A mobile payment system is only as secure as its weakest link... and in the case of Apple Pay, it's the banks' ability to verify who you are. The Guardian has learned that thieves are setting up iPhones with stolen IDs and taking advantage of lackadaisical identity checks (often just a part of the social security number) to provision victims' cards for Apple Pay. After that, it's open season -- crooks just have to claim that the legitimate card owner is on a trip to go on a shopping spree.Apple Pay itself is still airtight at last check, so you shouldn't have to worry about surprise purchases as long as you're still in control of your ID. However, the exploits (which have reportedly led to "millions" in losses) suggest that banks should have a tougher verification standard for mobile payment platforms like this, including future systems like Android Pay. Otherwise, the same tech that saves you from pulling out your wallet will also make theft that much easier.
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission. All prices are correct at the time of publishing.
View All Comments
Fraudsters take advantage of banks' weak Apple Pay identity checks