Powered by Guardian.co.ukMakala hii yenye jina “Apple Pay: frontier mpya kwa scammers” iliandikwa na Charles Arthur, kwa theguardian.com Jumatatu Machi 2 2015 08.00 UTC

Wahalifu katika Marekani ni kutumia mpya Apple Pay mkononi mfumo wa malipo ya kununua bidhaa za thamani ya juu - mara nyingi kutoka Apple Stores - na utambulisho kuibiwa na mikopo maelezo kadi.

Benki wamekuwa hawakupata kwa mshangao na kiwango cha udanganyifu, na Guardian anaelewa kuwa baadhi ni scrambling kuhakikisha kwamba uhakiki bora na kuangalia mifumo ni kuweka katika nafasi ya kuzuia tatizo mbio nje ya kudhibiti, na karibu milioni mbili Wamarekani tayari kutumia mfumo.

crooks si kuvunjwa encryption salama karibu fingerprint-ulioamilishwa wireless utaratibu malipo Apple Pay ya. badala, wao ni kuanzisha iphone mpya na habari kuibiwa binafsi, na kisha wito benki na "utoaji" mhasiriwa kadi kwenye simu kuitumia kununua bidhaa.

Wahalifu na vitambulisho kuibiwa ni kueleweka kuwa walengwa Apple Stores hasa kwa sababu wote wawili kukubali Apple Pay na kutoa vitu thamani ya juu, ambayo yanaweza kuuzwa katika kwa ajili ya fedha.

mikopo au debit kadi inaweza tu kuongezwa kwa Apple Pay wakati benki yake ya kutoa mihimili juu ya toleo encrypted wa maelezo kadi kuhifadhi kwenye simu - ambayo ni lazima tu kufanya wakati fulani mmiliki halisi ni kutumia.

Hata hivyo, udanganyifu kwa kutumia vitambulisho kuibiwa inaeleweka kuwa mbali zaidi kuliko ilivyotarajiwa, na hasara ya jumla tayari mbio katika mamilioni, kwa mujibu wa vyanzo sekta. Hii inalinganishwa na thamani inatarajiwa ya juu $ 5bn kwa ajili ya malipo smartphone makao rejareja katika Marekani mwaka huu.

Apple kurasa msaada kwa ajili ya huduma anasema: "Wakati kuongeza mikopo au debit kadi kwa Apple Pay ... Apple zituma data encrypted, pamoja na taarifa nyingine kuhusu iTunes akaunti shughuli yako na kifaa (kama vile jina la kifaa yako, eneo lake la sasa, au kama una historia ya muda mrefu ya mashirikiano ndani ya iTunes) benki yako. Kutumia habari hii, benki yako kuamua kama kupitisha kuongeza kadi yako ya Apple Pay. "

benki ya Marekani ni kutumia "kijani njia" kwa kadi wao kupitisha moja kwa moja juu ya takwimu hizo, na "njano njia" kwa kadi wanaohitaji hundi zaidi. Lakini baadhi ya benki kuwa alifanya kazi pia rahisi kwa kuuliza wapiga ili kuthibitisha utambulisho wao na tarakimu minne iliyopita ya idadi yao ya usalama ya kijamii (SSN).

Ingawa maana ya kuwa siri, SSNs ni kawaida kuibiwa katika wizi wa utambulisho, na kwa wastani 11.5 milioni Wamarekani ni waathirika wa udanganyifu utambulisho mwaka, kulingana na takwimu Marekani, na tukio hilo wastani kugharimu $4,930. Katika 2013 jumla hasara kutokana na udanganyifu ID nchini Marekani ilifikia $ 24.7bn. Karibu theluthi mbili ya kesi kuhusisha mikopo maelezo kadi.

"Katika hatua hii, kila issuer [benki] katika Apple Pay ameona muhimu unaoendelea utoaji udanganyifu kupitia akaunti ya mteja takeover,"Alisema Cherian Abraham, simu-malipo mtaalamu ambaye ni mshauri wa makundi ya fedha ya Marekani, juu ya blog yake.

Alisema magenge ya watu nyuma ya scams: "Katika baadhi ya matukio, wadanganyifu ni wito [benki hiyo] kuwaita kituo cha wenyewe kwa 'macho yao kwa safari nje ya mji' ili udanganyifu sheria kuangalia kwa ajili ya manunuzi anomalies (kama vile maisha ya wateja katika California na shughuli zake katika Miami) hawana safari hadi [kama] ulaghai shughuli. "

Apple Pay, ilianzisha katika Oktoba 2014 na inapatikana tu kwenye iPhone 6 na 6 Plus simu iliyotolewa mwaka jana, lets watumiaji kulipa kwa kufanya simu zao karibu NFC vifaa vya kutosha malipo ya wastaafu na kisha kuthibitisha utambulisho wao na kujengwa katika msomaji iPhone ya fingerprint.

Jumatano, JP Morgan Chase alisema mwekezaji wito kwamba zaidi ya milioni moja wateja walikuwa aliongeza debit na kadi za mkopo kwa huduma Apple, wakati Benki Kuu ya Marekani ina awali alisema 800,000 Watu walikuwa aliongeza kadi 1.1m ifikapo mwishoni mwa 2014 – almost certainly making it the predominant mobile payment method in the US, displacing Google Wallet, ambayo ilizinduliwa mwaka 2011. Despite being available first, Wallet has had very low transaction volumes due to the lack of NFC terminals and a more complex interface, retail experts say. Google has not provided any data on how many users it has for Google Wallet.

A spokesman for Apple reiterated that the secure mechanism for paying with card details stored on the phone had not been breached.

“Apple Pay is designed to be extremely secure and protect a user’s personal information,” the spokesman said. “During setup Apple Pay requires banks to verify each and every card and the bank then determines and approves whether a card can be added to Apple Pay. Banks are always reviewing and improving their approval process, which varies by bank.”

None of the US banks that offer Apple Pay contacted by the Guardian would discuss levels of fraud.

But it is understood that US banks are seeking more robust methods to verify peoples’ identities before adding cards to the service. Abraham warns: “Fraud scales – call centres don’t. There has to be an automated process that is invisible but secure. In hindsight the only thing Apple could have done better was to anticipate the problem, made it mandatory [to call] and helped build a better ‘yellow path’.”

Tim Sloane, vice president of payments innovation at the Massachusetts-based financial consultancy Mercator Group, alisema: “These are probably just some teething problems. If the banks can nail down the authentication, they should see less fraud on Apple Pay,” and added: “Battle plans always look great until you meet the enemy.”

Dave Birch, a UK-based mobile payments expert, aliiambia Guardian: “in the UK there probably won’t be a ‘green path’” – meaning that people would have to call their bank to add any card to Apple Pay once it is introduced here.

The US lags behind much of the world in its adoption of secure retail payment systems and mobile payments. “Chip and Pin” systems, used throughout Europe for years, will only become compulsory in the US later this year. As retailers replace old magnetic stripe systems, which were vulnerable to widespread fraud, with new ones, they are also adding NFC capabilities, already used in the UK for Oyster cards and in many shops.

Abraham says: “Fraud in Apple Pay… came as a surprise to all”, adding that too much trust had been put in the on-device security: “The soft underbelly proved to be [akaonekana] provisioning of cards”.

guardian.co.uk © Guardian Habari & Media Limited 2010

Kuchapishwa kupitia Guardian News Feed Plugin kwa WordPress.

24843 0