Apple Pay and London Underground Journey Tracking - How is it done?

[JasonGoldsmith]

I've been using Apple Pay for a long time now and love it, specifically what appeals to me as is the 'additional security' Apple promises:

"the Secure Element provides your Device Account Number and a transaction-specific dynamic security code. This information is sent along with additional information needed to complete the transaction to the store’s point of sale terminal. Neither Apple nor your device sends your credit or debit card number. Before they approve the payment, your bank or payment network can verify your payment information by checking the dynamic security code to make sure it’s unique and that it’s tied to your device."
​

Does anyone know then how it's possible for TFL to track your Apple Pay tube journeys to account linked to your debit card details if your card details are never sent by Apple? Is the bank sending the card details to TFL?

Just interested to know here at what point the Apple Pay transaction and actual card details are linked up? After all Apple themselves say the following:

"Apple Pay is also designed to protect your personal information. Apple Pay doesn't collect any transaction information that can be tied back to you. Payment transactions are between you, the merchant (or developer for payments made within apps and websites), and your bank."​

 

[magicMac]

I've been using Apple Pay for a long time now and love it, specifically what appeals to me as is the 'additional security' Apple promises:

"the Secure Element provides your Device Account Number and a transaction-specific dynamic security code. This information is sent along with additional information needed to complete the transaction to the store’s point of sale terminal. Neither Apple nor your device sends your credit or debit card number. Before they approve the payment, your bank or payment network can verify your payment information by checking the dynamic security code to make sure it’s unique and that it’s tied to your device."
​

Does anyone know then how it's possible for TFL to track your Apple Pay tube journeys to account linked to your debit card details if your card details are never sent by Apple? Is the bank sending the card details to TFL?

Just interested to know here at what point the Apple Pay transaction and actual card details are linked up? After all Apple themselves say the following:

"Apple Pay is also designed to protect your personal information. Apple Pay doesn't collect any transaction information that can be tied back to you. Payment transactions are between you, the merchant (or developer for payments made within apps and websites), and your bank."​

Each time you tap the phone, it sends the device account number for holding transaction like £10-20. If there is no tap-in record it creates one and opens the barrier and never processes that holding payment (unless you forget to tap out and they charge the maximum amount for the day). Then when tapping out, the same process happens, with a new holding transaction presented to your phone and the same device account number is sent, but this time the TFL network sees a tap-in record with the same device account number along with the location. The TFL network uses this to calculate the journey cost. This transaction has its own dynamic security token different from the last one but this time the transaction gets processed at the appropriate journey cost, less than the holding amount. The system then opens the barrier and creates a tap-out record for that device account number so the process can be repeated.

The device account number is actually a regular 16 digit card number generated by your bank when you setup Apple Pay on that device, and the bank keep these device account numbers on record. It never actually gets joined to the original card number, it's just like an additional card joined to the same current account or credit line.

 

[Rigby]

Does anyone know then how it's possible for TFL to track your Apple Pay tube journeys to account linked to your debit card details if your card details are never sent by Apple? Is the bank sending the card details to TFL?

The key thing missing in your quote is the behavior of the Device Account Number (DAN). It's basically a virtual credit card number that is linked to our card account. It does not change between transactions (only the additional security code does). Essentially, using Apple Pay on TfL is exactly like using an RFID-enabled credit card, except that the DAN is sent to TfL instead of the number on your physical card. The bank then resolves the DAN to find your account once TfL requests payment.

 

[JasonGoldsmith]

Each time you tap the phone, it sends the device account number for holding transaction like £10-20. If there is no tap-in record it creates one and opens the barrier and never processes that holding payment (unless you forget to tap out and they charge the maximum amount for the day). Then when tapping out, the same process happens, with a new holding transaction presented to your phone and the same device account number is sent, but this time the TFL network sees a tap-in record with the same device account number along with the location. The TFL network uses this to calculate the journey cost. This transaction has its own dynamic security token different from the last one but this time the transaction gets processed at the appropriate journey cost, less than the holding amount. The system then opens the barrier and creates a tap-out record for that device account number so the process can be repeated.

The device account number is actually a regular 16 digit card number generated by your bank when you setup Apple Pay on that device, and the bank keep these device account numbers on record. It never actually gets joined to the original card number, it's just like an additional card joined to the same current account or credit line.

Thanks for the reply, makes complete sense. Sorry I didn't make it clearer in my initial thread, but my actual question is in regard to the online journey tracking TFL offers through it's website. If you sign up for an account, where you can register your Oyster and Contactless cards, it's also possible to track your Apple Pay journeys. To do this, all you need to do is add the card details (same as the card used for Apple Pay).

