Apple Pay and security
Hi, I read this http://www.tuaw.com/2014/10/02/apple-pay-an-in-depth-look-at-whats-behind-th... It all claims to be "more secure" etc. There are a few questions though. Okay, the claim, "Apple never stores the credit card info" .. well, you have to believe that. If you have the NSA snooping between Apple and Mastercard/Visa - they will have it;-) (if it is not securely encrypted) You just have to log the the conversation to add a new card and returning the token. Secondly, all information used in a transaction comes from the phone (token, finger print or PIN and CVV) How secure is this? A dedicated card has nothing do download/install apps which makes it a bit more difficult to get the information on the chip. I guess I would try to write an app to get "under the skin" to retrieve the information from the phone. What are your thoughts? Regards Peter
On Wed, Oct 08, 2014 at 11:54:41AM +1100, Peter Ross wrote:
Hi,
I read this
http://www.tuaw.com/2014/10/02/apple-pay-an-in-depth-look-at-whats-behind-th...
It all claims to be "more secure" etc.
There are a few questions though.
Okay, the claim, "Apple never stores the credit card info" .. well, you have to believe that.
If you have the NSA snooping between Apple and Mastercard/Visa - they will have it;-) (if it is not securely encrypted) You just have to log the the conversation to add a new card and returning the token.
Secondly, all information used in a transaction comes from the phone (token, finger print or PIN and CVV)
How secure is this?
A dedicated card has nothing do download/install apps which makes it a bit more difficult to get the information on the chip.
I guess I would try to write an app to get "under the skin" to retrieve the information from the phone.
What are your thoughts?
Not directly related but some food for thought as far as Apple is concerned: https://firstlook.org/theintercept/2014/09/22/apple-data/ https://www.schneier.com/blog/archives/2014/10/iphone_encrypti_1.html Sam
participants (2)
-
Peter Ross -
Sam Varghese