Apple has been touting its Apple Pay app as a secure, convenient alternative to other payment systems. It has been adopted by a number of major retailers and card issuers, but David Dewey, research director at Pindrop Labs, ran several experiments on the system’s card enrollment and authentication flow and found some serious problems. Using social engineering and other techniques, Dewey was able to enroll other people’s cards in his Apple Pay account and use them as if they were his own. In this episode of the podcast, Dennis Fisher talks with Dewey about the research, how the card issuers have addressed the problems he found, and what can be done to further secure mobile payment systems.
Music by Chris Gonsalves and Ken Montigny.
Written by: Mike Yang
Recent Posts
- The Impact of Deepfakes on Journalism
- The Fraudster Playbook: How to Hack Into Your Call Center with Ethical Hacker Samy Kamkar
- 4 Types of Retail Fraud & How to Spot Them
- How Voice Security Can Enhance Retail Loss Prevention
- How M&T Bank Upgraded from a Legacy Authentication System to a Modern Cloud-Based Solution