Currently, Coca-Cola accepts Apple Pay at more than 40,000 vending machines across the U.S. However, the company plans to expand the number of vending machines accepting Apple Pay to 100,000 by the end of 2015. Unfortunately, the horror stories of fraud within Apple Pay have left many people cautious about the use of near-field communications (NSF) devices in such machines. Reports of fraud in Apple Pay have left many wondering how fraud can be prevented when using the innovative payment option. However, the greatest error lies at the fault of bank verification processes and poor vending machine maintenance.
Banks and Apple Pay Verification
According to Micah Singleton of the Verge, Apple Pay data encryption has not yet been breached. However, bank verification methods are lacking in protecting personal information. In most cases, a bank will use a customer call as a verification method for the addition of a new credit or debit card to Apple Pay through ‘green and yellow” verification processes. During the initial phase of verification, or the “green path,” the bank receives and transmits personal identifying information about that person’s transaction history and other purchases. Afterwards, the bank calls the phone asking for the customer to provide the four numbers of his or her social security number. Unfortunately, the last four digits of a social security number are easily accessible to criminals who have stolen someone’s identity. As a result, the card gets added to a new Apple Pay account, and the information is taken. However, the use of Apple Pay at vending machines requires another level of security.
Importance of Proper Vending Machine Maintenance
Vending machines are usually located in unmonitored or “hidden” areas, and thieves have a notorious history of breaking into them. The NFC device within the machine allows for a new type of break in: a digital break in. In order to ensure thieves have not installed software or are accessing information gathered by the machine, vending machine manufacturers must create and adhere to a strict maintenance schedule. For example, the NFC device could be used to transmit credit card numbers to a nearby hacker; however, a diagnostic scan of the device would identify and remove such malware. Furthermore, vending machine parts, especially the NFC device, may need to be completely replaced as an added security.
As society moves towards a highly-integrated, digital world, the presence of criminals will only continue to grow. However, Coca-Cola’s decision to expand the use of Apple Pay in vending machines stands as testament to the security features of their machines and Apple Pay. Before placing blame on vending machine manufacturers or Apple for fraud, banks must improve their verification methods, and vending machine manufacturers must ensure machine maintenance schedules do not falter.