Apple Watch Could Be a Real Steal

Posted March 25, 2015

Time Will Tell Whether Apple Watch Increases Fraud by Making It Easier and Cheaper to Use Stolen Data for In-Store Purchases

Using Apple Pay on iPhone 6 and stolen credit card numbers, cybercriminals have been buying high-end goods at brick-and-mortar stores, especially Apple stores. Experts have a one word description for this fraud — “rampant.”

If things look bad now, Al Sacco in his piece on cio.com says just wait until Apple Watch is released in April. The following has been excerpted from Sacco article and edited to fit our format. You may find the full unedited story by clicking on this link.

For cheap crooks

[Apple Watch], when it’s released in April, could take [the hike in fraud using Apple Pay] further, because it also supports Apple Pay and offers a cheaper option than buying a new iPhone, at least without a carrier subsidy.

How Apple Pay works Apple Watch

To add payment cards to Apple Watch, you simply open up the companion iOS app, which is now available in iOS 8.2, and use the Passbook & Apple Pay option to enter credit card data. After you save the information, and Apple runs a quick check for potential red flags, you’re good to go. (It’s unclear whether or not the Watch will automatically import payment information iPhone 6 users already store in Passbook.)

Next, you head on over to a local retailer with NFC-compatible POS terminals, pick up some goodies, head to the cashier, double-tap the bottom button on the side of the Watch and then hold it close to the payment terminal.

Security

For security purposes, you have to authenticate yourself via a passcode anytime you remove and replace the Watch and then try to access Apple Pay.

[While] Touch ID authenticates Apple Pay purchases when you use an iPhone 6, a passcode protects your card information when you pay via Apple Watch. After you type in your code once, you don’t have to retype it to make additional payments — as long as you don’t remove the device, causing it to break contact with your skin.

Apple Watch and Apple Pay fraud

[You] need an iPhone to do just about anything on the Apple Watch. It is, after all, a companion device, and without an iPhone buddy it does little more than track your steps and, you know, tell time.

Apple Watch and cheap iPhone cost less than iPhone 6

[Cybercriminals] who exploit Apple Pay to make fraudulent purchases don’t steal iPhones to use owners’ payment information. Rather, they buy or steal card data from another source and then add it to their own iPhones and use Apple Pay to turn that data into something physical that can be used in stores.

Today, you need an iPhone 6 or iPhone 6 Plus to perpetrate such a crime, because they’re the only Apple devices that support in-store Apple Pay. Both of these devices are relatively expensive….However, the Apple Watch works with earlier iPhones, including the 5 and 5s. Starting on April 10, bad guys will be able to purchase the cheapest version of Apple Watch for $349 and then jump on eBay (or some similar site) and snag a used iPhone 5 or 5s for as little as 99 cents.

ThreatMetrix

ThreatMetrix

close btn