-
Although bankers are (hopefully) less likely to store compromising selfies in the cloud, the infiltration of celebrities' iCloud accounts illustrates the danger of saving anything with a consumer-oriented cloud service.
September 2
For Apple, the timing couldn't be worse to launch a mobile wallet.
The Cupertino, Calif., company is
Apple may launch a mobile wallet next week when it unveils its next iPhone, and it has reportedly partnered with Visa, MasterCard and American Express as part of this effort. Last year, Apple set the foundation for a mobile wallet through the launch of the iCloud keychain, which stores users' credit card information for online shopping.
Mobile wallets can be a tough sell for many consumers, and brand image is a key element in winning their trust. The telcos behind the Isis mobile wallet learned this lesson, and have committed to rebrand their product to eliminate any possible association with the ISIS militant group.
In the wake of the celebrity photo leaks, "Apple has to provide the utmost of security and strong authentication to really assure the consuming public that their personal information and payment credentials are safe," said Richard Crone, chief executive of San Carlos, Calif.-based payments consulting firm Crone Consulting LLC.
The celebrities' leaked intimate photos were likely obtained through brute-force password cracking of iCloud accounts, according to
Apple did not respond to PaymentsSource inquiries by deadline. In a statement on its website, Apple said: "After more than 40 hours of investigation, we have discovered that certain celebrity accounts were compromised by a very targeted attack on user names, passwords and security questions... None of the cases we have investigated has resulted from any breach in any of Apples systems including iCloud or Find my iPhone."
Apple has survived negative publicity before. The iPhone brand remains strong after the 2010
"We've seen in the past that Apple has a fairly resilient brand," said Julie Conroy, senior analyst and fraud expert with Boston-based Aite Group.
A few years ago Apple endured some negative publicity when consumers learned the iPhone's tracking capabilities could reveal their location even when the phone was switched off, Conroy said. "But this is a beloved consumer brand and those types of things fade away fairly quickly."
If Apple is determined to launch a mobile wallet next week, the iCloud scandal will not deter it, Conroy added.
"With the brands involved... there is just too much lined up and too much at stake in a launch for Apple to do any sort of delay," Conroy said. In addition, early indications are that the photo scandal has more to do with "poor credential management" on individual accounts than it does with a problem with Apple hardware, Conroy said.
Even if iCloud was not to blame for the celebrity photo leaks, any Apple wallet would face strong scrutiny from security researchers. Earlier versions of
Apple has been steadily emphasizing its security capabilities, most notably through the addition of the TouchID fingerprint system in last year's iPhone. And if Apple finally
If Apple is working directly with the card brands, it would likely have even more security tools at its disposal, including tokenization of card data when payments are initiated through mobile devices.
"They have the ability to do multi-factor authentication that ties the device to the consumer, their user name and password to that device, with biometrics capability for simplifying the process as well," Crone said.
A hacker getting through the front door of iCloud to steal photos is far different than "the Fort Knox that Apple has in securing and protecting payment credentials," Crone added. And Apple has already demonstrated its ability to protect payment data through the 800 million iTunes accounts it manages, he added.
"No bank has that many payment credentials stored," Crone said.