In this article, we’ll check out how Apple Pay and Google Pay take care of your important credit card details, and we’ll look at the technical details of their security mechanisms. While both are secure payment methods, they differ in their implementation.
1. Tokenization and Security
In 2013, Apple Pay led the way by pioneering the concept of tokenization. This process involves using special codes known as payment tokens to represent your sensitive credit card information, providing a high level of security.
On the other hand, Google Pay, previously referred to as Android Pay and Google Wallet, came into play in 2018. It also utilizes tokenization technology, creating a secure environment for your digital payments.
2. How Both Systems Work
Both Apple Pay and Google Pay start by getting important credit card information from your device. It’s essential to know that neither of them keeps the main credit card number (PAN) on your device for added security.
When it’s time to send this info, Apple Pay safely sends the PAN to its server, which figures out the bank behind the credit card. The bank then checks the PAN and sends a special number, known as the device account number (DAN), back to your device.
Google Pay works in a similar way but may save some payment info on its servers, which is a bit different from Apple Pay.
3. Secure Element vs. Host Card Emulation (HCE)
Apple Pay keeps your payment token safe inside something called the Secure Element in your device. When it’s time to make a payment, it takes the token from this secure spot and sends it to the store’s payment machine.
On the other hand, Google Pay does things a bit differently. It uses Host Card Emulation (HCE) to keep your payment token in the wallet app on your device. So when you want to pay, the token is retrieved safely from the cloud and sent to the store’s payment machine using something called the NFC controller.
4. Authorization Process
When you use either Apple Pay or Google Pay to pay for something, the last part where they check if your payment is okay is pretty much the same.
First, the store’s bank figures out which payment network your payment token belongs to. Then, it sends this info safely to the payment network. The payment network checks the token and might ask a Token Service Provider (TSP) to get back your original credit card number. Finally, the bank says it’s okay, and your payment is authorized.
5. Storing Payment Tokens
Apple Pay keeps your payment tokens in a super safe place called the Secure Element, making sure they’re extra secure. Apple emphasizes that it does not store payment tokens on its servers.
On the other side, Google Pay stores payment tokens in the wallet app, not in a secure element. Google’s terms of service state that payment information may be stored on their servers.
Both Apple Pay and Google Pay use tokenization technology to ensure the security of your transactions. While Apple Pay is known for its user-friendly and secure approach, Google Pay also provides a secure payment experience. However, the key differences lie in how payment tokens are stored, handled, and transmitted on the device, as well as how payment information is managed on servers. Knowing these differences can help you make an informed choice when you’re making payments.