Jump to content

Apple credit card fraud found.. that was quick

GoodBytes
By GoodBytes
in Tech News
 Share
Posted

Touted by Apple as a super secure credit card with its lack of numbers on the card, making it harder to copy, 9To5Mac reports a story of a user that has its card used in another state at the same time. Apple rep, when asked about the issue said it was a "very rare" occurance. And pushed again with the idea that the card has no number therefore safe. That said, as noted by the news source, card skimmers is a thing, the card has a magnetic strip and no secure chip + pin system (common issue with US credit cards), making it easy to copy.

 

Quote

David asked the Apple representative for more details about how this happened, but they didn’t have any answers beyond saying the situation was “very rare.”

 

While the Apple rep noted how the lack of numbers helps with security and preventing fraudulent purchases, the physical Apple Card still has a magnetic stripe along with a chip.

 

The most likely answer for how a thief in another state was using the card is that the titanium Apple Card is susceptible to skimming devices and cloning just like any other credit or debit card. Thieves will often target gas stations and other easily accessible credit card readers to try and install skimming devices.

 

In my opinion, it doesn't takes an experts to know that a popular method to steal credit card is the use of card skimmers who simply reads and copy the magnetic strip.

 

 

Source: https://9to5mac.com/2019/10/09/apple-card-security-cloning/

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

I mean, theyre getting there, its just that its harder to make it unhackable than just no numbers

✨FNIGE✨

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
14 minutes ago, GoodBytes said:

Touted by Apple as a super secure credit card with its lack of numbers on the card, making it harder to copy, 9To5Mac reports a story of a user that has its card used in another state at the same time. Apple rep, when asked about the issue said it was a "very rare" occurance. And pushed again with the idea that the card has no number therefore safe. That said, as noted by the news source, card skimmers is a thing, the card has a magnetic strip and no secure chip + pin system (common issue with US credit cards), making it easy to copy.

 

In my opinion, it doesn't takes an experts to know that a popular method to steal credit card is the use of card skimmers who simply reads and copy the magnetic strip.

 

 

Source: https://9to5mac.com/2019/10/09/apple-card-security-cloning/

Wait-- The Apple Credit cards are still using Magstripes? In 2019? Bloody hell,  as an Australian this blows my mind. We've been on chip-and-pin for years.

My build log

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
8 minutes ago, VegetableStu said:

seriously, when is the magstripe going to die ._. (also when will ATMs accept Google and Apple pay ._.)

They'll hold onto it as long as they can, just like Imperial measurement.

I've always assumed they haven't switched over to a chip system because, in some way, fraud has some twisted advantage for the large companies.

CPU: Ryzen 9 5900 Cooler: EVGA CLC280 Motherboard: Gigabyte B550i Pro AX RAM: Kingston Hyper X 32GB 3200mhz

Storage: WD 750 SE 500GB, WD 730 SE 1TB GPU: EVGA RTX 3070 Ti PSU: Corsair SF750 Case: Streacom DA2

Monitor: LG 27GL83B Mouse: Razer Basilisk V2 Keyboard: G.Skill KM780 Cherry MX Red Speakers: Mackie CR5BT

 

MiniPC - Sold for $100 Profit

Spoiler

CPU: Intel i3 4160 Cooler: Integrated Motherboard: Integrated

RAM: G.Skill RipJaws 16GB DDR3 Storage: Transcend MSA370 128GB GPU: Intel 4400 Graphics

PSU: Integrated Case: Shuttle XPC Slim

Monitor: LG 29WK500 Mouse: G.Skill MX780 Keyboard: G.Skill KM780 Cherry MX Red

 

Budget Rig 1 - Sold For $750 Profit

Spoiler

CPU: Intel i5 7600k Cooler: CryOrig H7 Motherboard: MSI Z270 M5

RAM: Crucial LPX 16GB DDR4 Storage: Intel S3510 800GB GPU: Nvidia GTX 980

PSU: Corsair CX650M Case: EVGA DG73

Monitor: LG 29WK500 Mouse: G.Skill MX780 Keyboard: G.Skill KM780 Cherry MX Red

 

