• Home
  • Latest
  • Fortune 500
  • Finance
  • Tech
  • Leadership
  • Lifestyle
  • Rankings
  • Multimedia

Trendingnow

1

Top Iranian officials admitted to the supreme leader that the U.S. naval blockade was crushing the economy, report says, as Trump eyes reimposing it

2

U.S. Treasury has borrowed $155 billion every month of this fiscal year—and is now paying $24 billion a week in interest on its debts

3

Billionaire MacKenzie Scott just donated $20 million to support America’s youth mental health, as a fifth of teens struggle with suicidal thoughts

1

Top Iranian officials admitted to the supreme leader that the U.S. naval blockade was crushing the economy, report says, as Trump eyes reimposing it

2

U.S. Treasury has borrowed $155 billion every month of this fiscal year—and is now paying $24 billion a week in interest on its debts

3

Billionaire MacKenzie Scott just donated $20 million to support America’s youth mental health, as a fifth of teens struggle with suicidal thoughts
Tech

Here’s why fraudsters love Apple Pay

Robert Hackett
By
Robert Hackett
Robert Hackett
Down Arrow Button Icon
Robert Hackett
By
Robert Hackett
Robert Hackett
Down Arrow Button Icon
March 6, 2015, 11:29 AM ET
Courtesy of Apple
Add Fortune on Google for similar content.

Apple’s (AAPL) mobile payment system Apple Pay has been hit by a wave of fraudulent transactions by fraudsters using stolen credit card information from a series of big data breaches at retailers, according to The Wall Street Journal.

The transactions came from breaches at retail giants such as Home Depot (HD) and Target (TGT), the Journal said. These scammers are using stolen credit card information to create unauthorized Apple Pay accounts, and they’re using them, ironically, to make big purchases at Apple stores, reports The Guardian. They then resell the items for cash. (Apple did not respond to a request for comment.)

Although the identity swindlers have not, it seems, broken the security and strong encryption protecting Apple’s transaction technology, which has quickly become one of the most popular forms of mobile payment with more than two million Americans using it, they are taking advantage of weaknesses in the authentication schemes employed by participating banks. In other words, when checking to make sure a new Apple Pay registree is who she says she is, some banks are getting duped.

Here’s how it’s done. Typically, when a user begins to create an account — by snapping a picture of a card, or entering information by hand — that data is encrypted and sent to Apple’s servers “along with other information about your iTunes account activity and device (such as the name of your device, its current location, or if you have a long history of transactions within iTunes),” as Apple’s security and privacy overview states. That data, in turn, is decrypted, checked, re-encrypted and passed to banks to verify a cardholder’s identity. This is the so-called green path authentication protocol, and it seems to work fine.

The “yellow path” is where things get problematic. In this alternate process, some banks perform backup checks that have loopholes. For instance, they will ask a user to confirm his or her identity via e-mail, text message or phone call, and scammers have had an easier time circumventing some of these security measures. Sometimes, for example, a bank’s call center may ask for the last four digits of a user’s social security number — a popular target in identity theft schemes — and if they have the right information, potentially obtained in one of the many recent data breaches, or purchased in underground markets where such information is sold, the fraudster is set.
[fortune-brightcove videoid=4080084565001]

Since Apple Pay precludes the use of a physical card, scammers don’t have to bother forging a plastic copy with a magnetic stripe (or EMV chip, for that matter). According to the Guardian, banks have already lost millions in such ID fraud.

Apple, reached for comment by the newspaper, seems to be passing the blame on to its banking partners:

“Apple Pay is designed to be extremely secure and protect a user’s personal information,” a spokesman told the Guardian. “During setup Apple Pay requires banks to verify each and every card and the bank then determines and approves whether a card can be added to Apple Pay. Banks are always reviewing and improving their approval process, which varies by bank.”

About the Author
Robert Hackett
By Robert Hackett
Instagram iconLinkedIn iconTwitter icon
See full bioRight Arrow Button Icon
Add Fortune on Google for similar content.

