W3C home > Mailing lists > Public > public-webpayments-ig@w3.org > March 2015

Re: Fraud will find a way

From: Adler, Patrick <patrick.adler@chi.frb.org>
Date: Wed, 4 Mar 2015 05:19:58 +0000
To: Manu Sporny <msporny@digitalbazaar.com>, Web Payments IG <public-webpayments-ig@w3.org>
Message-ID: <E1YT1jQ-0002k7-It@maggie.w3.org>
There's also an interesting replay attack that is circulating at the
moment via the SpotMe app which is an android app that captures NFC tokens
used via any NFC wallet (read Apple or Android) due to a flaw in legacy
payment terminals that allows the tokens to be stolen and used a later
time.  See more here if interestedŠ
http://www.nfcworld.com/technology/replay-attack/


On 3/3/15 6:40 PM, "Manu Sporny" <msporny@digitalbazaar.com> wrote:

>Fraud Comes to Apple Pay
>http://blogs.wsj.com/digits/2015/03/03/fraud-comes-to-apple-pay/
>
>"""
>Abraham said itıs not ³an anomaly² to see fraud accounting for about 6%
>of Apple Pay transactions, compared to about 0.1% of transactions using
>a plastic card to swipe. He noted that fraud rates vary by issuing bank.
>...
>the weakness identified by Abraham occurs at an earlier stage, when a
>user is adding a credit card to Apple Pay.
>...
>Card issuers have been eager to join Apple Pay, and itıs possible that
>some didnıt provide enough training to customer-service representatives
>who handle authentication questions
>"""
>
>-- manu
>
>-- 
>Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny)
>Founder/CEO - Digital Bazaar, Inc.
>blog: The Marathonic Dawn of Web Payments
>http://manu.sporny.org/2014/dawn-of-web-payments/
>



This e-mail message, including attachments, is for the sole use of the intended recipient(s) and may contain confidential or proprietary information.  If you are not the intended recipient, immediately contact the sender by reply e-mail and destroy all copies of the original message.
Received on Wednesday, 4 March 2015 05:20:30 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:08:33 UTC