Banks are scrambling to tighten security measures as Apple’s mobile payments service experiences a growing incidence of fraud. Criminals are lifting credit card numbers and stealing identities through Apple Pay by reportedly exploiting vulnerabilities in the verification process. Some banks may make it too easy for customers to authenticate numbers when adding cards. According to one expert, fraud may account for about 6 percent of Apple Pay transactions, compare to only 0.1 percent of credit card-swiping transactions.
Payment expert Cherian Abraham suggests that sophisticated crime gangs are carrying out the fraud and exploiting the Apple Pay vulnerability. An Apple spokeswoman defended the security of Apple Pay, adding that banks are also reviewing and improving their approval process.
The problem is that some banks call users when their personal and credit card information does not match the bank’s records. Some banks ask security questions like the last four digits of the credit card holder’s Social Security number, which would be easy to answer for a criminal with access to personal information.
Apple has employed several protections to ensure the security of its mobile payments system. The encrypted payment data is stored separately from the rest of the phone. Apple Pay also requires a fingerprint scan to verify the identity of the customer and retailers never get the credit card information. Apple is trying to balance making the system easy to set up, but that might be a factor in the system’s security compromises.
Other electronic payments services suffer from fraud as well. Apple Pay may be a particularly attractive target because it is now taking over the contactless payments business. Apple claims that “two out of every three dollars spent via contactless payments on Visa, MasterCard, or American Express happened on Apple Pay,” reports The Wall Street Journal.