When Apple debuted its slick new titanium credit card earlier this year, one of the biggest advantages that the company touted behind its direct entry into financial services was that this would quite possibly be the most private credit card ever made.
Apple promised that it wouldn’t know anything at all about your transactions (other than those made to buy things from Apple, of course). Further, its financial partner, Goldman Sachs, made it clear that although it needs to know transaction details to do its job and comply with various banking regulations, it promised that it would not share or sell any of that data with third parties under any circumstances.
In addition, Apple also put its technological expertise in privacy and encryption to work in closing many of the common holes to leaking transaction information. For example, even though it’s slightly inconvenient to users, there’s no way to view your transactions from your Apple Card except via the iPhone’s Wallet app, where everything is securely encrypted. The lack of a web portal limits access to potential hackers, and means that users can’t opt into comparatively less private aggregators like Intuit’s Mint service.
Sadly, in the midst of all of this laudable commentary on privacy, there’s one silent partner in the Apple Card family that neither Apple nor Goldman have said much about.
The Weak Link
Apple provides the branding and much of the technology for the new Apple Card, and Goldman Sachs provides the banking system behind it, but like every other credit card out there, it still needs to work through a card network in order to actually be accepted at retailers. This is where Mastercard comes in.
Of course, Apple and Goldman have acknowledged that Mastercard is the card network that is used by the Apple Card. In fact, the Mastercard logo is embossed on the back of every Apple Card. What they haven’t said, however, is how Mastercard fits into their privacy policies, and it seems there may be good reason why they’ve been more reluctant to comment on this, since it turns out that Mastercard network is most likely the weakest link in the Apple Card’s otherwise great privacy protections.
Last week, Geoffrey Fowler of The Washington Post (the same journalist who recently revealed how much data iPhones were leaking to online trackers), conducted an interesting experiment on credit card privacy, comparing the Apple Card to an Amazon Prime Rewards Visa from Chase.
Fowler used each card to buy a banana from Target, and then tried to follow the chain through banks, partner companies, payment processors, and retailers to determine exactly what information was being tracked.
You might think my 29-cent swipe at Target would be just between me and my bank. Heavens, no. My banana generated data that’s probably worth more than the banana itself. It ended up with marketers, Target, Amazon, Google and hedge funds, to name a few.Geoffrey Fowler, The Washington Post
In total, Fowler noted that there were six different types of businesses that could mine and share elements of his purchase of a simple banana, and although the Apple Card fared significantly better at protecting his privacy, it still didn’t provide a perfect solution.
While the Apple Card showed a huge advantage over the Chase card in terms of the privacy from the bank and the card partner (Amazon, in this case), since Apple is very clear about not sharing data on those levels, the Mastercard network is under no such obligations, and according to its privacy policies, regularly shares transaction data — in an anonymized form — with various businesses ranging from tourism bureaus to Google.
The networks, whose main business is connecting banks, have side gigs in aggregating purchases and selling them as “data insights.” Visa said it allows clients to see data on populations as small as 50 people, often tied to groups in Zip codes. Mastercard wouldn’t disclose its minimum group sizeGeoffrey Fowler, The Washington Post
Fowler adds that Mastercard has one program that “particularly irks privacy advocates” where it feeds data to Google to track retail sales as part of a secret partnership that the two companies set up last year, according to Bloomberg. The data is still largely anonymized, but it’s designed to let Google link ads people have seen back to purchases that they’ve made in the real world with their Mastercard-branded credit cards. There’s no reason to assume that transactions made with the Apple Card — which pass through the Mastercard network in the same manner as any other Mastercard transaction — would be exempt from these sorts of programs.
Both Mastercard and Google told Fowler that they scrub identifiable information from any transactions that they do process, although Mastercard obliquely denied the existence of the Google partnership, stating that it “is not sharing any data or insights for ad measurement purposes to any of the tech giants.” Another person familiar with the matter, however, confirmed to Fowler that the program does indeed exist.
There’s also another similarly unavoidable weak link in the chain, and that’s the retailers themselves. Since every credit card has a number assigned to it — and the Apple Card is no exception — retailers can track customer behaviour based on the individual card numbers. In short, when you swipe your card, they know what your card number is, and can link it to you.
This is the same reason many retail systems can automatically email you a receipt without asking for your email address each time. If you’ve ever provided your email address when making a transaction, their point of sale system associates that with your credit card number, and helpfully pulls it up again the next time you use that credit card in that retailer’s chain.
Of course, this also allows them to track considerably more information about your shopping habits, and what each retailer does with this information varies. In the case of Target, where Fowler purchased his two bananas, the company claims it does not “sell” data, but it does have the right to “share” personal information with other companies “to provide special offers and opportunities to you.” A Target spokeswoman declined to say who these companies might be, but added that they “provide aggregated, de-identified information whenever possible.”
Using Apple Pay doesn’t necessarily improve this situation either. Although Apple generates “Device Account Numbers” that differ from the number on the physical card, these aren’t rotated on regular basis. So in other words, while your iPhone, Apple Watch, and physical Apple Card all have different numbers from each other, these don’t change unless you take manual steps to do so.
This means that every purchase made with your iPhone will present the same device account number. While this is secure in that this number can only be used for an Apple Pay transaction, it doesn’t really do anything to enhance your privacy at the till, since the retailer will still be able to get a number that they can associate with you, in the same way as if you used any other physical credit card.
What This Means
Unfortunately, however, Apple’s statements on privacy may lead you into a false sense of security when using the Apple Card, thinking that your transactions are completely anonymous. However, credit card networks must still comply with necessary Federal laws, which means that they need to collect and store enough details on your credit card transactions for that purpose, and as Engadget points out, there’s little doubt that Goldman will know and will deal with you if you’re using your card for things you shouldn’t be, such as illegal goods or services or illegal gambling sites.
To be clear, the Apple Card is still leaps and bounds ahead of just about every other credit card on the planet when it comes to privacy but it’s by no means completely private. There are still points of entry where retailers can track you, but it’s also fair to say that Apple has done as much as it possibly can to protect your privacy when using the Apple Card.