Apple Pay, touted to be a more secure and easier way to pay for things in stores, has attracted a new wave of credit card fraud. With stolen identities and credit card details, scammers are using the mobile payment system to purchase expensive items, according to a report from the Guardian.
To be clear, the encryption protecting Apple Pay’s fingerprint system hasn’t been broken. Instead, scammers and thieves are adding stolen credit card information to new iPhones and calling banks to approve the card to work with the mobile payment system. Once set up, the scammers will often make pricey purchases at Apple Stores and then resell the goods for cash.
When a credit card is added to Apple Pay, Apple sends that data, along with device and iTunes account information to a user’s bank. The bank then decides whether or not to approve the card’s use with the mobile payment.
But that’s where the problem comes in: each bank has its respective procedures for determining whether or not to approve a card’s use. Some will approve the card right away, while others use secondary security checks, such as sending a code to an account’s registered email address. Others have less secure methods, such as asking callers to verify the last four digits of their social security number.
Credit card fraud has continued to be a problem in the United States due to the slow adoption of secure retail payment cards and systems. But the country is making some progress. Retailers in the U.S. are scrambling to meet an October deadline for the installation of new “chip” EMV-compatible credit card terminals, many of which will also support near-field communication (NFC) technology, used by Apple Pay and other mobile payment services.