Mobile wallet security

A mobile wallet is a virtual wallet that stores card information on a mobile device, providing a convenient way to make in-store payments.

There are various security and privacy features of mobile wallets that you are probably aware of, like having a passcode set on your device and the option of Face ID or Touch ID. Below we have listed some other key features that you may not know, using Apple Pay as an example.

  • Personal information – Apple does not store or have access to original debit, credit or prepaid card numbers that are used with Apple Pay. This also includes identity verification information, such as name and address, which is securely stored and can’t be read by Apple.
  • Transaction information – Similar to the above point, Apple do not retain any transaction information that can be tied back to an individual’s transactions. When you pay in stores, neither Apple nor your device sends your actual card numbers to merchants. Instead, it’s a digital account number or “token” that is passed on to merchants.
  • Photo library – Unlike apps such as Snapchat or the FaceApp, information is never saved in your photo library, even if the camera is used to enter card information.
  • Paying within apps – Apps that use Apple Pay must have their own privacy policy that you can view, which governs the use of your data.
  • Completing card information – 3-digit Security Code (i.e. CVV) must always be manually entered when verifying card information.
  • Device Account Number – each card that is set up with Apple Pay has a Device Account Number that is stored in the Secure Element, an industry-standard, certified chip designed to store your payment information safely, on your device.
  • iCloud – Wallet data, such as passes and loyalty cards, is secured by iCloud by storing it in an encrypted format when it’s kept on Apple’s servers.

For further information about Apple Pay and privacy, visit the Apple privacy policy page.