Vulnerabilities in Apple Pay, Samsung Pay and Google Pay allow attackers to make unlimited purchases using stolen smartphones enabled with express transport schemes, according to a research report from Positive Technologies. These findings were presented at Black Hat Europe this week.
In looking ahead to fraud transformation in 2022, it is good to
review where the conversation about 2021 began: with statistics
about perceptions and reality.
More than just survey results, this report offers expert analysis on
how to balance the competing priorities of business, customer and
compliance needs –...
Researchers at the University of Birmingham and University of Surrey say they have uncovered a vulnerability in the Apple Pay-Visa setup that could allow hackers to bypass iPhone’s Apple Pay lock screen, perform contactless payments and skirt transaction limits.
For fraudsters, there has been no respite. The fraud
economy took no pandemic hit. There was no
reduction in schemes among adversaries and they
experienced no job losses. Instead, shifts toward an increased dependency on digital channels have presented a myriad of new opportunities for illicit
In every industry, organizations continue to merge their digital and physical services within an omni-channel ecosystem. Routes to purchase are increasingly converging with in-store experiences being replaced by, or combined with, digital offerings. Digital payment solutions have also rapidly diversified, multiplying...
Este estudio de caso trata sobre una aerolínea que enfrentó dos grandes tipos de ataques en sus aplicaciones web y móviles.
Los atacantes utilizaban credential stuffing, lo que en algunos casos comprometió a casi 1000 cuentas de clientes en tan solo un día.
Descargue este estudio y descubra cómo Shape...
The latest edition of the ISMG Security Report features an analysis of lawmakers' grilling of Colonial Pipeline CEO Joseph Blount over his handling of the DarkSide ransomware attack. Also featured: How the FBI helped trick criminals into using an encrypted communications service that it was able to monitor.
Este estudo de caso discute sobre uma companhia aérea que estava enfrentando dois tipos graves de ataques em suas aplicações da web e de dispositivos móveis.
Os invasores estavam realizando ataques de credential stuffing, comprometendo, em alguns casos, cerca de mil contas de clientes em um único dia.
In financial services, there is a stark difference between defending against authorized versus unauthorized fraud incidents. James Hunt of Bottomline Technologies discusses the schemes and how to respond with a more dynamic prevention strategy.
The mobile channel saw great user adoption in 2020 - and it saw a corresponding increase in fraud incidents. Tim Dalgleish of BioCatch discusses mobile fraud trends and the role of behavioral biometrics in enhancing user authentication.
When it comes to finance, mobile banking or payments apps, maintaining customer trust is crucial to protecting brand equity and revenue. Cloud technology has eliminated the traditional network perimeter, leaving unsecured mobile endpoints vulnerable to attack. According to recent analyst research, mobile finance apps...