I wonder how many Apple Card cardholders always use Safari and Apple Wallet when making payments on their Apple Card. Cardholders that memorize the card data for use over the phone or use Google Chrome may find this new security feature frustrating.
There are several solution providers that have attempted to implement CVV codes that change on a regular basis. While I check my card transactions regularly (and most of my accounts send me notifications when the transaction occurs) I still feel that security is the problem for issuers and card networks since they have given me Zero Liability.
A much better approach that Apple should adopt would not require consumer effort. Utilize device fingerprinting and behavioral biometrics to consolidate account access with card user authentication techniques. This would also eliminate risk for low value and transactions performed directly on the iPhone. If the risk of the transaction is too high, then require step-up authentication using Face ID.
I thought Apple was a technology leader:
“Called Advanced Fraud Protection, the new feature automatically rotates Apple Card’s three-digit security code after users view the number in Wallet or it is auto-filled in Safari, according to an Apple support document.
As noted by Apple, Advanced Fraud Protection can be used without risking interruptions to streaming services and other memberships because merchants typically use credit card security codes only to authorize an initial payment.
Unlike other credit cards, Apple Card’s security code is stored in the Wallet app, not on the physical card. This allows Apple to rotate the number on its backend and digitally present the freshly generated digits to users.
While the feature increases security, cardholders should be aware that they will need to check the Wallet app for the latest code whenever making a purchase. For some, the minor inconvenience will be a small concession for added peace of mind.
Advanced Fraud Protection can be accessed on iPhone by navigating to the Wallet app, selecting Apple Card, tapping on the card number icon and authenticating with Face ID, Touch ID, or your passcode. On iPad, the option is in the Settings app under Wallet & Apple Pay.
Apple notes that the feature can be deactivated without impacting Apple Card transactions or recurring monthly subscriptions.”
Overview by Tim Sloane, VP, Payments Innovation at Mercator Advisory Group