|
|
|
|
|
|
by mattpavelle
1030 days ago
|
|
|
The thing I find most interesting is the final snippet of the article: 404 Media found that MTA’s trip history feature still works even when the user pays with Apple Pay. Apple told 404 Media it does not store or have access to the used card numbers, and does not provide these to merchants, including transit systems. Apple did not respond when asked to clarify how the MTA website feature works when a rider uses Apple Pay. Per https://www.apple.com/apple-pay/ marketing, "When you make a purchase, Apple Pay uses a device-specific number and unique transaction code. So your card number is never stored on your device or on Apple servers. And when you pay, your card numbers are never shared by Apple with merchants. Your purchases stay private." So something strange is going on for sure... |
|
|
https://news.ycombinator.com/item?id=35698169
TLDR: Omny gets a hash of the Apple Pay card, and later, they can one way hash a card (that you give them) and match it to past purchases/travels. They (OMNY/MTA) presumably do not have access to the original card number that Apple Pay is 'masking'.
But I agree with you that the language on Apple's site makes it seem like it's more anonymous than it really is (as this hash exception makes obvious)