OG Gaming Rig - Gone

Spoiler

 

CPU: Intel i5 4690k Cooler: Corsair H100i V2 Motherboard: MSI Z97i AC ITX

RAM: Crucial Ballistix 16GB DDR3 Storage: Kingston Fury 240GB GPU: Asus Strix GTX 970

PSU: Thermaltake TR2 Case: Phanteks Enthoo Evolv ITX

Monitor: Dell P2214H x2 Mouse: Logitech MX Master Keyboard: G.Skill KM780 Cherry MX Red

 

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

wait apple cards dont have a chip? WTF???

edit: nvm it just doesnt have a pin with it

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

it still has a magnetic strip... so it's very easy to steal. just go rig up a gas pump

Also this brings to mind a topic... WHY THE HECK ARE LIKE ALL GAS STATIONS IN THE US STILL USING MAGNETIC STRIPS?!

 

chip and pin is almost everywhere... except at the pump. which is literally the easiest thing to rig up a skimmer to... Like seriously?

"If a Lobster is a fish because it moves by jumping, then a kangaroo is a bird" - Admiral Paulo de Castro Moreira da Silva

"There is nothing more difficult than fixing something that isn't all the way broken yet." - Author Unknown

Spoiler

Intel Core i7-3960X @ 4.6 GHz - Asus P9X79WS/IPMI - 12GB DDR3-1600 quad-channel - EVGA GTX 1080ti SC - Fractal Design Define R5 - 500GB Crucial MX200 - NH-D15 - Logitech G710+ - Mionix Naos 7000 - Sennheiser PC350 w/Topping VX-1

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
24 minutes ago, dizmo said:

They'll hold onto it as long as they can, just like Imperial measurement.

I've always assumed they haven't switched over to a chip system because, in some way, fraud has some twisted advantage for the large companies.

its funny because chips get used almost everywhere I go when I use my chase debit card, just like how I use metric when I'm in any class for a lab or something but sometimes I still gotta swipe my card

 

like when I have to use inches 

8086k

aorus pro z390

noctua nh-d15s chromax w black cover

evga 3070 ultra

samsung 128gb, adata swordfish 1tb, wd blue 1tb

seasonic 620w dogballs psu

 

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
39 minutes ago, VegetableStu said:

when is the magstripe going to die

When mom and pop merchants get in to the 21st century. Some places still dont do the chip in the US. Also, some major retailers dont do Apple or Google pay. Walmart being a prime example. Because they have to be diffrent and do Walmart pay, but I dont want my card details on 30 diffrent payment apps. 

 

29 minutes ago, dizmo said:

always assumed they haven't switched over to a chip system because, in some way, fraud has some twisted advantage for the large companies.

No. Some merchants just use ancent tech. Or some just dont see the benifit of swtiching. Like Fast Food, i mean if fraud happens, the resteraunt would be liabel for the amount. Seeing how they generally deal in small amounts, its not an issue for most places. 

I just want to sit back and watch the world burn. 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
9 minutes ago, bcredeur97 said:

WHY THE HECK ARE LIKE ALL GAS STATIONS IN THE US STILL USING MAGNETIC STRIPS?!

Because new readers would cost money. Simple. 

I just want to sit back and watch the world burn. 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
24 minutes ago, dizmo said:

They'll hold onto it as long as they can, just like Imperial measurement.

Welcome to my hell, we only half converted.  Depends on the project you are working on you need metric or imperial. . . sometimes both!  I swear i think retailers are the culprits, they realized they could sell double the amount of tools if we used both types of measurements.  

 

31 minutes ago, wafflehaus said:

using Magstripes? In 2019? Bloody hell,  as an Australian this blows my mind. We've been on chip-and-pin for years.

