Exploring Cybersecurity in Apple Pay: a Study of Attacks and Vulnerabilities

EasyChair Preprint no. 13683

Abstract

In the ever-evolving landscape of e-commerce, the impact of mobile devices continues to reshape traditional norms. The increasing prevalence of mobile phones has driven a surge in online transactions and transformed payment execution. This shift is evident in mobile payments, with Apple Pay emerging as a key player. The adoption of mobile payments, exemplified by Apple Pay, extends beyond transactional efficiency, ushering in a paradigm shift in user behavior and expectations for a seamless financial experience. However, as reliance on mobile payments grows, security becomes paramount. This study scrutinizes the security aspects of Apple Mobile Payments by examining definitions, characteristics, and security policies. It investigates three key attack vectors: Apple Server breaches, SSL Transaction Traffic manipulation, and Masque Attacks. By exploring these vulnerabilities, the study identifies weaknesses and sheds light on methodologies, consequences, and mitigation strategies. The findings offer insights for users and practical implications for developers and policymakers. Emphasizing continuous research and adaptation, this study underscores the need to fortify mobile payment security. Addressing identified weaknesses aims to contribute to a robust ecosystem for all stakeholders. This research highlights the ongoing need for proactive measures to ensure the security and integrity of mobile payment systems in the evolving digital landscape.

Keyphrases: Apple mobile Payments, attack, Communication), NFC (Near Field, over-the-air (OTA), Point of Sale (POS), Vulnerability

@Booklet{EasyChair:13683,
  author = {Nouhaila Hanbali and Ahmed El-Yahyaoui and Ouacha Ali and Ehbali Chaima},
  title = {Exploring Cybersecurity in Apple Pay: a Study of Attacks and Vulnerabilities},
  howpublished = {EasyChair Preprint no. 13683},

  year = {EasyChair, 2024}}