warehouse, CVS Photo, Eddie Bauer, Hilton, Home Depot, K-Mart, Marriott Hotels, Michaels, Neiman Marcus, P.F. Chang’s, Staples, Starwood Hotels, SuperValu, Target, Trump Hotels and Wendy’s. That’s even before we get into the Oracle hack that may have exposed almost every US credit card … 

Nor is having your card and personal details exposed a trivial matter. Banks may guarantee to refund fraudulent transactions, but anyone who has their name, address and date of birth taken alongside card details – which has been the case in several of the hacks – is at risk of falling victim to identity theft.

Identify theft is a huge deal. In one well-known account, the victim not only saw more than $50,000 worth of fraudulent transactions charged to her, but the false details used resulted in an arrest warrant and criminal record for drug trafficking when a criminal successfully used her identity all the way through to sentencing. One survey revealed that the average time spent by victims resolving the problem is more than 300 hours.

Against this background, it surprises me that Apple doesn’t make much more of the fact that your card details are never revealed when you use Apple Pay. Here’s the text on Apple’s site that you’d never find just from the headings.

Every time you hand over your credit or debit card to pay, your card number and identity are visible, and swiping your card triggers an exchange of information. With Apple Pay, instead of using your actual credit and debit card numbers when you add your card, a unique Device Account Number is assigned, encrypted and securely stored in the Secure Element, a dedicated chip in iPhone, iPad and Apple Watch. When you make a purchase, the Device Account Number, along with a transaction-specific dynamic security code, is used to process your payment. So your actual credit or debit card numbers are never shared by Apple with merchants or transmitted with payment.

To make this crystal clear, a unique code is generated for every single Apple Pay transaction you make. Effectively, Apple creates fake card details for you and hands those over to the retailer instead of the real ones. As soon as that transaction is complete, the code is automatically voided – it can never again be used for a purchase.

Which means that if a retailer is hacked, and your ‘card details’ are exposed, those details are useless. They aren’t your actual card numbers, and they cannot be used for even a single additional transaction. Indeed, once you’ve registered a card, the real details aren’t even stored on your iPhone or Watch.

Your underlying Visa credit and debit card numbers are not stored on any device running Apple Pay, or on Apple servers.


As with many Apple products and services, the company didn’t invent the Device Account Number technology; Visa did. Apple did what the company is famous for: take an existing technology, and make it really easy to use.

But with payment tokenisation, Apple has almost done too good a job of making it invisible to users. The average non-tech user (and even some tech ones) are completely unaware how the service works, meaning they don’t appreciate the full benefit of using Apple Pay.

I said at the outset that Apple Pay is more convenient than using a card, and that’s true when using an Apple Watch. It’s arguably not true when using an iPhone. In my wallet, for example, I keep my most-used contactless card in a flap on one side of the wallet, away from my other cards. To make a contactless payment, I can just open my wallet and hold that flap against the card-reader: no need to remove a card. Compare that to the effort involved in getting my phone from my wallet and putting my thumb on the Home button and there’s honestly nothing in it.

But the reason I’d continue to use Apple Pay even if I didn’t own a Watch is precisely because it doesn’t expose my card details. Indeed, one time when I forgot to put my watch on, I used my iPhone to buy train tickets even though I was going to put them into the wallet I needed to pull out anyway. Apple Pay is not just more convenient, it’s vastly safer than using a physical card – and that’s something Apple really ought to make a whole lot less of a secret.

You can follow on Twitter or join our Facebook page to keep yourself updated on all the latest from Apple and the Web.