Well to be fair the chip readers were awful when they first deployed them.  Everyone hated it because of that and slow to adopt.  So once again we are in a land of in between.  We have both chips and mag strips on our cards.   Want to buy some groceries use the chip, unless its broken then you swipe.  Fuel up and pay at the pump its usually a mag strip.

 

But all in all its still pretty good to be in the USA, I hear our round up ready soy is pretty tasty.   

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author

 

8 minutes ago, Donut417 said:

Because new readers would cost money. Simple. 

It is more than that. You need to be certified merchant, and the company that a merchant deals with (and also any other companies that this company deals with) needs to be certified. This is more money.. and what does the merchant gains from the all this? Nothing much really. The merchant is only helping the banks and credit card machine holders. So why upgrade to more costly machines? I mean sure they may lose money (which they might have insurance that covers a big chuck of it, depending on the size of the business), but realistically, a business owner probably have 1 or less per year fraud charges. Is it worth paying the premium and going through the whole headache to get a chip compatible machine? Looks like the answer is no, at least as we speak.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
1 minute ago, GoodBytes said:

business owner probably have 1 or less per year fraud

Not at gas stations in Metro Detroit. Credit card skimmers at gas stations is a big time thing around here. What even more fucked up is you have to pay more per gallon to use a card and have it potentially stolen. Some stations like Shell allow you to pay via their app, which I do some times. But most station owners probably dont give a fuck. Plus some station owners/Employees are in on the fraud. 

I just want to sit back and watch the world burn. 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
40 minutes ago, Donut417 said:

Not at gas stations in Metro Detroit. Credit card skimmers at gas stations is a big time thing around here. What even more fucked up is you have to pay more per gallon to use a card and have it potentially stolen. Some stations like Shell allow you to pay via their app, which I do some times. But most station owners probably dont give a fuck. Plus some station owners/Employees are in on the fraud. 

Card skimmers added on gas station machines doesn't affect the merchant. They get their money. The transaction was legit. Just someone put a skimmer device in between.

So they are not affected by anything. While I am sure they are, I don't think most people who has a copied of a credit card will go for 40$ or whatever of fuel and some snacks. They'll go for big ticket items instead, especially that you know that you probably have 1 chance before the card is blocked.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

In Australia, Apple Pay/Android Pay is common and 'Chip and Pin' is very common. Hardly see anyone using the magstripe these days. I use Apple products, but this seems to be a pretty typica Apple story. 'This new feature is so secure, it can't be broken'. Two weeks later, said feature is bypassed.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

I haven't used the stripe in maybe two years, and that two years ago was only one time because there was some problems with the chip thing in that store they hadn't fixed yet. Before that probably multiple years before that to find the next one.

“Remember to look up at the stars and not down at your feet. Try to make sense of what you see and wonder about what makes the universe exist. Be curious. And however difficult life may seem, there is always something you can do and succeed at. 
It matters that you don't just give up.”

-Stephen Hawking

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
4 hours ago, GoodBytes said:

the card has a magnetic strip and no secure chip + pin system

tommy-lee-jones-face.jpg.1aa26b97833dc9d8f67b3460e0088945.jpg

Hand, n. A singular instrument worn at the end of the human arm and commonly thrust into somebody’s pocket.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

We've had cards with chip for AGES in our tiny Slovenia. And it's been years now that we have contactless chip cards. I'm not really sure if magnetic strip is actually present. It looks like there is, but I'm not sure it really is and is not just a graphic on a card... This includes debit cards as well as Mastercard. Only one local bank credit card is using only magnetic strip and that's about it.

 

And as far as I know card fraud has dropped dramatically since introduction. If I'm honest I'm not even sure how they do it now. I don't think skimming a chipped card is as easy as magnetic one and only ones that can be is something like Mastercard being used for online purchase in stores without 3D security which requires secondary authentication via phone. So it becomes incredibly narrow to abuse really.

 

You'd expect USA to be way ahead in this regard given their hyper consumerism...

