byNomli Ushbu maqola “Apple Pay: scammers uchun yangi chegara” Charlz Artur tomonidan yozilgan, Dushanba 2 mart kuni uchun 2015 08.00 UTC

ko'pincha Apple do'konlardan - - AQShda jinoyatchilar yuqori qiymati tovar sotib olish uchun yangi Apple Pay mobil to'lov tizimi foydalanayotgan o'g'irlangan kamol va kredit karta batafsil bilan.

Banklar firibgarlik darajasi ajablanib tomonidan qo'lga olindi qilingan, va Guardian ba'zi nazorat oqar muammoni oldini olish uchun o'rniga qo'yish, deb yaxshi tekshirish ta'minlash uchun aralashtirish va tizimlari tekshirish, deb tushunadi, atrofida ikki million amerikaliklar allaqachon tizimini qo'llash bilan.

Qalloblar Apple to'lash ning barmoq-faollashtirilgan simsiz to'lov mexanizmi atrofida ishonchli shifrlash singan yo'q. o'rniga, Ular o'g'irlangan shaxsiy ma'lumotlar bilan yangi iPhone tashkil etish etiladi, va keyin "rizq" telefonda jabrlanuvchining karta tovarlarni sotib olish uchun foydalanish uchun banklar qo'ng'iroq.

Ular har ikki Apple to'la qabul va yuqori qiymati mahsulot taklif chunki o'g'irlangan identifikatorlari bilan jinoyatchilar xususan Apple do'konlar maqsadli bo'lishi tushuniladi, keyin naqd uchun sotilishi mumkin bo'lgan.

haqiqiy egasi uni ishlatishdan bo'lsa ayrim u faqat nima kerak - A kredit yoki debit karta faqat karta batafsil shifrlangan versiyasi ustidan berish bank nurlar telefonda saqlash uchun qachon to'lov Apple qo'shilgan bo'lishi mumkin.

Ammo, o'g'irlangan kimligini yordamida firibgarlik kutilganidan ham yuqori bo'lishi uchun tushuniladi, umumiy yo'qotishlar allaqachon millionlab ichiga ishlagan, Tarmoq manbalarining ma'lumotlariga ko'ra. Bu AQShdagi smartfon asoslangan chakana to'lovlar uchun qariyb $ 5bn bir kutilgan qiymati bu yil bilan solishtirsa.

Olmalar xizmati uchun qo'llab-quvvatlash sahifalar deydi: Agar Apple Pay uchun kredit yoki debit kartasini qo'shganingizda "... Apple shifrlangan ma'lumotlarni yuboradi, iTunes hisob faoliyati va qurilma haqida boshqa ma'lumotlar bilan birga (qurilmangiz nomi sifatida, uning joriy jild, yoki iTunes ichidagi bitimlar uzoq tarixga ega bo'lsa) Sizning bankka. bu ma'lumotlarni foydalanish, Sizning bank Apple Pay uchun kartani qo'shib tasdiqlash yoki yo'qligini aniqlaydi. "

AQSh banklari ular bunday ma'lumotlar yuz to'g'ri tasdiqlash kartalari uchun "yashil yo'l" dan foydalanayotgan, va kartalari uchun bir "sariq path" yana tekshirishlarini talab. But some banks have made the task too simple by asking callers to verify their identity with the last four digits of their social security number (SSN).

Though meant to be secret, SSNs are commonly stolen in identity theft, and on average 11.5 million Americans are victims of identity fraud annually, according to US data, with the average incident costing $4,930. Yilda 2013 total losses from ID fraud in the US totalled $24.7bn. Nearly two-thirds of cases involve credit card details.

“At this point, every issuer [bank] in Apple Pay has seen significant ongoing provisioning fraud via customer account takeover,” said Cherian Abraham, a mobile-payments specialist who is a consultant to US finance groups, on his blog.

He said organised gangs are behind the scams: “In some cases, fraudsters are calling the [bank’s] call centre themselves to ‘alert them to a trip out of town’ so that fraud rules looking for transaction anomalies (such as a customer living in California and transacting in Miami) do not trip up [sifatida] fraudulent transactions.”

Apple Pay, introduced in October 2014 and only available on the iPhone 6 va 6 Plus phones released last year, lets users pay by holding their phone near an NFC-equipped payment terminal and then confirm their identity with the iPhone’s built-in fingerprint reader.

On Wednesday, JP Morgan Chase said on an investor call that more than one million customers had added debit and credit cards to Apple’s service, while Bank of America has previously said 800,000 people had added 1.1m cards by the end of 2014 – almost certainly making it the predominant mobile payment method in the US, displacing Google Wallet, qaysi yilda boshlangan 2011. Despite being available first, Wallet has had very low transaction volumes due to the lack of NFC terminals and a more complex interface, retail experts say. Google has not provided any data on how many users it has for Google Wallet.

A spokesman for Apple reiterated that the secure mechanism for paying with card details stored on the phone had not been breached.

“Apple Pay is designed to be extremely secure and protect a user’s personal information,” the spokesman said. “During setup Apple Pay requires banks to verify each and every card and the bank then determines and approves whether a card can be added to Apple Pay. Banks are always reviewing and improving their approval process, which varies by bank.”

None of the US banks that offer Apple Pay contacted by the Guardian would discuss levels of fraud.

But it is understood that US banks are seeking more robust methods to verify peoples’ identities before adding cards to the service. Abraham warns: “Fraud scales – call centres don’t. There has to be an automated process that is invisible but secure. In hindsight the only thing Apple could have done better was to anticipate the problem, made it mandatory [to call] and helped build a better ‘yellow path’.”

Tim Sloane, vice president of payments innovation at the Massachusetts-based financial consultancy Mercator Group, dedi: “These are probably just some teething problems. If the banks can nail down the authentication, they should see less fraud on Apple Pay,” and added: “Battle plans always look great until you meet the enemy.”

Dave Birch, a UK-based mobile payments expert, Guardian edi: “in the UK there probably won’t be a ‘green path’” – meaning that people would have to call their bank to add any card to Apple Pay once it is introduced here.

The US lags behind much of the world in its adoption of secure retail payment systems and mobile payments. “Chip and Pin” systems, used throughout Europe for years, will only become compulsory in the US later this year. As retailers replace old magnetic stripe systems, which were vulnerable to widespread fraud, with new ones, they are also adding NFC capabilities, already used in the UK for Oyster cards and in many shops.

Abraham says: “Fraud in Apple Pay… came as a surprise to all”, adding that too much trust had been put in the on-device security: “The soft underbelly proved to be [The] provisioning of cards”. © Guardian Yangiliklar & Media Limited 2010

Orqali chop etildi Guardian Yangiliklar Feed plagin WordPress uchun.

24991 0