Petronella Blog Archive

Visit our New Blog

How Apple Pay Makes Fraud Easier

Blog Post

Apple Pay is being hyped quite a bit, and rightfully so because it makes paying for things with your credit cards even easier.  But there's a flip side to it: Apple Pay makes it easier for thieves to use stolen credit card information.

Currently, there are two classifications of stolen credit card info.  There are dumps and CVVs.  Dumps rely on information taken from brick and mortar stores, usually via malware installed on a store's point of sale software.  Data is taken from dumps and encoded onto fake credit cards for use in said brick and mortars.  They cost $10-30 at underground online bazaars.  CVVs are taken from online stores and generally used to make online purchases.  They are not as easy to use as dumps, so they go for $1-5.

Where Apple Pay comes into play is that it allows people to sign up online and ties into an iTunes account, which can be hacked about as easily as an other online account.  Hacked iTunes accounts can be bought for less than $10.  There was a chance to make Apple Pay even more secure by including things such as a device ID, but this hasn't been done.  As a result, it won't be terribly difficult or expensive for thieves to use Apple Pay accounts online or in stores.