Skimmers are not a thing for Google Wallet / Apple Pay, no. Both these services use tokenization for transactions, meaning that even with your phone unlocked, no-one could grab anything via NFC that would allow triggering a transaction later, let alone clone your card. Even in this specific scenario described in the article (which requires your phone to be in the hands of the exploiter), the CVV of the card wasn’t exposed, so no-one can actually trigger a payment with this info except if they also have your physical card to read the CVV.
Google Wallet / Apple Pay are a million times safer than using your physical card, because the most common skimming attacks either just grab the magnet strip info if available or literally just read the info off the card optically including CVV, which allows for online transactions. None of these things are a concern with Google Wallet / Apple Pay.
But hey you know best right?
I worked as a TPM in financial services for almost 5 years, so yeah I think I’d know.
It was specifically stolen from Google Pay and contactless payments.
Skimmers are not a thing for Google Wallet / Apple Pay, no. Both these services use tokenization for transactions, meaning that even with your phone unlocked, no-one could grab anything via NFC that would allow triggering a transaction later, let alone clone your card. Even in this specific scenario described in the article (which requires your phone to be in the hands of the exploiter), the CVV of the card wasn’t exposed, so no-one can actually trigger a payment with this info except if they also have your physical card to read the CVV.
Google Wallet / Apple Pay are a million times safer than using your physical card, because the most common skimming attacks either just grab the magnet strip info if available or literally just read the info off the card optically including CVV, which allows for online transactions. None of these things are a concern with Google Wallet / Apple Pay.
I worked as a TPM in financial services for almost 5 years, so yeah I think I’d know.
It wasn’t.