“In December, the Department of Justice quietly announced the four-year sentence of a 23-year-old Miami resident who the government claimed was involved in a gang that loaded stolen Capital One credit cards onto their iPhones,” Thomas Brewster writes for Forbes. “Between 2015 and 2016, they spent more than $1.5 million on fraudulent purchases via Apple Pay.”
“More recently, according to a criminal complaint unearthed by Forbes, the U.S. government alleged that a group of 30-year-old friends loaded Apple Pay accounts and other digital wallets with stolen JPMorgan credit cards purchased from dark Web trading sites,” Brewster writes. “They then made $600,000 in fraudulent purposes, splurging on a range of expensive gadgets—from a Rolex watch costing $35,000 to MacBook Pros and iPhones costing thousands of dollars—in stores in Washington State, according to the government. They then resold their purchases, the complaint noted.”
“Apple isn’t the one at fault. Experts have previously warned that banks should be taking more responsibility to prevent such criminality. In 2016, researchers from the anti-fraud company PinDrop warned that crooks could benefit from Apple Pay by adding stolen credit cards from so-called “carding” sites where such information is sold for as little as $2 per card. As PinDrop warned, the issue lay not with Apple but with the level of verification happening at the banks,” Brewster writes. “The arrival of Apple Card could well help stymie th[is] particular kind of fraud… Crucially, there’s no card number, CVV security code, expiration date or signature to steal with Apple Card”
Read more in the full article here.
MacDailyNews Take: Apple Card is going to save everyone a lot of frustration, time, and money. It’s even going to generate money for users and for Apple alike!
The biggest news of Apple’s “It’s Show Time” event, by far, was Apple Card.
What was our very first reaction to the physical Apple Card?
“Yes, we want that physical card. We’ll use the digital card via our Apple Watches whenever possible, of course (more cash back), but we want that titanium, laser-etched card!” – MacDailyNews, March 25, 2019<
Hundreds of millions of Apple users will have or have already had the same reaction. Apple is about to generate huge profits out of thin air.
Apple just revolutionized another industry with Apple Card. — MacDailyNews, March 26, 2019
SEE ALSO:
Apple just revolutionized another industry with Apple Card – March 26, 2019
Introducing Apple Card, a new kind of credit card created by Apple – March 25, 2019
Brewster says, “Crucially, there’s no card number, CVV security code, expiration date or signature to steal with Apple Card.” But my understanding is that Apple Card has those, just like every other credit card. The numbers just aren’t imprinted on the card. You have to use an iOS app to find the numbers.
Yes, but presumably that makes it much harder to steal those numbers. When the waiter takes your card in a restaurant they can’t go in the back and make a copy.
I doubt that. I believe most credit card fraud comes from online purchases and phone orders, so Apple Card will have negligible effect on credit card fraud. So really the advantages of Apple Card are (1) no annual fee, and (2) a pretty titanium card unsullied by numbers.
So they still your card, and then try to use it online. How’s that going to work without an account number?
Again, having your card stolen is a small problem compared to account information theft from online purchases and phone orders.
Not to mention i’m pretty sure it offers up a one time code just like regular apple pay, so if they manage to make a purchase, it will only be once.
Most card numbers stolen in restaurant/gas pump instances use card readers so as long as that data exists on the magnetic strip I doubt not having it printed on the card makes any difference.
As consumers (Millennials) start shopping at places that give them 2%, smart gas stations will implement tap-to-pay… which is MUCH harder to spoof. Only in the US do they stubbornly hold on to mag-stripes. In Canada… terminals will not accept the mag-strip if the card has a chip. Same as in Europe.
The same is true at least in Hawaii. If the card has a chip and you swipe, the POS terminal will instruct you to insert the card instead. Tap to pay is not unique to smartphone wallets these days. The Captial One Quicksilver card allows me to tap to pay also w/o any worry of keeping any battery charged. Those used to credit cards may simply continue into the future using plastic credit cards that may eventually lose the magnetic strip.
Do we know for certain what data is stored in the chip?
No we don’t. But that won’t stop some people fantasizing and then being negative about their fantasy.
It’s not completely unknown. Just google “what data is stored on a credit card chip” and you’ll find this kind of information.
The EMV chip contain many details like Application Identifier, application files that contain cardholder details, mainly the certificate from the issuer (Bank), network authority (MasterCard, VISA), and an ICC certificate, which is unique to every card. The data is encoded in BER-TLV format. The chip is capable of producing a random unpredictable number that is used for only one transaction at for a limited time. And the chip can compute the dynamic signature certificate for every transaction.
Basically it’s an encrypted version of everything that used to be stored on a magnetic strip, plus some more capabilities.
So yes, the chip contains your credit card number, name, and so on. It couldn’t be otherwise, because it will still work in a standard credit card chip reader at your grocery store.
It isn’t so much Apple Card coming to the rescue, as it’s banks doing proper validation when a card is added to Apple Pay. Midway though the article, the author flatly states that this issue isn’t Apple’s fault. The thieves loaded stolen cards into Apple Pay, and the banks didn’t perform proper validation.
I imagine initial setup of an Apple Card will require validation through iCloud, but if the banks in question performed something as weak as two factor authentication via text message, this wouldn’t be happening.
I don’t use Apple Pay (neither does anyone else, from what I can tell), and no power on this earth will make me sign up for an Apple Card. Thanks, but no thanks, Tim.
Do you understand you’re at LESS risk of fraud when you use Apple Pay, because the merchant doesn’t get your real card number? They get an alias number, that only your bank can translate into your real number and you?
So go ahead at put yourself at more risk of fraud being stubborn
Pout. Can’t make me be sensible. Stomp foot. Pout.
James, what the heck are you doing on this site? You clearly do not understand or appreciate Apple’s focus on security and data privacy. Why would you own Apple products?
What a bunch of crap.
The biggest feature is the “Cash Back” — younger people will be all over that . . . I know the “sophisticated” people here, who have access to 5% back cards, and travel miles, think that Apple’s 2% is not a good deal — but when you are running a consumer-oriented business, you are not always dealing with the smartest or most privileged people . . . Apple will find a way to generate billions of dollars from this card.
I guess with the Apple Card they’re not aiming for the ‘premium’ crowd.