What's New in Digital Payments: Apple Wallet Becomes Fraud Target, PayPal and Samsung Acquire, Google Expands

By Paula Bernier March 06, 2015

Digital wallets seem to be facing a one step forward, two steps back dilemma.

It captured headlines a few years back as several of the big credit card companies, the major communications service providers via their ISIS effort, and Google with Google Wallet, moved to get into this space early in an effort to grab market share and mindshare in the U.S. Things haven’t exactly taken off as planned, as you’ve probably noticed.

But many important companies have recently begun moving forward on the digital payments front, and attacking it in new ways. However, some of these efforts – namely, Apple Pay – are in turn also being attacked.

Apple last September announced Apple Pay would be supported in its iPhone 6 and iPhone 6 Plus devices starting in October of last year. Apple Pay was delivered in collaboration with JPMorgan Chase, and supports credit and debit cards from American Express, MasterCard, and Visa, and cards from major banks such as Bank of America, Capital One Bank, Chase, Citi, and Wells Fargo. The solution, which leverages NFC technology, is supported at Apple’s own retail locations as well as at Bloomingdale’s, Disney Store and Walt Disney World Resort, Duane Reade, Macy’s, McDonald’s, Sephora, Staples, Subway, Walgreens, and Whole Foods Market.

Privacy and security were two key themes Apple pushed when Apple Pay came out of the gate. But reports have recently been circulating that Apple Pay has been a target for fraud.

“About a month post-launch, it seems like fraud has come to Apple Pay (in one case – as high as 600bps for an issuer that I cannot name),” according to a Jan. 5 posting on Drop Labs. “Though what follows was written in the context of Apple Pay, much of it translates to any other competitor – irrespective of origin, scale, intent, or patron saint.”

And today the Apple Pay fraudster story was front page news in The Wall Street Journal, which explained: “The Apple Pay system itself hasn’t been penetrated by hackers. Rather, fraudsters are entering stolen card data into phones, which can then be used to make purchases without a physical card being present.”

According to the Drop Labs posting, card issuer implementations of Apple Pay’s Yellow Path process – which involves authentication and verification – are inadequate.

Elsewhere on the digital payment frontier, PayPal and Samsung recently have made acquisitions to help them better address mobile payments.

PayPal earlier this month announced plans to buy Paydiant. The deal, reportedly valued at $280 million, is expected to close in this month or next. Samsung earlier purchased mobile wallet solutions provider LoopPay.

Meanwhile, Google continues to work on its digital payments effort, having launched a new framework called Android Pay this week at Mobile World Congress. Noting that mobile payments have reached a new level of importance this year, Google’s Senior Vice President of Product Sundar Pichai at the Barcelona event explained that Android Pay is an API layer companies can use to support secure payments on Android in store and via apps.

The idea of delivering platforms on which businesses can support various payment types and technologies seems to be a developing theme, as PayPal’s comments at Mobile World Congress also fell into this category.




Edited by Stefania Viscusi

Executive Editor, TMC

SHARE THIS ARTICLE
Related Articles

GENBAND & Sonus Go Dutch for Merger

By: Maurice Nagle    5/23/2017

Mergers and acquisitions are the norm in business. However, it's not every day that two major cloud communications players with highly complementary o…

Read More

The Killer App for VR: The Ability to Meet Yourself

By: Rob Enderle    5/23/2017

I was at a VR event this week, and I'm sure the speaker misspoke when he said that one of the benefits of VR is the ability to meet yourself. But the …

Read More

WannaCry Ransomware Holds Files Hostage: Best Practices to Avoid Being a Victim

By: Special Guest    5/23/2017

More than 200,000 computers in more than 150 countries were crippled by a massive ransomware attack, dubbed WannaCry, and security experts warned that…

Read More

LeoSat Secures Japanese Investment for Enterprise Broadband Satellite Network

By: Doug Mohney    5/23/2017

Another broadband satellite cloud network moved closer to reality this month, with LeoSat securing an investment from SKY Perfect JSAT (SJC) Corporati…

Read More

Organizations Can Combat WannaCry & Jaff Ransomware With Well Instrumented DNS

By: Special Guest    5/22/2017

The Infoblox Intelligence Unit observed two global malware outbreaks on Friday, May 12. Although there is no indication that the two attacks were rela…

Read More