Apple Card Gains Advanced Fraud Protection in iOS 15

[cmaier]

"more secure by changing the three-digit security code associated with the card on a regular basis"

Changing any password regular is NOT secure (well, it is, but confuses the hell outta users)

Making a strong password is better..

Now, for a company focused entirely on privacy they sure do seem like adopting the same sort of options to gain their "goal"

The code is not a password. Changing it regularly acts like a one-time pad, which is among the most secure ways to protect a transaction. Making the code longer wouldn’t be much help, since the card networks and issuers velocity-check attempts at authorizations. Guess wrong on your security code a couple of times and your card is locked.

 

[Hammerd]

No they don’t:

As a security measure, merchants who require the CVV2 for "card not present" transactions are required by the card issuer not to store the CVV2 once the individual transaction is authorized.[8] This way, if a database of transactions is compromised, the CVV2 is not present and the stolen card numbers are less useful. Virtual terminals and payment gateways do not store the CVV2 code; therefore, employees and customer service representatives with access to these web-based payment interfaces, who otherwise have access to complete card numbers, expiration dates, and other information, still lack the CVV2 code.

The Payment Card Industry Data Security Standard (PCI DSS) also prohibits the storage of CSC (and other sensitive authorisation data) post transaction authorisation.

Individual transaction but when you choose to store your card on Amazon or Paypal, they must store it. Try adding a new delivery adress on amazon and you’ll see it’ll ask you to confirm it

 

[cmaier]

Individual transaction but when you choose to store your card on Amazon or Paypal, they must store it. Try adding a new delivery adress on amazon and you’ll see it’ll ask you to confirm it

No, they don’t store it. When they ask you to confirm they mean “tell it to us so we can confirm it with the issuer.” That is why they don’t show you the code - they don’t know it.

Under no circumstances is a retailer allowed to store it. If they did store it, then the card network would remove their ability to accept that type of card. This is literally one of the top few most important rules enforced by the card networks.

 

[johnediii]

Citizen one bank declined my iPhone payment because I turned this on and it changed the code.

 

[dohspc]

I just noticed the security code is showing as 000 on my card iPhone/iPad. It took forever to add the Apple Card when setting up the iPhone 13 earlier today and I turned on advanced fraud when it was first announced. I guess I will delete it later and re add it.

 

[sunman42]

Nope. It doesn't protect YOU. It protects the bank. The LAW protects you - you have ZERO liability for fraudulent charges. While there is the nuisance of waiting for a new card, there is no reason to worry about CC fraud. Funny how many ppl have been trained by the banks to think that taking all kinds of security precautions (as evidenced by the comments here) is somehow "protecting" you. I couldn't care less if my card number/CID get stolen. In fact it happens frequently. So far in 2021, $10K charged at an electronics store in the UK, $700 charged for some diet food service, all my Chase points stolen for Apple gift cards, and $1200 to a Vegas hotel I haven't stayed at (all different events and different cards). None of the physical cards were lost/stolen - this was all electronically compromised (probably by merchants with bad cybersecurity). I just call the bank, they credit my account and express mail me a new card, and we start all over. No big.

You must spend a lot on your cards, or have an awfully nice bank or three. When my Visa card got compromised recently (the third time since the beginning of the pandemic), the issuing credit union was on top of it right away, but would only offer three-day shipping of the new card for a fee of $20 and change, and considerably more for overnight. Since I had other cards, I opted for snail mail. Thanks to Louis de Joy, that took nearly two weeks. I’m beginning to think banks are realizing card compromises are a potential profit center, by gouging for prompt replacement of the cards. If I were a paranoid type, I might even suspect the banks of doing the compromises themselves.

 

[sunman42]

I’m trying to imagine what sort of security threat(s) this is designed to mitigate. Are some online vendors with lousy security storing the codes longer than they’re supposed to? Are hundreds of thousands of yutzes falling for phishing attempts by characters who’ve purchased their card numbers, expiration dates, and email addresses from dark web sites? It would be nice if Apple provided some background.

 

[mlody]

You must spend a lot on your cards, or have an awfully nice bank or three. When my Visa card got compromised recently (the third time since the beginning of the pandemic), the issuing credit union was on top of it right away, but would only offer three-day shipping of the new card for a fee of $20 and change, and considerably more for overnight. Since I had other cards, I opted for snail mail. Thanks to Louis de Joy, that took nearly two weeks. I’m beginning to think banks are realizing card compromises are a potential profit center, by gouging for prompt replacement of the cards. If I were a paranoid type, I might even suspect the banks of doing the compromises themselves.

It is never a good idea to only have 1 CC. Most recommend 2-3 to combat issues like this and to profit from better deals/cashbacks etc.

 

[dontwalkhand]

It is never a good idea to only have 1 CC. Most recommend 2-3 to combat issues like this and to profit from better deals/cashbacks etc.

I have more than one, I choose to only carry my Apple Card and keep only the Apple Card in my Wallet app for simplicity. I have a physical wallet that only holds my Apple Card, my DL, and my transit card (soon hopefully the last one will go away as the new system will just be a virtual card).

My state is also one with the DL in Wallet app coming up. We have a regular app already with it but it’s too cumbersome to really use.

 

[Scoob Redux]

You must spend a lot on your cards, or have an awfully nice bank or three. When my Visa card got compromised recently (the third time since the beginning of the pandemic), the issuing credit union was on top of it right away, but would only offer three-day shipping of the new card for a fee of $20 and change, and considerably more for overnight. Since I had other cards, I opted for snail mail. Thanks to Louis de Joy, that took nearly two weeks. I’m beginning to think banks are realizing card compromises are a potential profit center, by gouging for prompt replacement of the cards. If I were a paranoid type, I might even suspect the banks of doing the compromises themselves.

I do spend a lot on cards (which makes it hard to spot unauthorized transactions). In the case of the $700 Vegas hotel charge, I noticed it 4 months later and the rep said "why did you pay your full bill" and I was like "I didn't notice that charge in a 5-page statement!" ha! Was yours a Visa credit or debit card? Credit cards usually offer more protection, and the bank also wants to get a new one in your hands as quickly as possible (you know, so you can SPEND more!)