“When Apple was planning its Apple Pay electronic payment system last summer for its iPhones, the nation’s banks raced to be included among the first credit card issuers associated with the new technology,” Andrew Ross Sorkin reports for The New York Times.
“Six months later, some of the nation’s banks are privately complaining that Apple Pay may not be so great after all. But the banks may largely have themselves to blame,” Sorkin reports. “Apple Pay itself should, in theory, cut down on fraud because it makes stealing credit card information almost impossible. Each time a transaction takes place, Apple generates the equivalent of a new credit card number so the merchant never actually sees a customer’s information.”
“The banks, desperate to become their customers’ default card on Apple Pay — most add only one to their iPhones — did little to build their own defenses or to push Apple to provide more detailed information about its customers. Some bank executives acknowledged that they were were so scared of Apple that they didn’t speak up. The banks didn’t press the company for fear that they would not be included among the initial issuers on Apple Pay,” Sorkin reports. “It also appears that banks set up a flawed process to deal with the credit cards that it did flag. Affected users were directed to a customer care phone center, not a fraud prevention center. A customer care center’s mission is to help customers use their cards, leading more fraudulent cards to be approved for use on Apple Pay.”
Read more in the full article here.
MacDailyNews Take: Again, Apple Pay is secure, it’s the initial verification process that the banks need to tighten up.
[Thanks to MacDailyNews Reader “Mark” for the heads up.]
Related articles:
Banks respond to fraud, toughen up Apple Pay credit card verification – March 7, 2015
Banks, retailers ‘stung’ by fraud, Apple Pay still perfectly secure – March 6, 2015
This is all on the banks. They need to own it fair & square and step up their verification game, or no payment system will be secure. You’re only as good as your weakest link and right now it ain’t Apple Pay.
All parties share the burden. Apple had the proper plan first, so they should have been more comprehensive. Banks had the credit cards first and have had 30 years to fix the problem.
The “problem” with credit card hackers is only a very recent relative phenom and the ability of these hackers to cleverly up their game unending.
Apple does take a hit indirectly even though they are not the problem. The banks are responsible for what THEY are responsible for and must act accordingly instead of seeming lackadaisical late-to-the-party concern.
I am sure Tim Cook has told these bank CEO’s in no uncertain terms how much they both have to lose if the banks don’t get their verification shit together.
There are plenty of more stringent ways to verify identity.
As for what Tim Cook said, I have doubts as to his clarity / forcefulness of message. Maybe Apple will issue a new statement on this or leaks will come out.
I certainly hope Tim Cook clarifies their position on this yes. Apple Pay technology is not to blame. But again unless Apple buys the banks it can’t do much but advise, albeit loudly.
I find that an odd statistic that people tend to only add one card. If you had multiple cards before there must have been a reason for it, if you have the opportunity to use those same cards on Apple Pay why would you still only use one? Aside from the convenience of Apple Pay itself, choosing which card to use in which instance is surely no harder? Personally I have multiple cards because I have one that gives me cashback on fuel, whilst another gives cashback on other purchases. It would be interesting to see if people think you can only add one card to it.
Apple pay isn’t available here in the UK yet, but I had been wondering how it works when you regularly use multiple cards.
I use one card for business expenses, a second card for personal items and a third card when I’m travelling abroad. The first two cards allow me to keep my accounts simpler, while the third card is shared with my wife and offers a more advantageous foreign exchange rate. How do users specify which particular card is to be used for a given transaction ?
When you hold your phone near the terminal, apple pay lights up on your screen showing you your default card in a big graphic across the top and your other cards as passbook-style tabs at the bottom of the screen. You just tap that card you want to use before scanning your fingerprint.
Passbook stores as many cards as you wish. Apple Pay stores one card as the default; you open Passbook and tap on the one you want to use if it’s not the default card.
@alanaudio: When you hold your phone up to a terminal to use ApplePay your screen shows a stylized card with no numbers for each card you have entered into Apple Pay. You touch the one you want to use for payment then touch the home button to authenticate with your finger print.
I can understand being scared of the government, but Apple? Really!? Got my daily dose of laughter on that one.
Let’s review:
One month before Apple Pay became active, the banks agreed to take responsibility for verifying the identity of users. This opened up three problems:
1) Few of the banks had an adequate clue about HOW to verify a user as real, as opposed to bogus.
2) Even with an adequate system for user verification, one month was too brief a time to roll it out to all the bank branches.
3) As with stupid Target Corporation, cutting corners and ignoring security alarms and protocols is commonly default corporate behavior. Oops, another $million blow out. 🙄