Instead of breaking Apple Pay‘s built-in security, identity thieves are taking advantage of lax rules for card activation from banks. In other words, crooks are loading stolen banking information on new iPhones and then using Apple Pay to purchase high-price items, according to the report.

Apple Pay

Banks are supposed to verify all cards that are loaded onto Apple Pay. But some provision card use simply by confirming the last four digits of social security numbers, for example.

In particular, Apple Stores are being targeted. They, of course, accept Apple Pay and offer high-value, in-demand Apple products. The Guardian charts total losses from Apple Pay as “already running into the millions,” citing “industry sources.”

Apple Pay works using near-field communication at payment terminals. Its transactions utilize more-secure tokenized payments, and buyers have to verify their purchases with Apple’s Touch ID fingerprint sensor. The combination of encrypted payments and biological verification is supposed to offer a good deal more security than typical magnetic strips — the problem here is how evildoers can manipulate bank card provisions.

Apple is standing its ground, saying that Apple Pay itself is extremely secure — it is the banks’ verification methods that are being called into question. It is not an Apple-exclusive problem, either, since this sort of verification rests in the hands of banks. .

“Apple Pay is designed to be extremely secure and protect a user’s personal information,” an Apple spokesperson told Mashable. “During setup Apple Pay requires banks to verify each and every card and the bank then determines and approves whether a card can be added to Apple Pay. Banks are always reviewing and improving their approval process, which varies by bank.”

Apple’s mobile payment competitors face the same problem, according to mobile payments blogDrop Labs

Two big problems with cybersecurity are authentication and the “false sense of security” that comes with strong cryptography, Patrick Nielsen, senior security researcher at Kaspersky Lab, told Mashable. Apple Pay’s security is strong, but thieves can find other, weaker links involved in the process, such as the banks.

“All these kinds of new technologies will have growing pains,” Nielsen said in an email. “The best way to solve this particular issue, though, would be to stop thinking of social security numbers as something that’s privileged and secret, and therefore not grant access (to use the credit card like a physical card, in this case) based on that knowledge alone.”


Recommend

SurveilStar is an ultimate employee monitoring software and parental control software which can help monitor computer activities and protect data security. You can also block files uploading and sharing to prevent data leakage. Including:

computer monitoring

  • View Real-time Screen Snapshot
  • Monitor Skype or Other Chat/IM Activity
  • Record Emails
  • Track web browsing history
  • Block access to any website
  • Remote PC Maintenance
  • Program Activity

 

If you would like to record and control all your children or employees’ activities on working PC, SurveilStar Monitoring would be your best choice.

A 30-day free trial version of this professional computer monitoring and tracking software is available. Feel free to download and try to check what your employees and children have done on PC.

Download

 

Reference: http://mashable.com/