Earlier this week, Apple's new mobile NFC payment network, ApplePay, went live. From its first few days of life, huge issues are already popping up regarding ApplePay's security. Multiple users are reporting that using ApplePay has resulted in duplicate charges to their bank statement. CNN Money's Samuel Burke found out about the double spends after forgoing a card swipe and using ApplePay at several merchants:
I logged into my debit card account and found that I was charged twice for every purchase I made with ApplePay. A quick search on Twitter found other people with the same problem.
For security's sake, Apple doesn't keep any identifiable data for transactions, this means that this automatic error that has effected so many ApplePay users can't be changed by Apple. Of course, Burke went to customer service at both Apple and Bank of America and was unsurprisingly directed from one to the other again and again. Burke was able to get the transactions reversed by his bank, Bank of America, only after an hour on the phone in a three-way call with both Apple and Bank of America. The money was charged twice by the merchant paid with ApplePay, meaning the issue is most certainly on Apple's end. The issue seems to be isolated to users using ApplePay in conjunction with their Bank of America Debit Card, a very common occurrence. Burke heard from a source that Apple would be fixing this issue with their banking partner, and likely API, today on Wednesday. Apple declined to comment on the issue.
How Bitcoin Helps
Apple was able to double spend Bank of America's money for one simple reason: ApplePay is built on a pull transaction system. Instead of providing the necessary information for the merchant to pull funds from your card account at the end of the day via swipe, the data is provided via NFC in a more secure manner. However, when there is a bug in the system that issues two pulls, you end up with a double-spend/double-charge. The Bitcoin transaction system is built on push transactions and there is nothing in the system that allows for double spending as a bug or a feature. Bitcoin clients, the ApplePay equivalent in this example, are open source and as such, ApplePay-like bugs have long since been weeded out. On a meta-scale, ApplePay transactions occur on a centralized medium, and are intrinsically reversible; however, with the distributed/decentralized Bitcoin network, reversing transactions is a lot more difficult.
What do you think of ApplePay's glitch? Comment below!
Images from Shutterstock.