[bret791]

Mostly there, you get a tokenized PAN (DPAN) for every card enrollment. Remove, and re-add a card to your digital wallet and you'll get a new DPAN.

The unpredictable number is an (of a few) inputs into the generation of the CVV3, which is also based on a dynamic key from the issuer. Key rotation is on the order of weeks to months (depending on issuer). This is the "unique number" per transaction (part of tag 57 https://emvlab.org/emvtags/show/t57/ )

DPAN is only good for card-present transactions, provided CVV3, transaction counters, etc.

[CKN23-ARIN]

> Remove, and re-add a card to your digital wallet and you'll get a new DPAN.

Has anyone made a habit of rotating DPANs on a regular basis like this? Does Apple or your bank get irritated at some point?

[avianlyric]

I would avoid doing this. Mastercard guidance (and I assume Visa is the same) is to treat this behaviour as fraudulent.

I once had a very long call trying to explain to a very upset Mastercard person why this behaviour wasn’t an issue. I don’t think they understood.

[fouc]

Mastercard client/user or Mastercard support/staff?

[avianlyric]

Mastercard staff member responsible for Apply Pay best practices.

[jackjeff]

I do. Every update of watchOS since version 6 seems to break activity syncing between my watch and phone. So I end up having to restore from backup every time, and thus reset ApplePay.

So far my banks have not complained.

[SiNTEx]

Only possible problem I can think of is that you would trigger some of the fraud rules on Apple’s, network’s or issuer’s side as all theses parties have the ability to trigger yellow or red flows during the token provisioning. You would then probably have to call your issuer for assistance every time you want to provision new card to your device.

[winter_blue]

I involuntarily do this (annually), when getting a new iPhone every year. My iOS Wallet app resets, and I'm forced re-add all my cards (although it does remember what cards where added previously). Never thought too much about it.

[robk]

Why would you do this?

[CKN23-ARIN]

So that retailers won't be able to use DPAN to uniquely identify me across transactions.

[divbzero]

On the flip side, the ability to look up your past purchases can enable returns without receipts.

The other week a store clerk failed to look up my purchase when using my physical credit card, but succeeded when using the same credit card via Apple Pay. I would have been out of luck if I had rotated my Apple Pay number.

[javajosh]

Or perhaps your device could store previous identifiers and offer those to the vendor to lookup in their system? Assuming the vendor isn't doing something shady like building an association table between identifiers, this would preserve your privacy and let you change your identifier as much as you like.

[nielsbot]

I think there's also a button in settings to get a new card number?

[mehrdada]

That's an Apple Card thing I believe, not Apple Pay--and it rotates a different card number than the one in your physical Apple Card or device-specific card number. It's the one you're supposed to use on legacy online stores and rotating it is similar to ShopSafe, etc.