All iPhones that can use Apple Pay have Secure Elements. Google tried that in the past but were ahead of their time: SE's then were expensive and finnicky. Perhaps all Android Pay phones using Android N or whatever in future will have to incorporate a Secure Element, too. This will mitigate the need for root checks if push comes to shove. Another possibility (at least with ARM) is to use TrustZones or other hardware-based encrypted-execution zones again where not even root can intrude.