Is Apple Pay Safe? Fraudulent Activities Raise Questions

What's Hot

Do This or Your iPhone Bill May SkyrocketSave

23 Upgrades Under $50 to Make Your House Look AwesomeAround The House

Trump Worth $10 Billion Less Than If He’d Simply Invested in Index FundsBusiness

11 Places in the World Where You Can Afford to Retire in StyleMore

What You Need to Know for 2017 Obamacare EnrollmentFamily

8 Things Rich People Buy That Make Them Look DumbAround The House

32 of the Highest-Paid American SpeakersMake

Amazon Prime No Longer Pledges Free 2-Day Shipping on All ItemsMore

More Caffeine Means Less Dementia for WomenFamily

9 Tips to Ensure You’ll Have Enough to RetireFamily

30 Awesome Things to Do in RetirementCollege

5 Spots Where Retirees Can Live for Less Than $40,000Real Estate

10 Ways to Reduce Your Homeowner’s Insurance RatesFamily

10 Ways to Pull Together the Down Payment for a HomeCredit & Debt

Chew on This: The Story Behind Your Hershey’s Halloween TreatsBusiness

The actual Apple Pay system hasn't been hacked by scammers. We'll explain how the recent reported fraud is occurring.

Although scammers have used Apple Pay for fraudulent activities, the actual Apple Pay platform and its encryption haven’t been breached.

It appears that hackers have used Apple’s mobile payment system to make purchases with stolen credit card data, some of which came from data breaches at Target and Home Depot. The Wall Street Journal explains:

The Apple Pay system itself hasn’t been penetrated by hackers. Rather, fraudsters are entering stolen card data into phones, which can then be used to make purchases without a physical card being present.

So the fraud is more a result of identity theft than a typical cyber hack. Still, it reveals that Apple Pay may have some issues to iron out. For instance, the apparent weak link in this fraudulent activity is the bank verification process. CNBC said:

“Both sides play a role because Apple could have done more,” said Samuel Bucholtz, co-founder of Casaba Security. “But where the fraud is really coming from is the bank’s verification of those cards. It’s not a compromise of any Apple security system that Apple has put in place.”

Apple’s support page explains that after a credit or debit card is input into Apple Pay, it’s encrypted and sent to the user’s bank, along with information about iTunes account activity, the device it’s on and its current location. Then the bank must decide whether it approves adding the card to Apple Pay.

CNBC said:

The bank may request additional information to prove the card belongs to the user, but often the information that is asked for is easy for criminals to obtain online. Also, bankers may not require any additional information because they want the process to be as painless as possible, experts said.

Bucholtz has suggested that the bank issue a new PIN to register a new card. “This could be a PIN the bank mails to the user or one they have to log into their bank account to access for a one-time registration,” CNBC said.

“Our member banks are reacting as quickly as possible to ensure their verification processes are adequate to thwart this new kind of fraud,” David Pommerehn, vice president and senior counsel at the Consumer Bankers Association, which represents lenders that issue credit and debit cards, told the WSJ.

Do you use Apple Pay? Does this fraudulent activity make you nervous? Share your comments below or on our Facebook page.

Stacy Johnson

It's not the usual blah, blah, blah

I know... every site you visit wants you to subscribe to their newsletter. But our news and advice is actually worth reading! For 25 years, I've been making people richer without making their eyes glaze over. You'll be glad you did. I guarantee it!


Read Next: ‘Nips and Tucks’ to Get Your Tablet Computer Running Like New

Check Out Our Hottest Deals!

We're always adding new deals and coupons that'll save you big bucks. See the deals to the right and hundreds more in our Deals section.

Click here to explore 1,729 more deals!