TUAW wrote about Apple Pay.
Remember that merchants in an Apple Pay transaction never have access to user credit card information and, as a result, users never have to worry about their information being compromised in a security breach. Further, security at the device level is effectively impenetrable as tokens, along with the encrypted keys responsible for the cryptogram, are all securely stored in the Secure Element.
And as an extra security precaution, iPhone owners will have the ability to unlink or temporarily suspend a token connected to a stolen device, thereby rendering Apple Pay inoperable until the device is retrieved.
So while the Apple Pay user experience has been set up to be impressively simple, there are a myriad of complex safety measures at work behind the scenes to help ensure that sensitive user data remains free from prying eyes. The use of token-based payments is something the banks have been pushing for and something the credit card networks are similarly excited for.
I have come across ill-informed people trying to scare others about how insecure Apple Pay is, and some have no idea how Apple Pay works and simply claim it isn’t safe because they think it isn’t. It pays to find out more before passing judgement.