But they cannot enforce it since a merchant has the right to refuse service for any reason.
Sure they do. My brother has gotten the CC company on the phone when he's been asked for his ID, and the retailer has always backed down on their request for ID.
Sure they do. My brother has gotten the CC company on the phone when he's been asked for his ID, and the retailer has always backed down on their request for ID.
If the company wanted to, they could just refuse the sale.
So that Apple can deny it if the phone was lost or stolen and turned off by "Find my iPhone" for one.
The other reason is that the CC info is not stored on the device, but a token representing that info is stored on the device, and at some point that has to be turned into the actual CC info so that the transaction can be processed.
If the token stored on the device can be reversed back in to the complete CC data, it is insecure and no different than having the data itself stored on the device, since it will eventually be cracked, and that is too big a liability to have all your CC data on the device if it gets stolen.
So that Apple can deny it if the phone was lost or stolen and turned off by "Find my iPhone" for one.
What does that have to do with transactions?
The other reason is that the CC info is not stored on the device, but a token representing that info is stored on the device, and at some point that has to be turned into the actual CC info so that the transaction can be processed.
Which Apple doesn’t have. So there’s zero sense in sending anything to Apple when it would be sent to the credit card company.
Which Apple doesn’t have. So there’s zero sense in sending anything to Apple when it would be sent to the credit card company.
#1) When doing the transaction, the check is made.
#2) They don't? Proof please. (If they don't, then they have some sort of token which is looked up by device number and sent along to the network doing the processing or something similar)
Please outline how you think that Apple Pay actually works, since how it appears you think it works, doesn't. But I may be missing something, so please outline each step in how it works according to your understanding, including any links or supporting material if you have it.
If the company wanted to, they could just refuse the sale.
On what grounds? No one forced them to agree not to ask for ID for a CC purchase. I for one always show it when asked, but I do also inform them that they're not supposed to per their agreement with the CC company.
On what grounds? No one forced them to agree not to ask for ID for a CC purchase. I for one always show it when asked, but I do also inform them that they're not supposed to per their agreement with the CC company.
They can refuse on any grounds they want. If they are not comfortable with the sale, they can refuse to complete it. For any reason they want.
When the card is inputted — the iPhone 6 allows for the card to be inputted via scanning — the networks send a token and a cryptogram to the iOS device, which stores them on a special chip (more about that in a moment). The iOS device, in this state with the cryptogram and token installed, is known as the “token requester.” (Some fintech folks had wondered whether Apple would be the “token provider,” but in actuality it — or its devices, really — are “token requesters.”) Again, Apple stores the token and cryptogram data on the phone in a “secure element” — which is a separate, secure chip within the iPhone especially dedicated to its security. This secure chip is also the only element within the device that can produce a token and cryptogram.
This authentication prompts the “secure element” to send the token and cryptogram to the merchant. The network decrypts the cryptogram and determines whether it is authentic or not. If it is deemed authentic, the network will pass it along to the issuer (i.e. the bank), which then decrypts the token. In other words, every party to the transaction decrypts something.
Once the issuer decrypts the token and determines that it is authentic, the issuer/bank authorizes the transaction. Money is then credited to the merchant and marked as an amount owed by the cardholder.
At no time is Apple given your information.
EDIT: To clarify, Apple servers are not told your CC information. That is stored on-device and only your CC provider is pinged during transactions, sending only the token/cryptogram.
#1) When doing the transaction, the check is made.
#2) They don't? Proof please. (If they don't, then they have some sort of token which is looked up by device number and sent along to the network doing the processing or something similar)
Please outline how you think that Apple Pay actually works, since how it appears you think it works, doesn't. But I may be missing something, so please outline each step in how it works according to your understanding, including any links or supporting material if you have it.
Thanks.
In addition to what TS said above, I would like to propose that when you disable payments from find my iPhone, Apple will simply send a note to the bank to de-authorize the device until further notice. I have no source for this, but it seems much easier and more foolproof than any other method.
Comments
Sure they do. My brother has gotten the CC company on the phone when he's been asked for his ID, and the retailer has always backed down on their request for ID.
Sure they do. My brother has gotten the CC company on the phone when he's been asked for his ID, and the retailer has always backed down on their request for ID.
If the company wanted to, they could just refuse the sale.
The fact that a transaction exists for that device is sent to Apple.
Who says? Why would it?
Who says? Why would it?
So that Apple can deny it if the phone was lost or stolen and turned off by "Find my iPhone" for one.
The other reason is that the CC info is not stored on the device, but a token representing that info is stored on the device, and at some point that has to be turned into the actual CC info so that the transaction can be processed.
If the token stored on the device can be reversed back in to the complete CC data, it is insecure and no different than having the data itself stored on the device, since it will eventually be cracked, and that is too big a liability to have all your CC data on the device if it gets stolen.
Who says it doesn't?
So that Apple can deny it if the phone was lost or stolen and turned off by "Find my iPhone" for one.
What does that have to do with transactions?
Which Apple doesn’t have. So there’s zero sense in sending anything to Apple when it would be sent to the credit card company.
What does that have to do with transactions?
Which Apple doesn’t have. So there’s zero sense in sending anything to Apple when it would be sent to the credit card company.
#1) When doing the transaction, the check is made.
#2) They don't? Proof please. (If they don't, then they have some sort of token which is looked up by device number and sent along to the network doing the processing or something similar)
Please outline how you think that Apple Pay actually works, since how it appears you think it works, doesn't. But I may be missing something, so please outline each step in how it works according to your understanding, including any links or supporting material if you have it.
Thanks.
On what grounds? No one forced them to agree not to ask for ID for a CC purchase. I for one always show it when asked, but I do also inform them that they're not supposed to per their agreement with the CC company.
On what grounds? No one forced them to agree not to ask for ID for a CC purchase. I for one always show it when asked, but I do also inform them that they're not supposed to per their agreement with the CC company.
They can refuse on any grounds they want. If they are not comfortable with the sale, they can refuse to complete it. For any reason they want.
I get asked in the US all the time, and when I say I don't carry my password everywhere, they have often refused the sale to me. Ridiculous.
#1) When doing the transaction, the check is made.
#2) They don't?
1.1: Really? Cool. Though should’t the entire device just be disabled?
1.2: But that’s just a normal check out to the Find My iPhone service. Nothing to do with the transaction itself.
2. Why would Apple have it? What reason is there for it?
Please outline how you think that Apple Pay actually works, since how it appears you think it works, doesn't.
It works like this.
Once the issuer decrypts the token and determines that it is authentic, the issuer/bank authorizes the transaction. Money is then credited to the merchant and marked as an amount owed by the cardholder.
At no time is Apple given your information.
EDIT: To clarify, Apple servers are not told your CC information. That is stored on-device and only your CC provider is pinged during transactions, sending only the token/cryptogram.
In addition to what TS said above, I would like to propose that when you disable payments from find my iPhone, Apple will simply send a note to the bank to de-authorize the device until further notice. I have no source for this, but it seems much easier and more foolproof than any other method.