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
5 hours ago, GoodBytes said:

Touted by Apple as a super secure credit card with its lack of numbers on the card, making it harder to copy, 9To5Mac reports a story of a user that has its card used in another state at the same time. Apple rep, when asked about the issue said it was a "very rare" occurance. And pushed again with the idea that the card has no number therefore safe. That said, as noted by the news source, card skimmers is a thing, the card has a magnetic strip and no secure chip + pin system (common issue with US credit cards), making it easy to copy.

 

 

In my opinion, it doesn't takes an experts to know that a popular method to steal credit card is the use of card skimmers who simply reads and copy the magnetic strip.

 

 

Source: https://9to5mac.com/2019/10/09/apple-card-security-cloning/

Cards in the UK are ALL chip & pin and have been for ages, they're even trialling ones with fingerprint chips in them. You can use contactless pay with these cards on transactions under £30, over that and you need to enter your pin. I think it's the same across the whole of Europe now.

 

Because of the RFID in cards, I got myself a wallet that blocks the signal so no one could stand behind me and try to read the card data... I recommend everyone does that.

System 1: Gigabyte Aorus B450 Pro, Ryzen 5 2600X, 32GB Corsair Vengeance 3200mhz, Sapphire 5700XT, 250GB NVME WD Black, 2x Crucial MX5001TB, 2x Seagate 3TB, H115i AIO, Sharkoon BW9000 case with corsair ML fans, EVGA G2 Gold 650W Modular PSU, liteon bluray/dvd/rw.. NO RGB aside from MB and AIO pump. Triple 27" Monitor setup (1x 144hz, 2x 75hz, all freesync/freesync 2)

System 2: Asus M5 MB, AMD FX8350, 16GB DDR3, Sapphire RX580, 30TB of storage, 250GB SSD, Silverstone HTPC chassis, Corsair 550W Modular PSU, Noctua cooler, liteon bluray/dvd/rw, 4K HDR display (Samsung TV)

System 3 & 4: nVidia shield TV (2017 & 2019) Pro with extra 128GB samsung flash drives.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

i'm waiting for more digital wallet things

 

one thing i like about china is basically the 2 most used payment forms are cash, and digital wallet(WePay from wechat, AliPay)

Don't forget to use the "Quote" feature or mention me ( @Gegger) if you want me to see your reply!

Community Standards // Forum Quickstart Guide // Floatplane // Forum FAQ // The Parrot Gang
Banned by Linus in the "banning game" thread who added insult to injury by putting this crap in my sig >(

WE ARE THE DARK SIDE Don't be a light theme peasant

Spoiler

             ........:oo:........

           o//ssssssssyhhysssss+////o               .''''''''''''''. 

          mddmmm/::ddddddddddddddmmmyss::/mmN       |   PARTY ON   |

          o..+oodddmmmhhhhhhhhhhhdmmmmmdddooy       | ,............'

         h::oyyhddmmm+++///////////++++++mmmddy::s  |/

      Nyyo[[sddhyyyyy::::::::::::::::::::yyymmh//oyym

     h..:oohmm+:://///::::////////////////+mmmmms..sNN

     m++sddmmm+::hddhhy::+ddddddddddddddhhhmmmmmdhh+++d

    Nsssyyhmmhssooodmmhhh::+mmdyyyyyyyyddddddmmmmmmmmo::d

   mmd../mmmmmo::shhdmmhhh::+mmhooooooooyhhmmmmmmmmmmmyssdmm

  +++++smmdddo::///dmmhhh::+mmhooooooooooommmmmddddmmmdd/++m

 ``+hhhmmhoo/:::::oooooossymmhooooooooyyymmdoooooydddmmo//N

 ++:mmmmmy:::::::::::::/yyhmmhooooooooyhhmmd:::::+yyhmmyssddd

ooommmmmy:::::::::::::://ommhooooooooooommd:::::://shhdmm+..

