Is Apple Pay Safe?

Apple Pay is a mobile payment system that was in use by close to 440 million people around the world as of September of 2019 and estimated to reach 760 million in 2020. Its growth rate can truly be described as explosive, since its reach was about 292 million only one year earlier, according to

Key Takeaways

  • Apple Pay is certainly safer than cash and it has more safety features than credit cards.
  • Some security features, like two-factor identification, are optional.
  • A complicated passcode is still a good idea.

As for whether it's safe or not, Apple Pay is certainly safer to use than cash. And, it should be safer to use than plastic, as long as the account owner enables its full safety features.

Apple Pay Safety Features

Apple Pay can be used to complete a transaction at any merchant, web retailer, or app that accepts it. In addition, it allows users to send and receive money from other users via messaging. (As of July of 2020, that feature was available only in the U.S.)

Each transaction incorporates a number of security measures:

  • It uses near-field communication (NFC), a chip-based technology that communicates with a card reader without the need for contact with it. The card stays in your wallet.
  • In order to finalize transactions, the user can employ two-factor identification, including fingertip or face ID as well as a passcode. Use of fingertip or face ID is optional.
  • Apple advises its customers to choose a complex passcode. It can't stop you from using your cat's name as a passcode, so this security tip, like two-factor identification, is voluntary.
  • The merchant is never given your original card account number. (Apple doesn't have access to it either.)
  • A tokenization method is used to process transactions. That is, a unique encrypted code is created for one-time use. That code, not your account number, is transmitted to authorize the transaction.
  • If the user ever suspects that the account has become insecure, Apple Pay can be disabled through the iCloud system.

Apple promises never to share card information across its cloud. While this means users have to manually enter their card information into each device, it adds to the security of the service. 

What Could Go Wrong?

Needless to say, Apple Pay and its competitors face a constant assault from hackers eager to scale its security walls. So far, these attempts appear to have uncovered vulnerabilities created by users but not by Apple.

One report indicates that wi-fi hotspots may be used to intercept and reuse encrypted transaction data.

One unconfirmed report claims that Apply Pay could make it easier to exploit stolen identities. That is, a criminal could simply load stolen information, including credit card numbers, into an iPhone and go on a shopping spree. (This actually would be the responsibility of the bank that issued the stolen card, not Apple.)

A White Hat Attack

Another unconfirmed report claims that "white hat" hackers were able to infect a device with malware and then intercept payment data as it was entered by an iPhone user and sent to the Apple server. This could only be done on a "jailbroken" iPhone, meaning one with software that had been tampered with.

Yet another report claims that users of wi-fi hotspots are vulnerable to hackers who can intercept and reuse the cryptogram that is used to enable an Apple Pay transaction. Yes, the cryptogram is supposed to be usable only once, but apparently some merchants allow them to be used more than once. Another example of an error that exploits imperfect use of the Apple Pay system.

Article Sources

Investopedia requires writers to use primary sources to support their work. These include white papers, government data, original reporting, and interviews with industry experts. We also reference original research from other reputable publishers where appropriate. You can learn more about the standards we follow in producing accurate, unbiased content in our editorial policy.
  1. Statista. "Number of Apple Pay users worldwide as of September 2019." Accessed July 9, 2020.

  2. Apple. "Apple Pay: Cashless made effortless." Accessed July 9, 2020.

  3. Apple. "Apple Pay security and privacy overview." Accessed July 9, 2020.

  4. Forbes. "Millions are Being Lost to Apple Pay Fraud—Will Apple Card Come tot he Rescue?" Accessed July 9, 2020.

  5. The Register. "Wallet-snatch hack Apple Pay 'vulnerable to attack,' claim researchers." Accessed July 9, 2020.

  6. Seeking Alpha. "Apple Pay Can Be Hacked." Accessed July 9, 2020.