Toggle Dark Mode
The holiday shopping season is upon us, and with Apple Pay available at most big online retailers, it’s now easier than ever to check everything off your gift list and get through the digital checkout lane with minimal fuss.
Every current MacBook and even Apple’s new 24-inch iMac now support Touch ID, letting you make payments with nothing more than a tap of your finger. Unfortunately, the feature is so great that it can be frustrating if it doesn’t work, and unfortunately, there are a few ways that Apple Pay could end up getting inadvertently disabled on your Mac.
It turns out that payment processors require Apple to maintain a very high degree of security for Apple Pay. If the T2 chip detects that those requirements haven’t been met, Apple Pay gets disabled to protect the integrity of your transactions and payment information.
This isn’t a problem for the iPhone and iPad since these run the much more closed iOS/iPadOS operating systems, where you can’t really disable any security settings that would potentially compromise Apple Pay. Mac users are accustomed to working in a much more open environment, so there’s a limit to what Apple can do to lock things down.
Instead, the Mac simply switches off Apple Pay when it encounters something that could present a security risk, and this can sometimes leave you guessing as to exactly what’s going on.
As Glenn Fleishman explains over at Macworld, there are several reasons why Apple Pay could be disabled on your Mac. Unfortunately, when Apple Pay is unavailable, macOS doesn’t really do much to tell you exactly what’s wrong. Instead, it simply offers up a vague message in your Wallet & Apple Pay settings that “Apple Pay has been disabled because the security settings of this Mac were modified.”
There’s a “Learn More” button here that will take you to an Apple support article on the topic, but you’ll still have to figure out which of these things apply to your situation, and as Fleishman notes, it’s not an exhaustive list.
Ensure Automatic Security Updates are Enabled
The most common way to break Apple Pay on your Mac is to disable automatic updates in the Software Update section of System Preferences.
Since there could be important security updates that affect Apple Pay, you won’t be allowed to use it if you’ve turned off those automatic updates. Unfortunately, macOS doesn’t bother to check if you’re running the latest updates, so even if your Mac is completely up-to-date, turning this option off will also disable Apple Pay.
However, the good news is that you don’t need to enable full macOS updates if you don’t want to. It’s enough to select the option to “Install system data files and security updates,” which is conspicuously broken out at the bottom of the automatic updates section. Here’s how to check this:
- On your Mac, open System Preferences.
- Click Software Update.
- Click the Advanced button.
- Ensure that Check for updates and Install system data files and security updates are both selected. You can select the other options too, but those don’t affect Apple Pay.
- Click OK.
Your MacBook Lid Must Be Open
The debut of Apple’s Magic Keyboard with Touch ID has revealed another interesting and somewhat mysterious Apple Pay limitation: The lid on your MacBook must be open to use Apple Pay.
While this should normally be pretty obvious, since the Touch ID sensor is under the MacBook’s lid, it turns out that it’s still the case even if you’re using the Touch ID sensor on the new Magic Keyboard.
In other words, if you normally plug in your MacBook with the lid closed to be able to use an external keyboard or monitor, you won’t be able to make Apple Pay transactions unless you open the lid first.
There doesn’t seem to be any obvious reason why this should be necessary. It could just be the way the security architecture of the Mac hardware is designed since even the external Magic Keyboard has to pass through the Secure Enclave in the T2 chip — the keyboard only provides the raw biometric data over an encrypted Bluetooth connection.
If the open-lid requirement is hardwired into the T2 chip, it’s going to refuse to process Apple Pay transactions regardless of where the fingerprint data is coming from.
Reduced Security Mode
With such stringent security requirements, it’s also not surprising that Apple Pay will be disabled if you put your Mac in what’s called “Reduced Security Mode.”
The good news is you probably won’t have done this without knowing about it since it requires booting into macOS Recovery mode and changing some settings there. However, some software tools that require direct access to low-level drivers, such as special audio software, won’t work on an M1 Mac without reducing security.
Although these tools can’t automatically put your Mac into a lower security mode, they do provide step-by-step instructions that you can follow to do this yourself. Doing this might make these tools work, but you’ll do so at the cost of breaking Apple Pay and reducing your Mac’s security overall.
Fortunately, Apple has a detailed walk-through you can follow to return your Mac to full security. Among other things, this mode ensures that only a current version of macOS, signed and trusted by Apple, can run on your Mac.
Third-Party Software and Malware
Apple also rather cryptically notes the possibility that some types of third-party software or malware may “affect its ability to keep your payment information secure.”
The support document offers no explanation as to what form this malware might take, but it does imply that it goes beyond just any old piece of malware that might find its way onto your Mac. Nonetheless, if you’ve tried everything else and Apple Pay still isn’t working on your Mac, then it may be time to dig a bit deeper and see what’s installed that could have macOS fearing for the safety of your credit card info.
Autofill vs. Apple Pay
The restrictions above only affect actually making payments directly with a credit or debit card stored in Apple Pay on your Mac. However, even with reduced security, you’ll still be able to autofill credit card information in Safari, as this is effectively the same as typing credit card numbers in manually.
By their very nature, Apple Pay transactions have a very high degree of trust. When you add a card to Apple Pay, it’s validated and authenticated by your bank or credit card company and stored in the Secure Enclave, where it can only be accessed by providing your password or biometric authentication such as Touch ID.
None of this occurs when you simply save a credit card number for auto-filling in Safari. There’s no verification of that information done on your end beyond simply checking the format of the number to make sure it looks like a credit card number. Instead, the credit card is validated when you actually submit it online to whatever website you’re shopping at.
This means that when a payment processor receives an Apple Pay transaction, they know that it’s valid and trustworthy. This bypasses most of the normal anti-fraud checks, and as a result, merchants are also charged considerably lower processing fees for these payments.
After all, it’s virtually impossible to use a stolen credit card with Apple Pay. Apple and the mobile payments industry want to ensure it stays that way by guaranteeing the underlying platform on which Apple Pay is used remains locked down against hackers, cybercriminals, and other similar threats.