As is usual in cases like this the tech media will pounce on Apple Pay as a failure of epic proportions. No matter that the issue is really with the banks, Apple will get all the blame just like the Chinese labor issues, Greenpeace tantrums, overseas tax havens, the list goes on. Wait for it.
Unfortunately idiots outnumber intelligent people by a significant factor, so I know it won't take long for this to happen. Just wait for those idiot Fandroids to get wind of this, they'll twist it around so badly there won't be any truth left.
Bottom line; Why would anybody cite anything from The Guardian (or any UK rag)?
Don't like the fact they partnered with Edward Snowden to expose the cyber world for what it actually is to the mainstream public? Too friggin bad... I'd take what The Guardian posts ANY DAY over smut rags like CNN or FOX!
What, exactly, was stopping Apple from recommending to Apple Pay subscribers that applicants do not answer simple to obtain security questions during the registration and verification process?
Apple just created the highway, and the vehicle, to use, if you'll pardon the pun. They left rules, regulation, and enforcement up to the banks, where it belongs. Actually, I find this to be helpful in shining a light on just how STUPID and INEPT the US banks are.
I'm getting to a point that I will give up on AppleInsider and just go to 9to5Mac.
The amount of clickbait here is ridiculous. Plus the mods do nothing to stop obvious trolls from ruining the experience of these boards.
I'd be careful with that destination... I regularly frequent that site as well, and while their articles are ok, they've recently been flooded with a lot of trolls, so the quality of discussion there is MUCH worse than it is here...
I'd be careful with that destination... I regularly frequent that site as well, and while their articles are ok, they've recently been flooded with a lot of trolls, so the quality of discussion there is MUCH worse than it is here...
That ain't recent. There is something nice about the occasional blog-length posting, and that does help them "get to market" faster than AI's more in-depth articles, but their forums have been complete shit for at least a decade. If you want intelligent posters that can help you to develop your own arguments better by helping you see a more rounded and objective view of technology (and many other topics) then this forum is the place to be.
1) I have added 5 cards to ?Pay. Of those 5, only 1 let me add it without requiring any additional verification of my identity. The other 4 had various methods, like sending an SMS/text to the cellphone I have on file, having me verify personal information, or having me call them to have me verified over the phone. If banks do any of these then those that steal card numbers aren't gong to be able to add cards to ?Pay without also having access to a customer's phone (which is still possible, but less common), or have access to their more sensitive personal data, like secret questions (which is also still possible, but even less common).
2) This coming right on the heals of Samsung and Google talking about their new payment systems as MWC. I'm not a conspiracy theorist but something sounds fishy.
If you understand how the fraud is being perpetrated, you'd know it isn't about Apple doing wrong, it's about the banks not offering the proper verification for their customer's accounts. It's has nothing to do with ?Pay's design and only the banks can fix resolve their own lack of foresight or laziness to correct this mistake.
I added four cards (from two banks) and they both required I respond to a text message with a code. If my bank simply let me set up a card without verifying anything outside of details that can be easily swiped by someone nefarious, that would raise a red-flag with me. I didn't realize banks would be so lazy as to allow that to even happen in the first place.
Quote:
Originally Posted by sog35
I'm getting to a point that I will give up on AppleInsider and just go to 9to5Mac.
The amount of clickbait here is ridiculous. Plus the mods do nothing to stop obvious trolls from ruining the experience of these boards.
The bed-wetting trolls are really coming out. Samsung has already been busted for paying folks to troll forum threads. It would not be much of a stretch to think that something similar is happening right now with SamsungPay (or xPay) getting ready to roll out. They know their solution is sh!t, so why not try bringing Apple down with the rest of the ships right?
Bank of America required you to call them and go through a list of security questions that a thief probably wouldn't know.
And why couldn't these be entered into the iPhone during the setup process like any website account I visit requiring me to enter answers to my security questions? While this is not Apple's fault, per se, it seems like a very un-Apple-like process. Is it Apple that didn't make these kinds of steps available to banks in the setup process, or is it the banks not able to implement Apple's available software options?
Because with a website you are interacting directly with the account-holding institution, not with Apple. The banks, not Apple, would have to set up a system (website or other) for you to enact these authorizations online. They could do that, but it's clearly not under Apple's control to make that happen.
[quote name="sflocal" url="/t/185010/banks-scrambling-to-combat-apple-pay-identity-fraud-report/40#post_2684329"] I added four cards (from two banks) and they both required I respond to a text message with a code. If my bank simply let me set up a card without verifying anything outside of details that can be easily swiped by someone nefarious, that would raise a red-flag with me. I didn't realize banks would be so lazy as to allow that to even happen in the first place.[/QUOTE]
I'd like the SMS/text message option to be removed. It's better than nothing, but it's possible that if your cards are stolen that your phone might be stolen, too. Even if you have a locked iPhone with Touch ID, most still show messages on the lock screen so it's mostly likely they only need to be in possession of the device for it to display that code.
