Want to have Apple Card security benefits? Just use Apple Pay
On a typical brilliant launch event in Cupertino on Monday, the Apple Apple debuted, a new credit card offered in conjunction with Goldman Sachs and Mastercard. Apple claims it will solve many consumer frustrations with current credit cards: the card will be easy to sign up, there will be no fees and it will be easy to redeem rewards. The company also states that Apple Card "transforms the entire credit card experience by providing a new level of privacy and security."
But you do not have to wait until the Apple Card comes out this summer to find out that there are touted properties. All you have to do is use Apple Pay and whatever credit card you already own.
"Nothing really changes with the Apple card," says Avivah Litan, research director at the analysis and consulting firm Gartner. "It's pretty genius in fact. They already have the whole Apple Pay infrastructure built and huge adoption now all over the world, so this is a competitive move."
Lily Hay Newman covers information security, digital privacy and hacking for WIRED. 1[ads1]9659005] When adding a credit card to Apple Wallet to use with Apple Pay, whether it's an Apple card or another credit card, the service conveys the cryptographic credit card number and other details to a unique card identity stored in Apple's "secure item" for extra protection. When you complete a transaction through Apple Pay, it requires the unique identifier and a security code for once, along with additional biometric verification from you via FaceID or TouchID. In this way, your real credit card number will never be transferred to the transaction, and a scammer will need the one-time transaction code and face or fingerprint to make unauthorized charges. These same security benefits will extend to the Apple Card.
Although there have been some examples of fraud on Apple Pay since its launch in 2014, security services generally consider these protections to be a solid improvement over typical credit card transactions. But in cases where Apple Pay is not an option, the Apple card, in terms of protection, is just that – a typical credit card.
The physical card is just the minimalist, etched titanium piece you expect from Apple, and it takes a good security step by displaying only your name, no card or CVV number. But if you use the card in a store for a regular chip transaction, it seems to work like any other credit card. There is no technology in the card itself; It cannot complete contactless payments. The card is also displayed, based on Apple's announcement pictures, to have a magnetic strip on the back that comes with its own set of security issues. And even if the card number doesn't appear physically, you can access it in the Apple Wallet and use it to make online purchases just like you would with another credit card. Apple prefers to make online transactions with Apple Pay anyway, but if you don't, there are no extra special attributes of Apple cards that protect you.
And Apple's arrangement with Goldman Sachs and Mastercard-like issuing bank and payment networks, respectively – is a standard setup for a labeled card.
"Generally, for all merchants, this will be treated as another Mastercard transaction and it follows all of these rules," said John Drechny, CEO of the Merchant Advisory Group, an independent industry organization. they will still have the same liability agreement with the payment network. I do not think it will be anything but an ordinary joint deal. "
As is the case With other credit cards, the bank and the payment network involved in the routing and execution of transactions will have normal data access. Analyzes the consumer's financial data to map patterns and try to reduce fraud, and they also share and usually sell this data for other purposes.
It is an area where the Apple Card can prove itself and will be in line with Apple noted in its announcement that "Goldman Sachs never shares or sells your data to third parties for marketing or advertising." Apple did not mention whether Mastercard has agreed not to share or sell user data, and did not return a request from WIRED for comment
As for Apple itself, the company says it will not have access to anyone using transaction data or purchase information. e Card features intended to help users track expenses and analyze statement information will all be filled locally on users' devices, not on Apple's servers.
"Apple becomes the best of both worlds by becoming a card issuer and collaborating with a bank," says Gartner's Litan of Apple's decision to plunge into access to user data. "They can keep their nose clean." 19659003] Overall, Apple's efforts to increase Apple Pay usage are commendable from a security and anti-exploitation point of view, and it is clear that the purpose of the Apple Card is to adopt and use Apple Pay, but the Apple card itself is a bit more run of the mill.