Apple Pay has become the most popular mobile payment platform across the U.S. and parts of Europe, but evidence from a security researcher shows that the platform isn’t as safe as Tim Cook thought it would be. It seems that even though Apple Pay brought so many banks (and the %15 Apple is getting from each Apple Pay purchase) on board the mobile payment platform by emphasizing that it is more secure than conventional payments, the company might have been mistaken. Apple hasn’t commented about this issue as of yet, but we will be back with more once an official statement is released.
Cherian Abraham, an expert in payments and mobile payments, has produced a blog post on the subject. The post resulted in a rather grim image of Apple Pay, but not just that. According to Cherian, any mobile payment platform you can think of is just as exposed to the same risk. Essentially, Cherian states in the interview that mobile payment platforms in their current form are not 100 % safe for the end user, as they make them more vulnerable to fraud.
Indeed, the expert in the field has brought to light a worrisome piece of news: mobile payments are less secure than run-of-the-mill card swiping. According to him, 6% of Apple Pay transactions are fraudulent. That number is actually 60 times higher than the percentage of plastic card transactions that are fraudulent (0.1 %). That sounds rather alarming, but the fault does not entirely lye with Apple Pay. Cherion said that Apple Pay users are exposed to attempts of fraud not when actually using the platform at a grocery store, but when actually registering their cards.
As you would with any other online or mobile payment platform, with Apple Pay, you need to register a credit card to your account. The data from the credit card will be stored on the NFC chip within your iPhone 6, iPhone 6 Plus or the upcoming Apple Watch. That data remains secure, but whilst you were registering that card to your account, the information could have easily become exposed to third-parties. That is because of poor authentication and registration methods, in part, but it is also banks’ faults, as their customer service operatives fail to conduct secure authentication protocols that don’t have you reciting all your digits to them on the phone.
But there’s little end users can do about it, which is the sad part. Banks need to rethink their registration strategies for Apple Pay, while Apple needs to implement a better card registration system within the platform itself. Even though the number of fraudulent occurrences isn’t too high, it still constitutes a number of existing individuals whose personal information has been stolen. According to Cherion, these fraud attempts are not done by individuals, but by organized groups, which doesn’t come as a surprise. If you know the ropes, you can easily climb them. Once you’ve got the hang of it, you will definitely swing it. Or something like that, you get my drift. If these Apple Pay frauds are truly as widespread and committed by organizations, we might be faced with a serious problem here.