I'd like Apple to offer up their 2-step authentication that they use for logging into iCloud; which is letting you know you have a authentication code on the lock screen but requiring you to unlock your device in order to see it.
Definitely not Apple's problem - directly. I had two cards that I added to Apple Pay, and both required verification - a phone call verifying my date of birth and last 4 of my SSN. But adding my wife's AMEX didn't require any verification. Anybody could have added it. Kind of freaked me out.
Seriously, BGR.com called, they want your trolling arse back.
That's jolly nice of them since I've never posted a single comment there to my recollection.
Maybe try and understand the point being made? People were defending Apple and whining about media click bait before anyone had suggested Apple were at fault. The article is explicit in highlighting that the banks are at fault, and yet some people are so incensed by the very notion of someone, somewhere possibly thinking Apple might be at fault that they manufacture trolls in their mind. There has been no trolling of any significance whatsoever in this thread.
Apple are not at fault, we all get it. That doesn't mean that bad press around ?Pay, even if it's the banks fault, isn't something to be worried about for an emerging feature. So while it may not be Apple's "responsibility" to care about the green route, the yellow route, or any other coloured route, they might want to think about that.
The Guardian is not always my cup of tea, but it's no rag.
It singlehandedly broke the story -- and stayed with it -- on NSA spying. There are many other such examples. The reporting is usually solid.
It is... But here it does sound like click bait with a lot of generalization and going beyond the scope of the actual facts. Considering Apple pay is not even in the UK and this probably affects a very minute sliver of their readers, seem they used Apple as a hook to get online readers.
Even regular medias these days are so desperate for money that they will stoop to heavy headlines manipulation (something that in the past was limited to tabloids). I've even seen this happen in the New York Times, which in the past avoided such things.
That's jolly nice of them since I've never posted a single comment there to my recollection.
Maybe try and understand the point being made? People were defending Apple and whining about media click bait before anyone had suggested Apple were at fault. The article is explicit in highlighting that the banks are at fault, and yet some people are so incensed by the very notion of someone, somewhere possibly thinking Apple might be at fault that they manufacture trolls in their mind. There has been no trolling of any significance whatsoever in this thread.
Apple are not at fault, we all get it. That doesn't mean that bad press around ?Pay, even if it's the banks fault, isn't something to be worried about for an emerging feature. So while it may not be Apple's "responsibility" to care about the green route, the yellow route, or any other coloured route, they might want to think about that.
The bad press comes from misleading headlines, you can't seperate one from the other. The articles actual content means little since that's not what's passed around. Thus the "whining". This is not just common to this info, it has become generalized to all information online or offline.
^ not really. The bad press comes from ?Pay as a holistic product (I.e. Apples front end plus the banks back end) not being entirely secure.
"Oh look, I can use my card as it is, or I can load it into my phone which I know from the news may lead to fraud. I know it isn't Apple's fault, but that's not really of consequence to me; its a worry and a hassle. I'll stick with the card."
- fictional person that is not me, certainly is not you, and may not be many people, but is nevertheless a rational position.
I'd also like to not that this same story appeared at Apple earnings time last month. Today it appears in the same news cycle as "Google Pay" and "Samsung Pay".
But adding my wife's AMEX didn't require any verification. Anybody could have added it. Kind of freaked me out.
Same with me but since I was at my residence when I added it, and they were given the info during the process, and since the phone I was using was associated with my account, and they had that info, and since I am a long time iTunes account holder, and they had that info, I think it is safe to say that it was highly unlikely there was any fraud, so they green lighted it.
My card is registered to my home, but I make online purchases at work all the time, in fact most of the time. Many people commute 20-50km each way so what would the range be?
They said 50 miles but if your phone is also near the location of the online order, IP address location they can use that since IP addresses are recorded by the online merchant when you buy something thing. However, I know this has issue, since like my work all traffic originate from our headquarters which is in another state. It gives google issues, due to the fact it trying to present information based on the IP location not my physical location.
It is not a perfect solution, but they said it mainly for when you are out and about with your phone and making purchases as long as the two location are the same they have higher confidence the purchase is legit.
I'd like the SMS/text message option to be removed. It's better than nothing, but it's possible that if your cards are stolen that your phone might be stolen, too.
