Potential Apple Pay security weakness revealed

As an example of the on-going security benefits of the Wandera Secure Gateway we wanted to make you aware of this latest threat detection as an example of the on-going security benefits of Wandera for your employees’ personal data and your vital corporate resources.

Wandera security researchers have identified a social engineering method in which hackers can inject a fake captive portal page which pops up and imitates the Apple Pay enrolment process, prompting the user to enter their credit card details. These details, including the security code, can then be easily harvested and used for fraudulent purposes.


As Apple Pay is a relatively new technology (available in U.S and coming to U.K in July 2015) users aren’t yet completely familiar with the experience. This makes it more difficult for them to spot the difference between a fake card entry page and the genuine one.

Wandera is working with Apple to explain the attack method and discuss what can be done to mitigate the risk.

Free Trial

Trial for free and receive a custom audit report. Start by scheduling a demo of the service.