To pay with Apple Pay on the Internet is found to be unsafe

In the Apple there is no safer method of payment than Apple Pay. Due to the fact that each transaction does not contain payment card data of the user, his name and other confidential information, which is replaced by a unique token, to hack a Bank account becomes extremely difficult. Well, at least if we are talking about using your iPhone or Apple Watch, but the web version of Apple Pay was vulnerable so that the experts advised the customers of Apple to use it with extreme caution.

According to researchers in the field of cybersecurity Joshua Madoka, he found out that the button Apple Pay, which is used on web sites to make purchases that are not as safe as it seems. The vulnerability lies in the system of connection between the site and the Apple servers. It allows you to replace the address where to send the transaction information, which, although they are encrypted, still contain some information allowing to calculate the buyer.

See also: the Map “Troika” will it be possible to add in Apple Pay

In the result the owner of the site or an external attacker who was able to hack the site, may make changes to the system of transmitting data and to receive data about new transactions. And, after accumulating enough information, nothing prevents the attacker corny start to sell it. It is possible that even more resourceful hackers will find a way to decrypt the received data and to use them for personal purposes.

Who is to blame for the leaks of Apple Pay

Despite the critical nature of the vulnerability, the blame for its existence rests not on Apple, said Maddoc. According to him, the problem stems from weak protection of sites that carry the Apple Pay button. This vulnerability has already suffered several major banks, including Bank holding company Capital One. At the same time, Google Pay gives hackers much less room for hacking than Apple Pay because it uses a different type of data exchange between the site and its servers.

See also: Why you cannot protect Apple Pay password. A good example

Anyway, Apple should take serious measures to improve the security of Apple Pay, even if the initial blame for the vulnerability is not on it. After all, the users don’t care who is guilty in leakage of their data, it is important the fact. If the service that they used to enjoy, may merge their information to outsiders, many probably think about how to opt-out from further use. This will affect Apple negatively, to discredit it as a supplier of the most reliable payment system.

Subscribe to our channel at Yandex.Zen is strictly obligatory. Subscribe and you will regret it.

Leave a Reply

Your email address will not be published. Required fields are marked *