Apple Pay Fraud at Six Percent of all Transactions at Certain Banks

ApplePayCrook
johnbrianfastcpa.com

In the weeks leading up to the launch of Apple Pay, there were many among its defenders in the media that were saying that it was secure.  Some were even touting it as more secure that using a credit card or debit card.

In an article that appeared in mashable.com titled, “Why Apple Pay Is the Most Secure Payment Platform on the Planet” the author Rex Santus made the following claim;

Despite worries about someone stealing your phone or it being susceptible to hackers, experts say Apple Pay actually adds significant security to your payment transactions, even more than traditional credit cards.

CreditCard

At Utbblogs, we highlighted several security issues with Apple Pay in the following article last October with the latest one being in March.  We mentioned that there were security flaws that allowed a user to add a credit card that did not belong to him or her to their Apple Pay account on a smartphone.

In several tests that were carried out, a Consumer Electronics editor, Glenn Denere was successfully able to both add and use a credit card that was not his to purchase goods and services with Apple Pay.  Unfortunately for Apple, this problem is still occurring six month later and is not going away.

In an article titled, “Will Apple Pay be secure enough for Canadians?” security expert Cherian Abraham made the following observation

One expert, Cherian Abraham, writes that Apple Pay fraud may have reached six per cent of all transactions at certain banks, that’s sixty times the average rate of fraud for credit cards.

Another expert, Aite Group’s Julie Conroy mentioned that in some banks the number is as high as 8 percent.

PassingTheBuck2

So you would think that Apple would have owned up and would be very hard at work trying to fix this problem, but instead they have passed the buck onto the banks.  Instead of building identity proofing solutions into their app to ensure that only the owner of the iPhone is able to add their card into the app, they have tossed the blame on the banks.

Los Angles Times reporter, Michael Hiltzik very much doubted Apple’s claim that there were no security issues with Apple Pay and had this to say

“We’ll see: Credit account information will flow between the customer and Apple at some point, somehow,” said Hiltzik. “Apple’s systems haven’t been anything like secure in the past, so the company’s promise that this one will be rock-solid shouldn’t be taken as gospel.”

Hiltzik says while it is true that no exchange of credit card information exists between the consumer and retailer, criminals are already exploiting the Apple Pay system by then. Crooks have begun loading stolen credit card info onto iPhones. “That’s where the system breaks down,” says the reporter, as he says Apple simply throws up its hands and shunts off the verification of cards off to the banks.

This just confirms what we have been saying all along.  Apple Pay has vulnerabilities and is not as secure as they claim. Organized crime rings are already responsible for millions of dollars in fraud charges and that number continues to grow every day.

Source: fierceretail.com

As noted in Pymnts.com, “in a particularly fun irony, Apple Stores are favorite locations to target because they take Apple Pay and sell high-price goods with large resale values.”

So folks if you really value your security, there is a company that you can trust.  A company whose phones on its latest operating system has never been hacked.  A company that the US President Obama, UK Prime Minister David Cameron and other world leaders that German Chancelor Angela Merkle rely on to keep their communications secure.  A company that will not allow your private pictures to be hacked and distributed over the internet.  The name of that company is BlackBerry.

web99

Web99 enjoys tech and has tried smartphones on all the major platforms. Out of all devices he has tried, BlackBerry10 best fulfills his needs.

  • ray689

    Wow Apple has way too much clout that they can provide such a poor product which is costing banks millions yet still have all the banks fall over each other to jump on board. It’s a sad state we live in.

    • web99

      Ray,

      The trend seems to be that several companies, including banks and carriers that choose to do business with Apple, come out holding the short end of the stick. The vulnerabilities in Apple Pay that were missed by American banks during their negotiations with Apple were immediately seen by the Canadian banks. That and the fee Apple collects on each transaction are big sticking points

      The other thing is that Apple’s focus with Apple Pay was to make it as easy for the user as possible without much thought to security and verification.

  • Canuckvoip

    That amount/increase in theft is unacceptable, and all the banks need to get together and tell Apple to either fix it or get out.

    • web99

      Canuckvoip,

      It is much bigger than that. The problem is that the US banks are so scared of Apple that they are willing to accept risks, unnecessary compromises to their financial systems and put up with inconveniences that they would not put up with from any other company in order to be included in the Apple Pay program. They were so scared of being left out of the program that they compromised their checks and balances that they would normally have in place in order to be included. The same trend is occurring with carriers in some of the contracts that were signed with Apple in order for them to be licences to sell iPhones.

      In the following New York Times article, Pointing Fingers in Apple Pay Fraud , there is an interesting quote as to why the US banks were not more vigilant in insisting that Apple put the necessary identity verification in place to avoid this type of fraud

      “Some bank executives acknowledged that they were were so scared of Apple that they didn’t speak up. The banks didn’t press the company for fear that they would not be included among the initial issuers on Apple Pay. Within weeks of Apple Pay’s introduction, a second set of banks joined: Barclays, Navy Federal Credit Union, PNC Bank, USAA and U.S. Bank”

      The other thing was that each US bank had a separate negotiation with Apple. With the Canadian banks, as mentioned in the Will Apple Pay be secure enough for Canadians?, article they were a lot smarter and formed a group to negotiate with Apple to ensure a unified front, an acceptable contract and guidelines for all the banks. Because it was a group negotiating with Apple, they were more able to push for the checks and balances in Apple Pay that the individual US banks were too scared to push for.

    • web99

      You are right. I agree with you that the US Banks need to get together and insist on Apple to put identity proofing solutions into their app to ensure that only the owner of the iPhone is able to add their card into the app. Losing $6 to $8 in fraud for every $100 in Apple Pay transactions is completely unacceptable. The problem is that they are so scared of Apple as mentioned in my other comment below.

Top