Apple Pay Apple Pay in the UK

[KrisLord]

No.

How Mastercard Makes Money

Mastercard's Payment Network segment brings in the most revenue. Its International Markets drive geographic growth as well as the bulk of revenues.

www.investopedia.com

That’s how MasterCard make their money, but wouldn’t Apple be partnering with a bank/card issuer and not master card?

Therefore the promotional offers would be paid for by the bank rather than from the 0.3% interchange fee.

 

[nicho]

That’s how MasterCard make their money, but wouldn’t Apple be partnering with a bank/card issuer and not master card?

Therefore the promotional offers would be paid for by the bank rather than from the 0.3% interchange fee.

If offering cashback on purchases (uncapped) was a viable promotion in order to make more money from consumers paying interest... wouldn't at least one issuer in the UK be doing that now instead of reducing cashback or scrapping it altogether?

It makes sense when paid out of the interchange fee. That's now too small.

 

[d123]

I honestly couldn't care less what they do, I'd get the Apple Card just for the integration with the Wallet app as my current CC providers app is trash.

And Apple couldn’t care less for a credit card that wouldn’t make them any money.

But I’ve just noticed it’s really nothing to do with finances or cash back for you, isnt it?

only reason I'd get the Apple Card is for the metal card because it's "cool"

 

[Fried_Gold]

And Apple couldn’t care less for a credit card that wouldn’t make them any money.

But I’ve just noticed it’s really nothing to do with finances or cash back for you, isnt it?

Sure ok buddy.

 

[ssong]

have any of you noticed more Apple Card ads on Twitter in the UK? haven't seen a single one until today, seen like 5 while scrolling through the timeline.. kinda wondering if something's imminent?

 

[iGeek2019]

Haven’t noticed this, until today, but looking at the page for iPhone 12 Pro when you scroll down site and come to MagSafe accessories when it shows the Card Wallet attaching to iPhone Apple Card slides in.

Not reading anything whatsoever into it but the same happens on Apple’s French site but not on their Australian nor Canadian site.

Left: UK Right: Australia.

 

[Fried_Gold]

Haven’t noticed this, until today, but looking at the page for iPhone 12 Pro when you scroll down site and come to MagSafe accessories when it shows the Card Wallet attaching to iPhone Apple Card slides in.

Not reading anything whatsoever into it but the same happens on Apple’s French site but not on their Australian nor Canadian site.

Left: UK Right: Australia.

I'm sure it has since the 12 came out.

 

[ssong]

Haven’t noticed this, until today, but looking at the page for iPhone 12 Pro when you scroll down site and come to MagSafe accessories when it shows the Card Wallet attaching to iPhone Apple Card slides in.

Not reading anything whatsoever into it but the same happens on Apple’s French site but not on their Australian nor Canadian site.

Left: UK Right: Australia.

just checked the video file that's used.. Apple US, UK, and France all use the US media file and the AU and CA sites use a WW media file.. so.. dunno. maybe? ¯\_(ツ)_/¯

 

[iGeek2019]

just checked the video file that's used.. Apple US, UK, and France all use the US media file and the AU and CA sites use a WW media file.. so.. dunno. maybe? ¯\_(ツ)_/¯

Perhaps it’s an oversight on Apple’s part ??‍♂️ ?

As above, not reading anything into it, just didn’t recall seeing it before despite it being there since iPhone 12 launched.

If it does ever launch it’ll be interesting to see what they can offer given that American Express are changing their cash back rates again later on in the year.

 

[azing]

Hi all,

It’s been a while since I’ve been on this thread but thought it was the best place to start a discussion and see what I can do next.

One of the main security features of Apple Pay is that the merchant you’re paying never sees your real card number, right?
Well my wife has just placed an order through an online retailer (Glossier) and used Apple Pay like she usually does but this time with a new card she’s never used there before.

After her order went through she was looking at her account and saw that the card had been saved in her payment methods on the actual website as if we’d used their checkout and not Apple Pay and it was the actual card number saved too, not the Device Account Number. We also saw that all of her previous cards had been saved too despite only ever using Apple Pay to buy from this retailer.

Anyone have any ideas how this can happen and if it’s happened to them or have I misunderstood this feature of Apple Pay?

If not, this is quite worrying as the retailer has not only been able to see the real card number but also stored it on their website too.

Should I raise this concern with Apple?

EDIT: I’ve just checked. I used the website once to buy Christmas gifts for my wife so setup my own account, used Apple Pay (it’s a card I rarely use so the transaction is still there in my wallet app) and never input my card details to the site itself and the card is saved on my account on the website and I can even use it through their checkout to make another purchase. This surely isn’t right?

 

[iGeek2019]

Apple Pay security and privacy overview – Apple Support (UK)

See how your Apple Pay personal and payment information, and transaction data is protected.

support.apple.com

Reading this, and assuming I’ve understood it correctly, something definitely isn’t right as Apple don’t store the PAN from cards added to Apple Pay…

I would reach out to them and see what they say?

 

[reclusive46]

The merchant can still get the last 4 digits of the card (as it's part of the authorization message) and will usually display it if it's being saved into your account.

 

[azing]

Apple Pay security and privacy overview – Apple Support (UK)

See how your Apple Pay personal and payment information, and transaction data is protected.

support.apple.com

Reading this, and assuming I’ve understood it correctly, something definitely isn’t right as Apple don’t store the PAN from cards added to Apple Pay…

I would reach out to them and see what they say?

