I’m traveling on vacation and I received an apple wallet notification that a payment was declined for Kohl’s. I was not at Kohl’s recently, did not attempt a Kohl’s purchase and I’m concerned someone stole my apple pay information. I shut down my card in case but I need someone to tell me if my phone has been compromised?
[Re-Titled by Moderator]
iPhone 6, iOS 11
This exact thing happened to me last week while I was at work i receive the wallet notification saying declined. It said it was at a store down the street but it was not me. I had my phone and my physical card on me so i was very confused. All you could really do is block the card immediately, call your bank and issue a new one. I’ve read articles about workers (any worker you hand your card to such as a drive thru) taking pictures of card numbers and selling them to people but they may not have had the full information hence it declining.
This exact thing happened to me last week while I was at work i receive the wallet notification saying declined. It said it was at a store down the street but it was not me. I had my phone and my physical card on me so i was very confused. All you could really do is block the card immediately, call your bank and issue a new one. I’ve read articles about workers (any worker you hand your card to such as a drive thru) taking pictures of card numbers and selling them to people but they may not have had the full information hence it declining.
Most of these are. (Or require that the planets be in a certain alignment …. )
For this potential threat, simple risk avoidance is a no cost proposition to me.
It appears to be a US Bank credit card. Have you talked to US Bank? If so, what did their fraud department say?
Are these Apple Pay transactions? Apple Pay information can’t be stolen. Your credit card information stored on IPhone is encrypted and stored in the Secure Enclave, which has never been compromised, even in a proof of concept. Merchants never have card information when you use Apple Pay. The bank has the card information and they also have the encrypted card information and the key to decode the encryption. No other entity has the key, not Apple, not iPhone, not merchant and not you.
Only the bank approves or declines transactions. Apple’s role is to securely send encrypted data to the bank and then share the approval or decline for the transaction. If approved or declined, the only identifier the merchant has is the last 4 digits of the card number. The digits are used to identify and process returned items.
this happened too me. the payment showed up on apple wallet but not the actual bank account. as well i rang the place and they checked CCTV and the people used an actual bank card (not mine obviously) could my iphone be compromised ?
Jeff: Re: “… card installed on another device’s wallet … “
Could this not be simply that U.S. Bank is reporting non-ApplePay transactions (including suspected-fraud “declines”) to the OP’s wallet? (ala AmEx)
Adding the card to another AppleID is indeed possible, but much harder given the verification steps which would be also required.
Just trying to “think this one thru” in my own mind.
Sorry, that was the short simple version, but it would also require a compromised 2FA. There are bots that send fake notifications in an attempt to compromise the 2FA and then add the card to Apple Pay with the compromised data. There are also reports that public charging stations are being used to compromise data. When you plug in the iPhone, you’re actually plugging into a computer that will clone the device, or essential components and gather personal and financial information.
Thanks for the added detail. That all now “computes.”
I for one NEVER plug into a public charging station’s - or a rental car’s - USB.
Folks might assert that I’m being paranoid, but it’s simply not that much harder for me to use the adjacent AC or DC power outlet.
Which is probably why I’m quite well-stocked with power adaptors. 😉
Both the FCC and FBI have warnings about >Juice Jacking< which is the power station hijacking. It can install malware which will send financial data to the thieves and allow them to verify the cards using the banks website and/or mobile app and bypass 2FA. They say special charging cables can even contain the malware/code and install it on the device plugged into the cable. Skimmers are incorporating the ability to capture the PIN code at transaction terminals and ATM’s.
Jeff Donald wrote:
Both the FCC and FBI have warnings about >Juice Jacking< which is the power station hijacking. It can install malware which will send financial data to the thieves and allow them to verify the cards using the banks website and/or mobile app and bypass 2FA. They say special charging cables can even contain the malware/code and install it on the device plugged into the cable.
It's my understanding that it is more hype than a significant danger.
Chattanoogan wrote:
Most of these are. (Or require that the planets be in a certain alignment …. )
For this potential threat, simple risk avoidance is a no cost proposition to me.
Indeed.
I guess my point in posting is that there is enough in the world that we really do need to worry about that adding things to our worry-overloaded brains that aren't really an issue is just stress-inducing and not all that helpful. Yes, we could get hit by falling space debris but I don't need NASA posting warnings about it.
Hi did you receive an update on what happened or why it happened ?
The card information was compromised and added to Apple Pay and used by a fraudulent actor. Your bank should cancel the card and reissue a new account number and physical card.
FYI, I’m a regular and devoted follower of Krebs on Security. 😉
How to handle Unauthorised Apple Wallet notifications while traveling
