Monday, March 30, 2015 [Tweets] [Favorites]

Apple Pay Exposes Insecure Bank Policies

Rich Mogull:

This is a fascinating issue for two seemingly contradictory reasons. Apple Pay is one of the most secure payment methods in the United States, if not the most secure method, yet its very existence highlights massive weaknesses in the payment system. Let’s explore why and how some lesser known features of Apple Pay could dramatically reduce fraud, if more banks enabled them.

[…]

This is the exact opposite of most other countries where the cardholder is responsible for the fraud. Few other countries have guaranteed zero liability, although many banks do offer fraud protection as an enticement to use their cards. This is one of the main reasons most other countries use more advanced credit card security technologies, including card-based Chip and PIN systems and mobile payments. Meanwhile, the United States continues to rely on simple magnetic-stripe signature cards, which are incredibly easy to counterfeit. When consumers carry greater liability, security becomes an essential selling point.

[…]

The weak link, it turns out, is the process of registering your card with Apple Pay (“onboarding” in industry terms). Apple built a framework, not a new payment system, and Apple only mediates the connection between your iPhone and your bank. Your bank is supposed to validate that you are who you say you are, based on the Apple Pay registration process.

Comments

Stay up-to-date by subscribing to the Comments RSS Feed for this post.

Leave a Comment