yyhmmh++/::::::::::::::::+mmhooooooooyyymmd::::::::/++hmm+//

dddmmh++/::::::::::::::::+mmhooooooooyhhddh:::::::::::hmmysshhd

mmmmmdhhs::::::::::::::::+mmhoooooooohhhhhy:::::::::::hmmhhh``+

mmmmmh++/::::::::::::::::+mmdhhsooooodmm++/:::::::::::hmmsss``+

dddmmhoo+::::::::::::::::+dddddyssyyydmm::::::::::::::hmmsoo++o

dddmmdhho::::::::::::::::+hhdmmddddmmmmm::::::::::::::hmmsooNNN

mmmmmh///::::::::::::::::+hhdmmmmmmmmddd::::::::::::::hmmsoo++/

yyhmmdss+::::::::::::::::/ooydddmmmmmsoo::::::::::::::yddhyy::+

++ommmmmy:::::::::::::::::::ohhdmmddd/::::::::::::::::shhdmmsssNNNmmN

..+mmmmmy:::::::::::::::::::://shh+//:::::::::::::::::://dmmmmdoo+..o

``+dddmmhss+:::::::::::::::::::+++/::::::::::::::::::::::ooodddhhysshNNy++m ``+hhdmmdhhs///:::::::::::::::::::::::::::::::::::::::::::::yyymmmmmmmmo++hNNmdd ``+hhdmmdhhhhh+:::::::::::::::::::::::::::::::::::::::::::::::/hhhhhdmmmmmsoo... ``+ddmmmdhhhhhyyyyyyyyyyyo:::::::::::::::::::::::::::::::::::::+++++sdddmmdhhsss//+ ``+mmmmmhsshhhhhhhhhhhhhhy++/:::::::::::::::::::::::::::::::::::::::+ssyyydmmddd///hhd ``+mmmmmy::shhhhhhhhhhhhhhhhs:::::::::::::::::::::::::::::::::::::::::::::ymmmmmmmh../ ``+mmmmmy:://////////////ohhhyy+::::::::::::::::::::::::::::::::::::::::::///hddmmmhhs++s ``+mmmmmhssssssssssssssssydddddysssssssssssssssssssssssssssssssssssssssssssssdddmmmmmy::s ``+mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmhooh

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
3 hours ago, ZacoAttaco said:

 'This new feature is so secure, it can't be broken'. Two weeks later, said feature is bypassed.

 

5 hours ago, GoodBytes said:

Touted by Apple as a super secure credit card with its lack of numbers on the card, making it harder to copy, 9To5Mac reports a story of a user that has its card used in another state at the same time. Apple rep, when asked about the issue said it was a "very rare" occurance. And pushed again with the idea that the card has no number therefore safe. That said,

It's not Apple's fault that they have to rely on the outdated magnetic strip to maintain compatibility. And the flaw is inherent to technology, so it really shouldn't have been a surprise. That said, it is more secure than a normal card with numbers on it, as it could be captured by a photo or video of it, but this one requires special equipment.

 

And AFAIK, it only seems to be the US stuck with magnetic strip cards while countries like India have mandated chip based cards a while back, while making magnetic strip inoperable. Correct me if I'm wrong, but once superpower US seems to be the one lagging behind in everything these days, from green energy, electric cars, mobile payments, app based economy and stores, etc. But that's a whole other topic

 

Also, the whole point of Apple Card is to push users to pay with their phone, which is far more safer than all the previous methods. And it only takes common sense to derive that fact as Apple is basically offering financial incentive of 2-3% on Apple Pay on iPhone compared to the poor 1% with the card. And they made sure the card looked iconic and premium, so people would actually join the program and overcome the first obstacle of using it.

 

In my opinion, the Apple Card is probably one of the most underrated new service Apple has offered that subconsciously is helping the industry move forward with complete mobile payments. I just wish it would launch in more countries pretty soon.

 

This is a great video by PhoneBuff explaining why Apple Card even exists

 

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
10 minutes ago, Anomnomnomaly said:

Cards in the UK are ALL chip & pin and have been for ages, they're even trialling ones with fingerprint chips in them. You can use contactless pay with these cards on transactions under £30, over that and you need to enter your pin. I think it's the same across the whole of Europe now.

