There were a lot of major retail hacks last year, and that trend doesn't appear to be stopping anytime soon. So, what are hackers doing with all those stolen credit card numbers? It looks like some of them are using Apple's popular Apple Pay feature to store the numbers and buy stuff.
Apple Pay makes it too easy for bad guys to add stolen credit card numbers to their gadgets. But, it might not be Apple's fault. According to payment expert Cherian Abraham, participating banks haven't perfected their credit card authorization techniques and it's allowing hackers to use stolen cards.
However, the weakness identified by Abraham occurs at an earlier stage, when a user is adding a credit card to Apple Pay. When a user adds a card, Apple says it sends information such as the type of phone, the last four digits of the user’s phone number and the user’s general location to the issuing bank, which decides whether to provision the card for Apple Pay.
The problem is banks aren't always doing their best to verify the card owner's identity before authorizing the card's use on Apple Pay. Banks can ask for additional information, but that doesn't always help. In some cases, the banks ask for the user's Social Security number, but that won't always work because hackers often have access to that information.