That would be unfortunate because that means you were probably mugged since we don't go anywhere without our phones. It is unlikely a missing phone would go unnoticed for long.
In that situation you would notify your bank as soon as possible and cancel all your cards, but an experienced thief would know that. They wouldn't spend any time trying to use ?Pay. They would go to the closest grocery store where they never check photo ID against the name on card, buy a couple hundred dollars worth of expensive food and wine and toss the wallet in the dumpster. In that situation you would not be liable for the fraud anyway, but still a hassle to replace all those cards.
I can't wait for chip and pin to be the standard in the US.
Comments
Unfortunately idiots outnumber intelligent people by a significant factor, so I know it won't take long for this to happen. Just wait for those idiot Fandroids to get wind of this, they'll twist it around so badly there won't be any truth left.
Seriously? Please tell me you just forgot to put a /s at the end of that statement?
If you were being serious, then take that uneducated, biased, idiotic comment, shove it where the sun NEVER shine, and GTFO!
I have an unfortunate feeling people like you and me will be repeating that statement many times over the coming days
Don't like the fact they partnered with Edward Snowden to expose the cyber world for what it actually is to the mainstream public? Too friggin bad... I'd take what The Guardian posts ANY DAY over smut rags like CNN or FOX!
Apple just created the highway, and the vehicle, to use, if you'll pardon the pun. They left rules, regulation, and enforcement up to the banks, where it belongs. Actually, I find this to be helpful in shining a light on just how STUPID and INEPT the US banks are.
Seriously, BGR.com called, they want your trolling arse back.
Careful, simpletons and Fandroids don't like it when you challenge their beliefs
That ain't recent. There is something nice about the occasional blog-length posting, and that does help them "get to market" faster than AI's more in-depth articles, but their forums have been complete shit for at least a decade. If you want intelligent posters that can help you to develop your own arguments better by helping you see a more rounded and objective view of technology (and many other topics) then this forum is the place to be.
1) I have added 5 cards to ?Pay. Of those 5, only 1 let me add it without requiring any additional verification of my identity. The other 4 had various methods, like sending an SMS/text to the cellphone I have on file, having me verify personal information, or having me call them to have me verified over the phone. If banks do any of these then those that steal card numbers aren't gong to be able to add cards to ?Pay without also having access to a customer's phone (which is still possible, but less common), or have access to their more sensitive personal data, like secret questions (which is also still possible, but even less common).
2) This coming right on the heals of Samsung and Google talking about their new payment systems as MWC. I'm not a conspiracy theorist but something sounds fishy.
If you understand how the fraud is being perpetrated, you'd know it isn't about Apple doing wrong, it's about the banks not offering the proper verification for their customer's accounts. It's has nothing to do with ?Pay's design and only the banks can fix resolve their own lack of foresight or laziness to correct this mistake.
I added four cards (from two banks) and they both required I respond to a text message with a code. If my bank simply let me set up a card without verifying anything outside of details that can be easily swiped by someone nefarious, that would raise a red-flag with me. I didn't realize banks would be so lazy as to allow that to even happen in the first place.
I'm getting to a point that I will give up on AppleInsider and just go to 9to5Mac.
The amount of clickbait here is ridiculous. Plus the mods do nothing to stop obvious trolls from ruining the experience of these boards.
The bed-wetting trolls are really coming out. Samsung has already been busted for paying folks to troll forum threads. It would not be much of a stretch to think that something similar is happening right now with SamsungPay (or xPay) getting ready to roll out. They know their solution is sh!t, so why not try bringing Apple down with the rest of the ships right?
Bottom line; Why would anybody cite anything from The Guardian (or any UK rag)?
The Guardian is not always my cup of tea, but it's no rag.
It singlehandedly broke the story -- and stayed with it -- on NSA spying. There are many other such examples. The reporting is usually solid.
Bank of America required you to call them and go through a list of security questions that a thief probably wouldn't know.
And why couldn't these be entered into the iPhone during the setup process like any website account I visit requiring me to enter answers to my security questions? While this is not Apple's fault, per se, it seems like a very un-Apple-like process. Is it Apple that didn't make these kinds of steps available to banks in the setup process, or is it the banks not able to implement Apple's available software options?
Because with a website you are interacting directly with the account-holding institution, not with Apple. The banks, not Apple, would have to set up a system (website or other) for you to enact these authorizations online. They could do that, but it's clearly not under Apple's control to make that happen.
