Title: Who’s In Your Wallet? Exploring Mobile Wallet Security
Author: Kelly Sheridan
Publish Date: October 25, 2021
Website: www.DARKReading.com
COVID-19 has affected us in so many ways over the last two years – our health, our values, our economy all with safety in mind, for the most part. Social distancing has been a key factor in our changes in behavior. Also increasing our awareness of surfaces we touch, how close we come to people and other things. Remember the days of writing checks? Non-existent. I don’t even own a checkbook. Paying in cash – rare for me, but still relevant. Credit/debit cards – only when forced to. What is my new way of paying? Venmo, Apple Pay — my virtual wallet on my phone or my watch. I’ve uploaded all my credit cards, debit cards, rewards cards, into my “wallet” and now I no longer TOUCH a card or a payment console.
Now this makes my life easier but is it secure. For the most part yes but inconsistencies in what is required to bring up your payment method may make you more vulnerable than you think. This article explores the theft of phones and then using them for services that by pass your authentication. Particularly in public transportation in London, where payments can be made via virtual wallet that do not require a password or a fingerprint to process.
If you want to read the on more details as to how this was tested in the field, check this link out. Timur Yunusov will be giving a talk on 11/11 and 11/12 at the Blackhat Europe 2021 Conference.
-Vanessa
Leave a Reply
You must be logged in to post a comment.