Thanks for that. So if I understand Apple Pay shouldn't even have the full card number anyway... but the retailer has the card saved on their servers ready for another purchase... this isn't good.

 

[azing]

The merchant can still get the last 4 digits of the card (as it's part of the authorization message) and will usually display it if it's being saved into your account.

Thanks. So I guess if the merchant only see the last 4 digits that's not really a problem then.
The real issue here is that the card has been saved to their servers (or 3rd party checkout provider) ready for another purchase...

 

[akash.nu]

The merchant can still get the last 4 digits of the card (as it's part of the authorization message) and will usually display it if it's being saved into your account.

Are you sure about this? I’m pretty certain Apple Pay is anonymous and only the device identifier gets passed to the vendors.

 

[azing]

I rang Apple Pay support just now and after a few times being kept on hold they basically said they can't help me.
They said since it's just this retailer that it seems to be a problem then I should contact them and see what they say...

I don't think they really believed what I was saying. They seemed to think that I MUST have inputted my card details somewhere on the site beforehand and that's how the website has them, but I can promise you I haven't. They seemed to think it's impossible for this to happen because of encryption etc. so it can't have happened... which I totally understand, but I'm still baffled as to how this has happened...

 

[reclusive46]

@akash.nu

100% sure. Until very recently I worked in the merchant acquiring business. It‘s part of the standard authorisation message. Obviously they get the full PAN of the virtual card but the last 4 digits is also passed on of the real card number (the only exception being transit operators who get the full card number). Nothing can be done with just the last 4 digits, so it’s not a security issue.

It’s really a convenience thing as most people aren’t going to remember all their virtual card numbers and it does also give the option for the merchant to print both last 4 digit card numbers on the receipt for card present transactions (which makes returns easier as you can use the physical card as well). Some terminals in North America actually do that, I haven’t seen it in the UK (although Square terminals might do it, as they do it in NA).

 

[azing]

@akash.nu

100% sure. Until very recently I worked in the merchant acquiring business. It‘s part of the standard authorisation message. Obviously they get the full PAN of the virtual card but the last 4 digits is also passed on of the real card number (the only exception being transit operators who get the full card number). Nothing can be done with just the last 4 digits, so it’s not a security issue.

It’s really a convenience thing as most people aren’t going to remember all their virtual card numbers and it does also give the option for the merchant to print both last 4 digit card numbers on the receipt for card present transactions (which makes returns easier as you can use the physical card as well). Some terminals in North America actually do that, I haven’t seen it in the UK (although Square terminals might do it, as they do it in NA).

Very interesting, thanks for that! So the retailer gets the full device account number (essentially the virtual card number) so is this what could have happened here?
The retailer has just saved the virtual card number as a future payment method?

 

[reclusive46]

Very interesting, thanks for that! So the retailer gets the full device account number (essentially the virtual card number) so is this what could have happened here?
The retailer has just saved the virtual card number as a future payment method?

Correct. They are just showing the last 4 digits of the real card number to avoid confusion for most people.

 

[azing]

Correct. They are just showing the last 4 digits of the real card number to avoid confusion for most people.

Right. I guess I'm not too happy with the fact that retailers can still save the virtual card number and then that can be used for future payments, it doesn't seem as secure as I first thought.

 

[reclusive46]

Right. I guess I'm not too happy with the fact that retailers can still save the virtual card number and then that can be used for future payments, it doesn't seem as secure as I first thought.

Yeah I would point out though that there is merchant specific tokenized data included with the DAN, so it's not like they could have a breach, have the details stolen and used elsewhere. They could only be used at that merchant. The issuer would decline the transaction if the same details were used elsewhere.

 

[azing]

Yeah I would point out though that there is merchant specific tokenized data included with the DAN, so it's not like they could have a breach, have the details stolen and used elsewhere. They could only be used at that merchant. The issuer would decline the transaction if the same details were used elsewhere.

Right brilliant, thanks a lot for the insight, that makes me feel better!

 

[akash.nu]

@akash.nu

100% sure. Until very recently I worked in the merchant acquiring business. It‘s part of the standard authorisation message. Obviously they get the full PAN of the virtual card but the last 4 digits is also passed on of the real card number (the only exception being transit operators who get the full card number). Nothing can be done with just the last 4 digits, so it’s not a security issue.

It’s really a convenience thing as most people aren’t going to remember all their virtual card numbers and it does also give the option for the merchant to print both last 4 digit card numbers on the receipt for card present transactions (which makes returns easier as you can use the physical card as well). Some terminals in North America actually do that, I haven’t seen it in the UK (although Square terminals might do it, as they do it in NA).

I stand corrected! Thanks for the info.

 

[azing]

Yeah I would point out though that there is merchant specific tokenized data included with the DAN, so it's not like they could have a breach, have the details stolen and used elsewhere. They could only be used at that merchant. The issuer would decline the transaction if the same details were used elsewhere.

The retailer actually got back to me and explained exactly what you said here. Makes perfect sense now, I just had no idea that retailers had the ability to do this. Thanks again.

 

[iGeek2019]

The retailer actually got back to me and explained exactly what you said here. Makes perfect sense now, I just had no idea that retailers had the ability to do this. Thanks again.

Glad you got it sorted out. Guess I ought to just read this particular thread rather than add to it as I’m clearly dumb AF ??‍♂️.

See you around everyone…