There appear to be two immediate areas of security concern with Apple Pay’s new service.
Apple Pay uses NFC, Near Field Communication. While this is the industry’s chosen medium, it offers unscrupulous persons a way to access credit card numbers. A hacker could attach a small NFC chip near the checkout’s NFC which can access the phone’s information.
I’m thinking, in the future, there will be stories of NFC hackers walking around getting close to people’s phones in an effort to steal information. There may even be tales of skimming in our future. Skimming consists of placing a device close enough to the actual transaction device whereby duplicate information can be recorded. Once an NFC enabled phone is turned on, NFC capture devices getting near it can capture information, some data may be innocuous, some may be vital. I’m unaware how Apple phone’s actually protect their user’s credit card number.
Another area of security concern is the taking of pictures of credit cards to populate Apple Pay. The question is where will these pictures be kept? Will Apple destroy them? Not a chance, they are in the data accumulation business, not data destruction business, so hackers will be keenly aware that Apple keeps this information somewhere. I think any application that keeps access to money in a central location is a prime target of international hacking groups. Stay tuned.
Robert Lee is Managing Director of My Market Partners and Lead Strategist for Payyus, an optical scan mobile payment technology available for Merchants. He is available at rlee[at]mymarketpartners[dot]com