Apple provides an Apple Pay privacy and security guide that details the security and privacy efforts in place for Apple Pay transactions.
Using Touch ID, your customers can authorize Apple Pay payments using credit and debit card payment credentials that are stored on their iOS or macOS device. These models contain a Secure Element, isolating card payment credentials from the main processor where your app runs. Your app then calls the appropriate APIs from Stripe to pass the payment information to us and we’ll process the transaction.
If you have further concerns about how the payment credentials are stored on Apple devices, we suggest you contact the Apple Developer Forum to post questions and receive answers from their team.
You can find more information about Stripe’s security and PCI compliance in our Integration Security Guide.