Apple Pay - xslim/mrt.io GitHub Wiki

The credit card numbers are stored in a dedicated chip on the device that Apple calls “Secure Element” on both the iPhone 6 and the new Apple Watch. According to their documentation, these numbers are never stored on Apple servers and remain resident on the device. A dynamic security code is used to process the payment as opposed to sending the number to the retail terminal

They did mention a 3rd party app for the watch that allowed a hotel guest to open their room door with NFC. This is a classic use case for NFC and gives some indication that the NFC controller will be open to developers at some point. Remember, the watch is not supposed to be released until Q1 2015. So for now I'd say it's closed but will be open soon.

• Who decrypts? http://www.iphoneincanada.ca/news/mastercard-exec-shares-apple-pay-security-details/
• https://developer.apple.com/apple-pay/
• https://developer.apple.com/apple-pay/Getting-Started-with-Apple-Pay.pdf
• https://developer.apple.com/library/prerelease/ios/documentation/PassKit/Reference/PaymentTokenJSON/PaymentTokenJSON.html#//apple_ref/doc/uid/TP40014929
• https://developer.apple.com/library/prerelease/ios/documentation/UserExperience/Reference/PassKit_Framework/index.html#//apple_ref/doc/uid/TP40012158
• Stripe: https://stripe.com/docs/mobile/ios
• Card token http://www.emvco.com/faq.aspx?id=264#13