Lord777
Professional
- Messages
- 2,576
- Reaction score
- 1,547
- Points
- 113
The Apple Pay payment system was one of the first that allowed owners of smartphones and other smart Apple gadgets to carry out transactions without using bank cards. The use of unique data encryption algorithms and a multi-level payment protection mechanism allowed developers to create a system with a high level of security. This is also evidenced by the official data: in the four years of its existence, no one has managed to hack Apple Pay.
Features of work
Apple Pay is an application that replaces a bank card. Payment is made through the interaction of the terminal and the NFC chip built into the device. The owner's fingerprint (or Face ID) or pattern is used to confirm the transaction. Externally, the Apple payment system functions like a regular contactless payment card, but the principle of operation and protection mechanisms are completely different.
To add a plastic card to the application, it must be scanned. In this case, the card number and other payment information are encrypted and converted into a unique 16-digit code (token), which is tied to the identification number of the device. The card details are not stored either on the device or in the cloud, and are not transferred to the seller in any way upon payment.
Apple Pay security
All payments are made through a token transfer. In this case, the information is updated every time. That is, scanning and decrypting the signal does not give the attacker anything, as does the theft of the device itself, since confirmation in the form of a fingerprint, a graphic code or authorization via Face ID is required to make a payment.
Another feature of Apple's security system is that every operation needs to be confirmed, regardless of the size of the payment. Therefore, making several small payments until the owner notices the loss of the device simply will not work.
Unlike a bank card, the NFC chip of which is always active, which allows attackers to read and copy payment information and make unauthorized transactions, the module on the phone is not active in a locked state. To make a payment, you need to unlock the device, which will automatically require authorization from the user.
Advantages of the Apple Pay payment system:
Vulnerability issues
In general, Apple's payment system is one of the most secure and invulnerable. It surpasses the level of security of contactless bank cards. Security problems can arise only if a graphic key is also received by the attacker along with the smartphone. It can be used to confirm transactions instead of a fingerprint: this function is provided in case of a broken fingerprint sensor.
Therefore, if the smartphone is lost, the owner is advised to use the appropriate function as soon as possible and block the device remotely, thereby destroying all information that is necessary for making payments.
There is also a danger when using an Apple Watch, payment with which does not require any confirmation.
Features of work
Apple Pay is an application that replaces a bank card. Payment is made through the interaction of the terminal and the NFC chip built into the device. The owner's fingerprint (or Face ID) or pattern is used to confirm the transaction. Externally, the Apple payment system functions like a regular contactless payment card, but the principle of operation and protection mechanisms are completely different.
To add a plastic card to the application, it must be scanned. In this case, the card number and other payment information are encrypted and converted into a unique 16-digit code (token), which is tied to the identification number of the device. The card details are not stored either on the device or in the cloud, and are not transferred to the seller in any way upon payment.
Apple Pay security
All payments are made through a token transfer. In this case, the information is updated every time. That is, scanning and decrypting the signal does not give the attacker anything, as does the theft of the device itself, since confirmation in the form of a fingerprint, a graphic code or authorization via Face ID is required to make a payment.
Another feature of Apple's security system is that every operation needs to be confirmed, regardless of the size of the payment. Therefore, making several small payments until the owner notices the loss of the device simply will not work.
Unlike a bank card, the NFC chip of which is always active, which allows attackers to read and copy payment information and make unauthorized transactions, the module on the phone is not active in a locked state. To make a payment, you need to unlock the device, which will automatically require authorization from the user.
Advantages of the Apple Pay payment system:
- lack of information about the card details on a smartphone or in the cloud;
- mandatory confirmation of all payment transactions;
- the ability to use a smartphone instead of a bank card without an Internet connection.
Vulnerability issues
In general, Apple's payment system is one of the most secure and invulnerable. It surpasses the level of security of contactless bank cards. Security problems can arise only if a graphic key is also received by the attacker along with the smartphone. It can be used to confirm transactions instead of a fingerprint: this function is provided in case of a broken fingerprint sensor.
Therefore, if the smartphone is lost, the owner is advised to use the appropriate function as soon as possible and block the device remotely, thereby destroying all information that is necessary for making payments.
There is also a danger when using an Apple Watch, payment with which does not require any confirmation.
