> But isn't the promise of Apple Pay that you never expose your real credit card # to the merchant? So they can't track you? I know Walmart in Canada really resisted Apple Pay for a few years because it would mean no more ability to track people by their payment methods.
Yes, this is exactly what Walmart does in the US since they still don't accept Apple Pay/Google Pay. When I go in and make a purchase using my credit or debit card, they'll associate it with my Walmart account and it'll show up as a "recent order" in the Walmart app because I have the same card saved there for ordering groceries online. They use those in-store purchases to recommend things to add to my grocery orders all the time.
> since they still don't accept Apple Pay/Google Pay. When I go in and make a purchase using my credit or debit card, they'll associate it with my Walmart account
Why wouldn't they be able to do that with at least Google Pay?
I pay with my phone using Google Pay at a Swedish grocery store chain and it's connected to my loyalty account there.
(Since I don't use Apple Pay I don't know if the same works there.)
I guess I'm not familiar with how Google Pay actually works, I assumed it was the same as Apple Pay. With Apple Pay the merchant gets a randomized card number on every transaction.
Too late to edit my comment, but it looks like I didn't quite understand how Apple Pay works either. After a little more research on both of them, here's the gist of it: Apple Pay and Google Pay both create a "Device Account Number" for your card, and this number never changes. When you tap your phone to pay, it generates a one-time cryptogram for the transaction which will always be unique. I was under the impression that merchants only get the cryptogram, but that's not the case – merchants get both the cryptogram and the DAN during the purchase.
The problem is, since the DAN is a stable number that never changes per card, they can save it and use it to recognize you across visits. That's how stores can tie Apple Pay/Google Pay transactions to loyalty programs without scanning a separate card. The DAN doesn't differentiate between online/in-app purchases and physical purchases either, though the number is different between devices (i.e. use phone to pay in-store, use computer or tablet to shop for groceries). But realistically, Apple Pay/Google Pay would only marginally improve the privacy in the Walmart scenario, which is a bummer.
Yes, this is exactly what Walmart does in the US since they still don't accept Apple Pay/Google Pay. When I go in and make a purchase using my credit or debit card, they'll associate it with my Walmart account and it'll show up as a "recent order" in the Walmart app because I have the same card saved there for ordering groceries online. They use those in-store purchases to recommend things to add to my grocery orders all the time.