Why does Apple Pay give merchants full card details?
I purchased something online using Apple Pay through a browser. The merchant keeps charging a never approved charge through Apple Pay.
iPhone 14 Pro Max, iOS 18
It doesn't. Your bank gives you a unique token when you add their card to your wallet and when you use Apple Pay on a website, you give the merchant that token tailored for their use, not your actual credit card number. The merchant is not billing Apple Pay, they are using the token provided by your bank to deduct the amount that had previously been approved, which is done by double clicking the side button on your phone, followed by verification with Face ID/Touch ID or Passcode. The merchant cannot get your token without you doing that.
A recurring charge, such as s subscription will continue to bill that same token until you cancel it with the merchant. Apple is not involved in the transaction at all after you have given them that token. That is also how you set up Auto Pay using Apple Pay for many of the companies that use Auto Pay. I use it to automatically pay my Health Insurance, TV Service, and many of my utilities. Disputing a charge is done the same way as it always has been. First you contact the merchant for a resolution and if unresolved, then you dispute the charge with the bank of the issued card.
The benefit of Apple Pay is that the token you have given to the merchant is only useful to them, so it cannot be used by anyone else through a data breach on the website or by selling it on the Dark Web like they can do with your actual account number. The other benefit is that the token is only sent from your iPhone after verification on your device with Face ID/TouchID or Passcode.
It doesn't. Your bank gives you a unique token when you add their card to your wallet and when you use Apple Pay on a website, you give the merchant that token tailored for their use, not your actual credit card number. The merchant is not billing Apple Pay, they are using the token provided by your bank to deduct the amount that had previously been approved, which is done by double clicking the side button on your phone, followed by verification with Face ID/Touch ID or Passcode. The merchant cannot get your token without you doing that.
A recurring charge, such as s subscription will continue to bill that same token until you cancel it with the merchant. Apple is not involved in the transaction at all after you have given them that token. That is also how you set up Auto Pay using Apple Pay for many of the companies that use Auto Pay. I use it to automatically pay my Health Insurance, TV Service, and many of my utilities. Disputing a charge is done the same way as it always has been. First you contact the merchant for a resolution and if unresolved, then you dispute the charge with the bank of the issued card.
The benefit of Apple Pay is that the token you have given to the merchant is only useful to them, so it cannot be used by anyone else through a data breach on the website or by selling it on the Dark Web like they can do with your actual account number. The other benefit is that the token is only sent from your iPhone after verification on your device with Face ID/TouchID or Passcode.
It doesn’t provide your “full card details” …
… the merchant never knows your actual credit card number (and in fact your full card number isn’t even stored in your wallet at all) …
… but ApplePay can indeed still be used to setup recurring payments.
Outstanding explanation! 👏👏👏
Why does Apple Pay through browsers give merchants full card details?
