Fraud is a rampant problem in the credit card industry, and while technology like Apple Pay was supposed to improve the security of our finances, it turns out that it’s only as secure as the people that back it.
A report in The Guardian says that Apple Pay, the new payment system that works on the company’s iPhone 6 and 6 Plus, has proved to be surprisingly susceptible to fraud. However, it’s not the technology itself that’s being compromised. Rather than targeting the security of transactions, thieves are instead convincing banks to let them use other people’s cards on their phones.
Adding a card for use in Apple Pay requires a bank’s approval. However, many banks have been falling down on the job by requiring little personal information in order to verify the identity of the requester. For example, some banks are asking only for the last four digits of a social security number, which is relatively easy for thieves to acquire.
Banks and credit card companies can choose to require more information before approving a card for use on Apple Pay. But currently, many don’t, probably presuming that it will help with adoption of the new technology. Unfortunately, that’s proving to be a boon for fraudsters as well.
Apple Pay is not likely to be alone in these problems. Samsung recently purchased payment company LoopPay to power its new Samsung Pay service, and Google has announced it’s working on its own Android Pay platform. All of these will probably require some interaction with banks to be useful, so it’s time for the banks to catch up and start requiring more stringent security checks.
Apple, for its part, told The Guardian that those institutions are “always reviewing and improving their approval process.” No surprise, there: It’s in banks’ own interests, as they’re the ones who are going to get hit with the resulting fraudulent charges. Once those changes are made, all of our finances stand to get a lot more secure.