My card was already associated with my TFL account long before I started using Apple Pay but by default this meant that when I started using Apple Pay for tube journeys they were automatically logged to this account. So my real question, how is it TFL link my Apple Pay journeys via the card number despite TFL never receiving the card number on tap in/out?

Does that make sense? Sorry if it's unclear.
[doublepost=1483696698][/doublepost]

The key thing missing in your quote is the behavior of the Device Account Number (DAN). It's basically a virtual credit card number that is linked to our card account. It does not change between transactions (only the additional security code does). Essentially, using Apple Pay on TfL is exactly like using an RFID-enabled credit card, except that the DAN is sent to TfL instead of the number on your physical card. The bank then resolves the DAN to find your account once TfL requests payment.

Thanks for the reply. I understand the basics of how Apple Pay works in terms of transactions and I can see how this works with the TFL journeys. Sorry, my initial post was kind of wrong or not specific enough in the question I asked.

TFL allows you to track your Oyster and contactless card journeys online and simply by adding the corresponding debit or credit card, it can also track your Apple Pay journeys. My question is around how they do this. Online you enter card details only, no account no. or any other kind of information, just the card number. From this TFL are able to track your journeys and I'm wondering how considering TFL never see this card number when Apple Pay is used - the most they should see is the DAN.

Maybe my lack of knowledge around how card payments/transactions are made between merchants and banks in general is a problem here and there's an easy answer. I was just of the belief that the merchant and/or the card reader should never see or be able to trace back to your card number - which is why Apple can claim added security. Am I wrong in what I'm thinking?

 

[magicMac]

Thanks for the reply, makes complete sense. Sorry I didn't make it clearer in my initial thread, but my actual question is in regard to the online journey tracking TFL offers through it's website. If you sign up for an account, where you can register your Oyster and Contactless cards, it's also possible to track your Apple Pay journeys. To do this, all you need to do is add the card details (same as the card used for Apple Pay).

My card was already associated with my TFL account long before I started using Apple Pay but by default this meant that when I started using Apple Pay for tube journeys they were automatically logged to this account. So my real question, how is it TFL link my Apple Pay journeys via the card number despite TFL never receiving the card number on tap in/out?

Does that make sense? Sorry if it's unclear.
[doublepost=1483696698][/doublepost]

Thanks for the reply. I understand the basics of how Apple Pay works in terms of transactions and I can see how this works with the TFL journeys. Sorry, my initial post was kind of wrong or not specific enough in the question I asked.

TFL allows you to track your Oyster and contactless card journeys online and simply by adding the corresponding debit or credit card, it can also track your Apple Pay journeys. My question is around how they do this. Online you enter card details only, no account no. or any other kind of information, just the card number. From this TFL are able to track your journeys and I'm wondering how considering TFL never see this card number when Apple Pay is used - the most they should see is the DAN.

Maybe my lack of knowledge around how card payments/transactions are made between merchants and banks in general is a problem here and there's an easy answer. I was just of the belief that the merchant and/or the card reader should never see or be able to trace back to your card number - which is why Apple can claim added security. Am I wrong in what I'm thinking?

The TFL website must get that information from your bank. As Apple says, your plastic card number is never kept on the phone and therefore can never be sent to anyone by apple, and this is why TFL make it very clear that you MUST tap in and out with the same device because they can't be joined together.

The reason you're getting confused is because you're muddling up two things. Apple Pay (a payment transaction) is one thing and TFLs ability to see a list of DANs which are part of the same current account or credit line (using the plastic card number as the source for the lookup) is another thing (not a payment transaction). The second thing is something that has existed for a long time and is how additional credit cards appear correctly in your TFL account even if you only entered the number of the main one, and this is nothing to do with Apple Pay. What Apple say in their terms and conditions about security is 100% correct, do you really think they'd lie ?

 

[Rigby]

The second thing is something that has existed for a long time and is how additional credit cards appear correctly in your TFL account even if you only entered the number of the main one, and this is nothing to do with Apple Pay.

They only way this could work is that the banks give TfL the DANs belonging to a physical card.

What Apple say in their terms and conditions about security is 100% correct, do you really think they'd lie ?

I agree that this isn't anything nefarious on Apple's side, but I'm a bit surprised that the British banks apparently just give the DANs linked to an account to TfL. I wonder if this is a special arrangement TfL has with the banks, or open to any merchant. In theory this could undermine the anonymity of Apple Pay (a merchant could just request the DANs of any physical cards that customers use, and later identify the customers by those DANs when they use Apple Pay, the same way TfL does for journey tracking).