Latest in Tech

Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025

Most Popular

Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Fortune Secondary Logo
Rankings
  • 100 Best Companies
  • Fortune 500
  • Global 500
  • Fortune 500 Europe
  • Most Powerful Women
  • World's Most Admired Companies
  • See All Rankings
  • Lists Calendar
Sections
  • Finance
  • Fortune Crypto
  • Features
  • Leadership
  • Health
  • Commentary
  • Success
  • Retail
  • Mpw
  • Tech
  • Lifestyle
  • CEO Initiative
  • Asia
  • Politics
  • Conferences
  • Europe
  • Newsletters
  • Personal Finance
  • Environment
  • Magazine
  • Education
Customer Support
  • Frequently Asked Questions
  • Customer Service Portal
  • Privacy Policy
  • Terms Of Use
  • Single Issues For Purchase
  • International Print
Commercial Services
  • Advertising
  • Fortune Brand Studio
  • Fortune Analytics
  • Fortune Conferences
  • Business Development
  • Group Subscriptions
About Us
  • About Us
  • Press Center
  • Work At Fortune
  • Terms And Conditions
  • Site Map
  • About Us
  • Press Center
  • Work At Fortune
  • Terms And Conditions
  • Site Map
  • Facebook icon
  • Twitter icon
  • LinkedIn icon
  • Instagram icon
  • Pinterest icon

Latest in Tech

OpenAI engineer’s ‘LOL’ moment set stage for legal fight with Apple
LawOpenAI
OpenAI engineer’s ‘LOL’ moment set stage for legal fight with Apple
By Mark Gurman and BloombergJuly 11, 2026
4 hours ago
Photo of Phoebe Gates
Startups & VentureEntrepreneurs
‘I have a chip on my shoulder.’ Phoebe Gates wants her $185 million AI startup Phia to succeed with ‘no ties to my privilege or my last name’
By Sydney LakeJuly 11, 2026
8 hours ago
usa
Commentary250 Years of Innovation
For 250 years, work defined American identity. That era Is ending
By Keith Ferrazzi and Wendy SmithJuly 11, 2026
9 hours ago
Meta added a privacy-safety feature to its AI glasses but is reportedly testing a ‘super-sensing’ prototype
Big TechMeta
Meta added a privacy-safety feature to its AI glasses but is reportedly testing a ‘super-sensing’ prototype
By Marco Quiroz-GutierrezJuly 11, 2026
9 hours ago
How SK Hynix just pulled off the second-largest U.S. share sale by quietly powering the AI boom
AsiaIPOs
How SK Hynix just pulled off the second-largest U.S. share sale by quietly powering the AI boom
By Nicholas GordonJuly 11, 2026
10 hours ago
Why the 2026 IPO boom is about to broaden beyond AI mega-deals
InvestingFinance
Why the 2026 IPO boom is about to broaden beyond AI mega-deals
By Sheryl EstradaJuly 11, 2026
11 hours ago

Most Popular

Top Iranian officials admitted to the supreme leader that the U.S. naval blockade was crushing the economy, report says, as Trump eyes reimposing it
Middle East
Top Iranian officials admitted to the supreme leader that the U.S. naval blockade was crushing the economy, report says, as Trump eyes reimposing it
By Jason MaJuly 10, 2026
1 day ago
U.S. Treasury has borrowed $155 billion every month of this fiscal year—and is now paying $24 billion a week in interest on its debts
Economy
U.S. Treasury has borrowed $155 billion every month of this fiscal year—and is now paying $24 billion a week in interest on its debts
By Eleanor PringleJuly 10, 2026
1 day ago
Billionaire MacKenzie Scott just donated $20 million to support America’s youth mental health, as a fifth of teens struggle with suicidal thoughts
Success
Billionaire MacKenzie Scott just donated $20 million to support America’s youth mental health, as a fifth of teens struggle with suicidal thoughts
By Emma BurleighJuly 9, 2026
2 days ago
Wyoming officials say Meta’s 715,000-square-foot data center is responsible for contaminating its water system with a rare bacterium
Environment
Wyoming officials say Meta’s 715,000-square-foot data center is responsible for contaminating its water system with a rare bacterium
By Sasha RogelbergJuly 10, 2026
1 day ago
Current price of oil as of July 10, 2026
Personal Finance
Current price of oil as of July 10, 2026
By Joseph HostetlerJuly 10, 2026
1 day ago
When Erling Haaland isn’t playing for Norway in the World Cup, he's investing in a chess championship and playing an animated Viking
Success
When Erling Haaland isn’t playing for Norway in the World Cup, he's investing in a chess championship and playing an animated Viking
By Emma BurleighJuly 10, 2026
1 day ago

© 2026 Fortune Media IP Limited. All Rights Reserved. Use of this site constitutes acceptance of our Terms of Use and Privacy Policy | CA Notice at Collection and Privacy Notice | Do Not Sell/Share My Personal Information
FORTUNE is a trademark of Fortune Media IP Limited, registered in the U.S. and other countries. FORTUNE may receive compensation for some links to products and services on this website. Offers may be subject to change without notice.