 

Because of the RFID in cards, I got myself a wallet that blocks the signal so no one could stand behind me and try to read the card data... I recommend everyone does that.

The RFID in your card doesn't transmit the card number and stuff like the magstripe, it actually does encryption like the chip.  For my U.S. debit card anyways, contactless payments always ask for the PIN, and the card practically has to be touching the reader.  IMO, RFID skimming is really a non issue played up by companies trying to sell you more expensive wallets. 

Resident Mozilla Shill.   Typed on my Ortholinear JJ40 custom keyboard
               __     I am the ASCIIDino.
              / _)
     _.----._/ /      If you can see me you 
    /         /       must put me in your 
 __/ (  | (  |        signature for 24 hours.
/__.-'|_|--|_|
Link to comment
Share on other sites
Link to post
Share on other sites
Posted
5 hours ago, Beowulff83 said:

Well to be fair the chip readers were awful when they first deployed them.  Everyone hated it because of that and slow to adopt.  So once again we are in a land of in between.  We have both chips and mag strips on our cards.   Want to buy some groceries use the chip, unless its broken then you swipe.  Fuel up and pay at the pump its usually a mag strip.

 

But all in all its still pretty good to be in the USA, I hear our round up ready soy is pretty tasty.   

Not in Australia they weren't and the uptake was very quick.   We only have magnetic strip as a backup if the chip fails so strip readers are essentially useless here unless you steal the card first.

 

15 minutes ago, RedRound2 said:

 

It's not Apple's fault that they have to rely on the outdated magnetic strip to maintain compatibility.

But it is their fault for advertising it as more secure yet using the same bloody technology. 

Grammar and spelling is not indicative of intelligence/knowledge.  Not having the same opinion does not always mean lack of understanding.  

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
8 minutes ago, mr moose said:

But it is their fault for advertising it as more secure yet using the same bloody technology. 

Please, quote me where they said it was unhackable or impossible to hack, or anything that implied the same. It IS more safer than a traditional card. And when you look from a bird's eye view, they are pushing those same customers to use more safer means to transact, forgetting about other features like reminders for payments etc

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
26 minutes ago, FezBoy said:

The RFID in your card doesn't transmit the card number and stuff like the magstripe, it actually does encryption like the chip.  For my U.S. debit card anyways, contactless payments always ask for the PIN, and the card practically has to be touching the reader.  IMO, RFID skimming is really a non issue played up by companies trying to sell you more expensive wallets.

It does, If you download an app that can read them and tap it on the back of your phone, you get the number on your card and expiry date, which is all you need to use the card. 

372081321_Capture_2019-10-10-08-24-39.thumb.png.16ee9d28a680780460862c2ccf2392c8.png

Laptop:

Spoiler

HP OMEN 15 - Intel Core i7 9750H, 16GB DDR4, 512GB NVMe SSD, Nvidia RTX 2060, 15.6" 1080p 144Hz IPS display

PC:

Spoiler

Vacancy - Looking for applicants, please send CV

Mac:

Spoiler

2009 Mac Pro 8 Core - 2 x Xeon E5520, 16GB DDR3 1333 ECC, 120GB SATA SSD, AMD Radeon 7850. Soon to be upgraded to 2 x 6 Core Xeons

Phones:

Spoiler

LG G6 - Platinum (The best colour of any phone, period)

LG G7 - Moroccan Blue

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
2 minutes ago, RedRound2 said:

Please, quote me where they said it was unhackable or impossible to hack, or anything that implied the same. It IS more safer than a traditional card. And when you look from a bird's eye view, they are pushing those same customers to use more safer means to transact, forgetting about other features like reminders for payments etc

 

Just pointing out that you can't use tech limitations to excuse poor marketing.

Grammar and spelling is not indicative of intelligence/knowledge.  Not having the same opinion does not always mean lack of understanding.  

Link to comment
Share on other sites
Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing Tech News

×