Visa has announced that it has now issued more than 4bn tokens worldwide through its Visa Token Service, nearly double the total 12 months ago and surpassing the number of physical Visa cards in circulation for the first time... More
The Federal Bureau of Investigation (FBI) in the US has released a public service announcement (PSA) warning that “cybercriminals are tampering with QR codes” in order to steal data and funds and is advising consumers to “practice caution” when using them... More
As many as 110,000 fake digital and paper-based Covid-19 vaccination and test certificates are in circulation in France and more than 400 separate investigations into the generation of fraudulent ‘pass sanitaire’ health passes are underway, France’s Ministry of the Interior has revealed... More
A vulnerability in the way that Visa cards work with Apple Pay Express Transit mode “could enable hackers to bypass an iPhone’s Apple Pay lock screen and perform contactless payments”, researchers at the University of Birmingham and the University of Surrey have found... More
Visa has processed 500m additional PIN-less, touch-free transactions since contactless payment limits were increased in 29 countries across Europe in response to the Covid-19 pandemic, the card network reports... More
The introduction of the 3D Secure 2.0 (3DS2) protocol for strong customer authentication (SCA) could cost European retailers more than €100bn (US$116.7bn) in online sales in 2021, payments consultancy CMSPI predicts... More
US credit card payment volumes decreased by 7% in March 2020 compared with March 2019, Visa has reported, while cross-border transaction volumes have fallen 19%... More
The Central Bank of the UAE (CBUAE) has issued a statement strongly encouraging banking customers “to take advantage of digital and online banking services as a measure to protect the health and safety for UAE residents.”... More
PayPal says it has now fixed an issue with its Google Pay integration that saw multiple users reporting that unauthorized transactions were appearing in their PayPal history, ZDNet reports... More
A family-run vineyard in Italy has become the first in Europe to use NFC-equipped screw caps on its bottles to protect buyers from counterfeit wines... More
A survey of more than 150,000 Chinese digital payment users has found that two-thirds have come across deceptive QR codes and 40.8% have had their codes surreptitiously forwarded to other people in the past year... More
QR code scams rise in China, putting e-payment security in spotlight — South China Morning Post — “By replacing legitimate merchants’ codes with malevolent copies, fraudsters can gain access to consumers’ data and even raid their bank accounts… According to one senior official and technology expert, almost a quarter of Trojans — malicious programs disguised as benign software – and other viruses are transmitted though QR codes.”
The UK’s Financial Conduct Authority (FCA) has agreed to give card issuers and merchants an extra 18 months to implement Strong Customer Authentication (SCA), the new customer identity verification regulation which forms part of the EU’s revised Payment Services Directive II (PSD2)... More
Payment methods like Apple Pay and Google Pay will be used by US consumers to make transactions valued at a total of US$78.6bn this year, representing 1.6% of all US brick-and-mortar retail sales, according to a new forecast from 451 Research... More
CBA app wants your location, biometrics in name of security — CIO Australia — “If we see a transaction coming out of Hong Kong but we know from a customer’s phone they’re in Melbourne or Sydney: straight away that gives us an opportunity to spot a discrepancy and block it straight away… If we’re not sure we’ll pop into the app with a question in real time and we ask the customer to help us, and they can swipe or click to say yep I’m comfortable with this or no this is something I don’t recognise.”
Hack breaks your Visa card’s contactless limit for big frauds — Forbes — “To carry out their hack, the researchers used a specialised piece of hardware to intercept and insert messages in the communications between the card and the reader. For instance, they could tell the card that verification — like a PIN — wasn’t needed, even though the requested amount was more than £30. They then told the terminal that verification has already been made by another means.”
East publishes European fraud update — European Association for Secure Transactions — “Two countries reported mobile wallet fraud in relation to Apple Pay. One reported that mobile wallets are fast becoming the new money mules — fraudsters are enrolling cards that are not yet associated with a specific wallet. Another country reported that fraudsters are obtaining security codes through phishing, with which they can then install a mobile banking app on their own smartphone, using the victim’s data.”
Federal Reserve System white paper examines the effects of synthetic identity payments fraud — FedPayments Improvement — “A synthetic identity is created by using a combination of real information (such as a legitimate Social Security number) with fictional information (which can include a made-up name, address or date of birth)… Over time, fraudsters build up the creditworthiness of the synthetic identity, then ‘bust out’ by purchasing high-value goods and services on credit and disappearing.”
Apple’s update to its Core NFC framework for iOS 13 will include support for reading passports and ID documents, chip checker app maker Innovalor has confirmed to NFC World... More
Scam victims to be refunded by banks — BBC — “Previously, banks only tended to reimburse people if there was an obvious fault in the way the payment was handled by the bank. Some £354m (US$446m) was lost in this fraud to individuals and businesses last year, but only £83m (US$105m) was refunded… Now anyone who has taken reasonable care, or has any element of vulnerability, is much more likely to receive a refund of the lost money.”
