Banks Need to Increase Security Measures in Apple Pay, Experts Say

by Edward O'Brien 0

High incidences of fraud with Apple’s mobile paymentapp may require banks to adapt their security measures in new ways, accordingto experts.

A report in the Wall Street Journal on Mondaysaid that banks were seeing a growing incidence of fraud with the Apple Payapp, and quoted mobile payment expert Cherian Abraham as saying that paymentfraud was “growing like a weed.”

But to pin theproblem on Apple Pay is to misunderstand the system, according to JohnPironti, a risk and security advisor at ISACA and president of the securityfirm IP Architects. In fact, Pironti told VICE News that Apple’ssecurity protections are some of the best in the business.

“TheApple Pay model is based on really good practice of layered approaches,limiting where card data can be present in the device, encrypting thingsappropriately, doing everything we could reasonably ask someone to do in acommercial payment system. Apple is doing it,” Pironti said. “Thatdoesn’t mean we haven’t got creative guys thinking about ways to takeadvantage, to leverage the device, the network it’s traveling over, orinterfaces with banks.”

The real problem, he said, is that the banks that anchorthe transactions aren’t secure enough. When users first enter credit card datainto the Apple Pay system, banks should makemultiple verification steps to make sure that the person entering thedata is the card owner and phone owner.

With financialinstitutions looking for ways to expand their product offerings to includevarious forms of payments, they will need to be vigilant about potentialthreats in the marketplace. Thesethreats go beyond mobile banking and will likely include such areas as P2Ppayments and mobile wallets. FIs andsoftware, hardware, and other solutions providers will have to ramp up theirfraud protection efforts even further than has been the case to date, asfraudsters become more brazen and creative.


Overview by Ed O’Brien, Director, Banking Channels for Mercator Advisory Group

Read full story at News Vice