Friday 26 April 2013

Malicious Android apps can steal credit card data

An Android app can skim the credit card data even if it is in a pocket by scanning the details and steal the information for unauthorised usage.

Mobile payments enabled through the mobile apps, mobile wallets and near field communication technology certainly seems like the next major thing waiting to happen. That has caught attention even of the hackers and fraud makers.

CBC News reported about an Android app which could steal the credit card information in a second if you simply wave the phone, with app running on it, in front of your credit card.

CBC News carefully avoided naming the Android app but claims to have informed Google about the app's existence.

The Android app can easily steal credit card information even if the card is in the pocket. The malicious app needs to be running on a phone and the user simply has to wave around the pocket area to capture all credit card details.

Meanwhile US based financial security service provider, Seccuris Inc's Michael Legary has also bolstered this claim saying that his company has investigated cases where phones paired with such apps were used to commit credit card fraud. He says the app has become a tool for organised crime in Europe. "They don't even need to talk to you or touch you, they can get information about who you are,” he said. "That may make you more of a target for certain types of crime."

Meanwhile, both Visa and Mastercard claimed that their services have multi-layer security to face such threats.

"Multiple layers of security and advanced fraud detection technologies that protect every Visa transaction have helped keep Visa's global fraud rates near historic lows," Visa stated in an email statement sent to the CBC.

Mastercard also responded saying, "Though it's rare that a fraudulent transaction would take place, in the event that unauthorised use of your MasterCard card occurs with fraudulent cards or devices, MasterCard cardholders are protected by MasterCard's Zero Liability Policy, which means they are not held liable for unauthorised transactions."

While the credit card companies ensure that no unauthorised use of the payment cards is made, an average consumer clearly overlooks that and believes that the bank would be the one freezing or releasing the amount. The existence of the apps that can steal your credit card information is seriously shocking and more disturbing is that it is in the Google Play Store. We hope Google does a strict scanning of such apps and removes them before any harm is done.

Mobile Payment certainly may have enabled several for quick and easy payments but such loopholes may disturb the process of convincing consumers.

No comments:

Post a Comment