Forgetting your wallet at home may no longer be a problem when picking up prescriptions or incidentals, as the nation’s biggest drugstore chain and other major retailers partner with Apple and its new mobile payment system. Apple’s new mobile payment system — Apple Pay — could certainly make life for consumers much easier. But the move also makes the iPhone a virtually indispensable — and invaluable — piece of property that will be even more vulnerable to security risks if lost, stolen or hacked.
Walgreens, Target, Staples, McDonald’s, Sephora, Starbucks, and Groupon are among the 12 retailers to accept Apple Pay in October. The system was unveiled Sept. 9 along with the latest iPhone and the highly anticipated Apple Watch.
Apple Pay will allow consumers to pay for items using near field communication, a wireless technology that transmits payment information from the mobile device to a store’s checkout system. The SIM card in the mobile phone, which stores users’ personal information and allows them to connect to their carrier’s network, will help verify users’ accounts, according to TechRadar, and act as a digital wallet that holds credit card and banking information. The iPhone 6 and Apple Watch are the first Apple devices to feature the system.
Smartphones already carry a host of sensitive personal data through mobile apps and web activity, including financial information, usernames, passwords and home addresses. But because the payment system would be tethered to the iPhone 6 and use WiFi to transmit credit card or banking information, the device would be even more valuable to hackers or thieves.
Over 3 million smartphones were stolen in 2013, almost half of which were never recovered. Besides their value on the black market, the personal and financial information on stolen smartphones can prove lucrative.
Even when consumers take precautions, their phones can still be at risk for hacking and fraud. For example, research hackers were able to lift account usernames and passwords from passersby by using a drone that masqueraded as a trusted WiFi network.
Last week, Apple’s iCloud storage service suffered a targeted breach where nude celebrity photos were stolen and distributed online. Apple said the security breach affected only certain celebrity accounts and was not a result of a security flaw on its end. The company, however, also announced that it patched a security flaw that may have exposed users data and has vowed to beef up security measures.
The celebrity photo scandal also revived a broader conversation surrounding consumer privacy and large scale breaches. Breaches have increased in recent years with retailers such as Target and more recently Home Depot being prime targets. As a result, many of those whose information gets stolen also become victims of identity theft — which is on the rise. The trend has even taken a toll on the economy by stifling job growth as businesses spend billions fighting cyberattacks.
But the security risk is the same if not greater when hackers home in on security weaknesses in website encryption. The Heartbleed security flaw, which was allegedly exploited by the U.S. National Security Agency, went undiscovered for two years and exposed millions of usernames, passwords, Social Security Numbers and financial account information from nearly 70 percent of the world’s websites. And as technology continues to evolve with more of consumers’ everyday lives centered online and on mobile devices, similar cybersecurity breaches will likely become more commonplace.
This post was updated to reflect news from Apple’s live event Sept. 9