Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
You've missed that the OP is buying the gift card with Apple Pay. Therefore, no actual card number is supplied.

Ahh... yes. It was early (to me, anyway... jet lag).

Still, seems like an ordeal.

----------

When my card was replaced due to exposure in the Target hack, I had a heck of a time changing everything that was using that card - bills paid from it, mostly. I haven't actually lost any money yet -- that I am aware of -- but hack after hack after hack has proven that the retailers simply cannot be trusted to secure their networks. How many times will I have to replace my credit card due to each new breach? How long will I have to monitor my credit card statements and credit reports like a hawk?

In using Apple Pay, you are eliminating that risk for that transaction. So using Apple Pay is inherently a good thing, no matter what company is behind it, or if you are a fanboy or not. It simply makes sense.

Now, I shop at Target quite a bit, and every time I swipe my card there (or use chip & pin in the future), I am potentially exposing my card yet again.

If I use the Target iOS app and use Apple Pay to buy a Target Gift Card, then I eliminate that risk for that payment. I can use the gift card, and my exposure would be limited to potentially losing the value of that card. However, if I know I am going to spend $100 or so, I can simply order a $100 card and use it nearly immediately. Is it perfect? Heck no. Does it limit my potential exposure? Heck yeah.

Get better credit cards. My company called me in the evening when someone tried to use a card that they'd mocked up with my credit card number that was stolen from Target (this was in April, so it was months after the Target breach last December). They asked me if I was at Walmart in a city about 2.5 hours from my house. I told them I don't even go into Walmart DOWN THE STREET from my house. They told me my card number was evidently stolen, and I wouldn't be responsible for a dime (the thieves bought something, then tried to get cash twice before Walmart took possession of the card and their money/merchandise). I'm not sure if they were arrested and I don't really care.

My point is that good credit card companies are on top of this stuff.

We had to take a few trips to the Bay Area in the past 12 months and the first few times we went there we got locked out of using our own cards by Chase and Discover until we informed them that we were traveling.

Our other cards seem to have limits on dollar amounts before the red flags go off if you're traveling, but they also have these. I think that a lot of companies have become much more secure.

I like the idea of using Apple Pay, but this is really up to the retailers and there's no way on earth to predict whether or not Apple Pay might be compromised at some point. It's all too new yet.
 
Get better credit cards.

My point is that good credit card companies are on top of this stuff.

there's no way on earth to predict whether or not Apple Pay might be compromised at some point. It's all too new yet.

Kinda hard to do without recommendations from people with positive experiences like yourself. :)

There is a way to predict whether or not something might be breached: Performing a security analysis/security audit on it.

Unfortunately, Apple has not released all of the details required to perform such an analysis. I am hopeful that more of those details will emerge in the future. However, what we can discern from what they have provided is very encouraging to me.
 
I actually think that it's contractual; the MCX merchants are only allowed to accept CurrentC for some exclusive period (2 years, apparently) by some reports. CVS and Rite-Aid found out essentially by accident that NFC payments were going through, and MCX dropped the hammer.

It will be interesting to see if any members (re-)enable NFC when that exclusivity period ends. I think that the brouhaha could very well play into their business decisions down the road.




Perhaps I missed that nuance. But if I were going to pay for the Target card with cash, why wouldn't I just pay for the merchandise in cash?
If it is contractual, the pitchforks are even more ridiculous, because it won't change things.

If you buy a card with cash, you can use it again and again, without having to carry cash with you each time. To me it doesn't even make sense to go through the trouble you posted, so it also doesn't make sense to get the cash out. I was merely explaining what the other poster meant. If you want to pay without a credit card at Target without constantly carrying cash with you, it has already been an option.

Anyway, what matters here is that you found an Apple pay option that works for you, for now. Far be it from me, or anyone else, to tell you you shouldn't do that.

On a small side note, I have all of my bill pay on a separate card/ account. This way if anything does happen to the main card I use, there is much less work involved in getting back up and running. I've had to have a card replaced once, and since my bank does instant temporary ATM cards, it wasn't much more of a hassle than heading into a main branch. This is not to say that Apple pay isn't better. But we've known about it, and how it works, for something like two months. I just can't get myself to freak out like a lot of people have here.

----------

Kinda hard to do without recommendations from people with positive experiences like yourself. :)

There is a way to predict whether or not something might be breached: Performing a security analysis/security audit on it.

Unfortunately, Apple has not released all of the details required to perform such an analysis. I am hopeful that more of those details will emerge in the future. However, what we can discern from what they have provided is very encouraging to me.

Agreed. Simply understanding how the system works, a hacker would need to actually get into each persons physical phone to steal information. I won't say that not possible. I will say that's infinitely more work than hacking into a database that stores millions of customer's info, if for no other treason, because once the system it's breached, it doesn't need to be breached again and again and again in the manner Apple pay would.
 
If it is contractual, the pitchforks are even more ridiculous, because it won't change things.

The histrionics are useful in that they demonstrate consumer sentiment. If CVS sees the stars aligning with Walgreens instead of them, maybe it spurs an exit from MCX (or merely an acceptance of other payment methods) once their exclusivity/membership expires.

Simply understanding how the system works, a hacker would need to actually get into each persons physical phone to steal information.

Actually, that wouldn't work - your credit card number is never stored in your iPhone.

When you scan the card with the camera (you don't take a picture that is stored, as some have alleged) or manually enter the data, the phone negotiates the replacement token - the "Device Account Number" ("DAN") with the bank directly. The DAN is then stored in the Secure Element. Your credit card info is not.

The only place that can be breached with Apple Pay is the bank itself. But then, that's the same risk it's always been, when you think about it.

What is eliminated here is breaching anything in between the terminal you use your card at and the terminus at the bank - which, of course, is where the vast majority of the hacks have taken place - at the retailers.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.