Security News
Digital wallets like Apple Pay, Google Pay, and PayPal can be used to conduct transactions using stolen and cancelled payment cards, according to academic security researchers. These flaws - some of which have been addressed since responsible disclosure last year - allow an attacker armed with limited personal information to add an active stolen payment card number to a digital wallet and make purchases, even if the card is subsequently canceled and replaced.
Fraudsters can add stolen payment cards to digital wallet apps and continue making online purchases even after victims' report the card stolen and the bank blocks it, computer engineers with University of Massachusetts Amherst and Pennsylvania State University have discovered. Adding the card to a different wallet and making fraudulent purchases is made possible by the trust banks have in the digital wallet apps' security mechanisms.
A woman in the Indian city of Delhi last week found herself under "Digital arrest" - a form of scam in which victims make payments to criminals posing as law enforcement officers. Local media reported that the suspects had extorted others in a similar manner - posing as CBI officers and threatening to arrest family members of victims.
India's central bank on Wednesday proposed a requirement for dynamically generated second authentication factors for most digital payments. "Reserve Bank of India had mandated additional factor of authentication for all transactions undertaken using cards, prepaid instruments and mobile banking channels," explained the central bank.
About Bruce Schneier I am a public-interest technologist, working at the intersection of security, technology, and people. I've been writing about security issues on my blog since 2004, and in my monthly newsletter since 1998.
The trouble is that while we think of the world as a digital one, digital identity is a problem yet to be solved. As a blueprint for the national digital identity schemes, eIDAS 2.0 introduces the concept of the EU digital identity wallet.
The iShield Key Pro series from Swissbit addresses these challenges by offering top-notch security combined with effortless usability. The iShield Key Pro series makes this a reality, offering a powerful hardware security token designed to simplify your daily tasks while significantly enhancing your digital security posture.
About Bruce Schneier I am a public-interest technologist, working at the intersection of security, technology, and people. I've been writing about security issues on my blog since 2004, and in my monthly newsletter since 1998.
One of the obstacles on the road to broad adoption of the Digital ID concept is the lack of a general legislative framework for this form of identity proofing. In particular, 74% of respondents underscore the necessity for global digital ID standards and legislation to ensure interoperability of such IDs across borders.
As organizations pursue digital transformation, they urgently need to prioritize digital trust to achieve their goals and prepare for future market opportunities, legislation, and regulatory compliance, according to ISACA. The ISACA State of Digital Trust 2024 report finds that 77% of respondents agree that digital trust is crucial to digital transformation and 82% say digital trust will grow in importance over the next five years. Despite this recognition, almost 71% report that their organization provides no staff training on digital trust and only 21% of organizations plan to increase their budget for digital trust.