Cyber thieves have already figured out a way to get around Apple Pay’s security system, raising issues not only for Apple but for Samsung and others in mobile payment.
Sourced through Scoop.it from: www.thestreet.com
The problem is simple. With stashes of millions of stolen credit cards details harvested in the recent breaches at Target (TGT – Get Report) , Home Depot (HD – Get Report) and the others, thieves have realized that an iPhone can, in effect, be transformed into a credit card substitute by loading it with a stolen number. Before, those criminals could only shop at online retailers. Now, with an iPhone, they can walk out of retail stores with merchandise they can sell. Since its inception, Apple Pay’s purportedly stronger security has been touted by Apple CEO Tim Cook, who pointed to fingerprint biometrics, including TouchID, and turning the transaction data into something non-sensitive, a process known as tokenization. But at least some experts think Apple Pay may not be as safe as advertised. Cherian Abraham, who heads mobile commerce & payments at Experian Global Consulting, blogged in early January on DropLabs.net, that one credit card issuer — which he couldn’t name — said Apple Pay fraud is running a rate of $6 per $100 in transactions, some 60 times higher than normal. Gartner analyst Avivah Litan said in an email that “every bank issuer has been impacted by it, according to my bank sources.” She believes all mobile payments solutions are likely to have problems similar to what appears to be plaguing Apple Pay.
That’s because the security issue revolves around card enrollment.
No one claims that the volumes of fraud in Apple Pay are enormous. Indeed, the overall volume of transactions on Apple Pay are relatively small even if the device is currently accounting for two-thirds of all contactless payments in the U.S. “I doubt the volume of fraud is out of control since [Apple Pay] still constitutes a fraction of the transactions out there,” Litan said.