I added four cards (from two banks) and they both required I respond to a text message with a code. If my bank simply let me set up a card without verifying anything outside of details that can be easily swiped by someone nefarious, that would raise a red-flag with me. I didn't realize banks would be so lazy as to allow that to even happen in the first place.[/QUOTE]
I'd like the SMS/text message option to be removed. It's better than nothing, but it's possible that if your cards are stolen that your phone might be stolen, too. Even if you have a locked iPhone with Touch ID, most still show messages on the lock screen so it's mostly likely they only need to be in possession of the device for it to display that code.
I'd like Apple to offer up their 2-step authentication that they use for logging into iCloud; which is letting you know you have a authentication code on the lock screen but requiring you to unlock your device in order to see it.
Maybe try and understand the point being made? People were defending Apple and whining about media click bait before anyone had suggested Apple were at fault. The article is explicit in highlighting that the banks are at fault, and yet some people are so incensed by the very notion of someone, somewhere possibly thinking Apple might be at fault that they manufacture trolls in their mind. There has been no trolling of any significance whatsoever in this thread.
Apple are not at fault, we all get it. That doesn't mean that bad press around ?Pay, even if it's the banks fault, isn't something to be worried about for an emerging feature. So while it may not be Apple's "responsibility" to care about the green route, the yellow route, or any other coloured route, they might want to think about that.
The Guardian is not always my cup of tea, but it's no rag.
It singlehandedly broke the story -- and stayed with it -- on NSA spying. There are many other such examples. The reporting is usually solid.
It is... But here it does sound like click bait with a lot of generalization and going beyond the scope of the actual facts. Considering Apple pay is not even in the UK and this probably affects a very minute sliver of their readers, seem they used Apple as a hook to get online readers.
Even regular medias these days are so desperate for money that they will stoop to heavy headlines manipulation (something that in the past was limited to tabloids). I've even seen this happen in the New York Times, which in the past avoided such things.
That's jolly nice of them since I've never posted a single comment there to my recollection.
Maybe try and understand the point being made? People were defending Apple and whining about media click bait before anyone had suggested Apple were at fault. The article is explicit in highlighting that the banks are at fault, and yet some people are so incensed by the very notion of someone, somewhere possibly thinking Apple might be at fault that they manufacture trolls in their mind. There has been no trolling of any significance whatsoever in this thread.
Apple are not at fault, we all get it. That doesn't mean that bad press around ?Pay, even if it's the banks fault, isn't something to be worried about for an emerging feature. So while it may not be Apple's "responsibility" to care about the green route, the yellow route, or any other coloured route, they might want to think about that.
The bad press comes from misleading headlines, you can't seperate one from the other. The articles actual content means little since that's not what's passed around. Thus the "whining". This is not just common to this info, it has become generalized to all information online or offline.
"Oh look, I can use my card as it is, or I can load it into my phone which I know from the news may lead to fraud. I know it isn't Apple's fault, but that's not really of consequence to me; its a worry and a hassle. I'll stick with the card."
- fictional person that is not me, certainly is not you, and may not be many people, but is nevertheless a rational position.
They are sourcing their story from the same consultant who was trying to push the same story last month. It's bananas. Lazy reporting.
I'd also like to not that this same story appeared at Apple earnings time last month. Today it appears in the same news cycle as "Google Pay" and "Samsung Pay".
But adding my wife's AMEX didn't require any verification. Anybody could have added it. Kind of freaked me out.
Same with me but since I was at my residence when I added it, and they were given the info during the process, and since the phone I was using was associated with my account, and they had that info, and since I am a long time iTunes account holder, and they had that info, I think it is safe to say that it was highly unlikely there was any fraud, so they green lighted it.
They said 50 miles but if your phone is also near the location of the online order, IP address location they can use that since IP addresses are recorded by the online merchant when you buy something thing. However, I know this has issue, since like my work all traffic originate from our headquarters which is in another state. It gives google issues, due to the fact it trying to present information based on the IP location not my physical location.
It is not a perfect solution, but they said it mainly for when you are out and about with your phone and making purchases as long as the two location are the same they have higher confidence the purchase is legit.
Well, considering the track record of each... I'd say going with Apple is a no-brainer.
I'd like the SMS/text message option to be removed. It's better than nothing, but it's possible that if your cards are stolen that your phone might be stolen, too.
That would be unfortunate because that means you were probably mugged since we don't go anywhere without our phones. It is unlikely a missing phone would go unnoticed for long.
In that situation you would notify your bank as soon as possible and cancel all your cards, but an experienced thief would know that. They wouldn't spend any time trying to use ?Pay. They would go to the closest grocery store where they never check photo ID against the name on card, buy a couple hundred dollars worth of expensive food and wine and toss the wallet in the dumpster. In that situation you would not be liable for the fraud anyway, but still a hassle to replace all those cards.
I can't wait for chip and pin to be the standard in the US.