1 Journal of The Colloquium for Information Systems Security Education, Volume 8, No. 1, Fall 2020 Follow the Money Through Apple Pay Dominicia Williams Yen-Hung (Frank) Hu Mary Ann Hoppa Department of Computer Science Department of Computer Science Department of Computer Science Norfolk State University Norfolk State University Norfolk State University Norfolk, VA, USA Norfolk, VA, USA Norfolk, VA, USA
[email protected] [email protected] [email protected] Abstract—Rapid growth in the number of mobile phones payments and, since 2014, has been networking with some of and their users has brought ecommerce applications and the largest retailers to enable Apple Pay in all locations, mobile payments to the forefront along with raising significant nationally and internationally. Macy’s, Bloomingdale, new cybersecurity concerns. Consumer enthusiasm for “tap- Walgreens, Staples, Subway, McDonalds, Whole Foods and-go” purchases must be tempered with knowledge about Market, Apple retail stores, and Disney are some of the new risks and responsibilities that come along with these businesses that welcome Apple Pay for their fast and reliable payment technologies. This paper highlights and analyzes key services [3]. risks within end-to-end mobile-payment transactions through the lens of one of the most popular services: Apple Pay. Apple Pay security is realized through both hardware and Hackers are relentlessly adapting their ploys to breach these software [4]. When a new card is added, a device-only payment systems. Proactive approaches are identified to better account number is created for it and stored safely in the secure vulnerabilities in smartphones, networks, secure element; the card number is never stored or share with communication, consumers, merchants and banks, along with the merchant.