Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

subjonas

macrumors 603
Original poster
Feb 10, 2014
6,270
6,756
The fraudulent purchases were declined thankfully (they were both around only $10). But according to my bank, they weren’t declined because they were thought to be fraud; they were declined because of an error in the way the card was trying to be used. The bank person suggested maybe someone was trying to set my card up with their Apple Pay. He didn’t sound sure. I don’t understand what the criminal was trying to do, and why it sent notifications to my Wallet app (though I’m glad it did so that I could take care of the issue quickly). I’m getting my card replaced, but this is very confusing and concerning. The bigger question here is obviously, is Apple Pay somehow susceptible?
Has anyone had the same experience or know what’s going on here?
 

PinballMagician

macrumors member
Jun 8, 2016
31
11
Doubtful. You have the option of turning on notifications for the cards in your Wallet. It may be the default. If you do, you get ALL purchases not just those using Apple Pay. At least, that’s how mine seems to work. YMMV.

I suspect someone as trying to use the number and didn’t have all the information so the charge was denied.
 
  • Like
Reactions: Newtons Apple

subjonas

macrumors 603
Original poster
Feb 10, 2014
6,270
6,756
Doubtful. You have the option of turning on notifications for the cards in your Wallet. It may be the default. If you do, you get ALL purchases not just those using Apple Pay. At least, that’s how mine seems to work. YMMV.

I suspect someone as trying to use the number and didn’t have all the information so the charge was denied.
I don’t see the option to turn on notifications for all purchases anywhere. In any case, I’ve never received Wallet notifications for non-ApplePay purchases on my phone before. I’ve been using Apple Pay for years, same phone, same card, and that was the only time.

What’s more, I don’t recall ever getting a declined applepay notification before, even when an applepay transaction was declined. But maybe it was a different type of decline. I don’t know, this is all still very confusing.
 
  • Like
Reactions: DeanL

danmart

macrumors 68000
Apr 24, 2015
1,581
1,075
Lancs, UK
Do you use Kickstarter or anything similar? They use a delayed charging mechanism and I have had failed transactions where they originally took the ApplePay details when I backed a project, but when the Kickstarter comes to an end they try to bill the card details again and can’t.
 

subjonas

macrumors 603
Original poster
Feb 10, 2014
6,270
6,756
Do you use Kickstarter or anything similar? They use a delayed charging mechanism and I have had failed transactions where they originally took the ApplePay details when I backed a project, but when the Kickstarter comes to an end they try to bill the card details again and can’t.
Mmm no, it was definitely fraudulent, confirmed by my bank. There were two transactions, one immediately after the other, both in different US states from where I live. One was a fedex store, and I haven’t been to one of those for probably a year. The other was a store I had never heard of.

Is it an American Express? If it is, it’s on by default even when you use the physical card or the numbers on the card.
No, it’s a visa. Where is this option though? If someone could show me a screenshot, that would be really helpful. But also, how would your wallet app know if you use your card by itself without Apple Pay?
 

ASUgrad1999

macrumors regular
Mar 13, 2012
180
152
Gilbert, AZ
No, it’s a visa. Where is this option though? If someone could show me a screenshot, that would be really helpful. But also, how would your wallet app know if you use your card by itself without Apple Pay?

I haven’t found the option to turn on/off non Apple Pay purchases. I get them on my AMEX but not on any others (Discover, MC, VISA). One of the reasons I use my AMEX as much as possible.
 

Newtons Apple

Suspended
Mar 12, 2014
22,757
15,254
Jacksonville, Florida
These things happen. I looked in my spam folder today to empty it and one of the email headers read: "Here is your password" and then listed a password I used many years ago. Lots of our data has been stolen and sits on the dark web until one choose to act on it.
 

subjonas

macrumors 603
Original poster
Feb 10, 2014
6,270
6,756
I haven’t found the option to turn on/off non Apple Pay purchases. I get them on my AMEX but not on any others (Discover, MC, VISA). One of the reasons I use my AMEX as much as possible.
Interesting, so amex sends each transaction to Apple? That’s a bit strange. I’d think it would only be the other way around. In any case, we can rule that’s not what happened here.

These things happen. I looked in my spam folder today to empty it and one of the email headers read: "Here is your password" and then listed a password I used many years ago. Lots of our data has been stolen and sits on the dark web until one choose to act on it.
Sure, credit card information gets out. How/why the transactions showed up as Apple Pay/Wallet app notifications is what is perplexing here.
 

NoBoMac

Moderator
Staff member
Jul 1, 2014
6,302
5,022
Just a guess here, as it's been a while since I've added a card to Wallet (and do not want to remove one just for testing purposes), but, depending on issuing bank, might not need much information off credit card to enter manually into Apple Pay on their device.

At that point, issuer might be doing standard security checks like what happened. Eg. real owner buys stuff generally in one city/state, and all of a sudden a charge going in across the country, especially if large? Especially easy to spot if card was used earlier in the day in home area.

Or, card was flagged if a bad guy was trying to guess, for example, the CVV code when trying to register. And when a possibly cloned card was attempted to be used, all sorts of flags go off (ie. a whole crew of thieves are using the CC skimmed off a standard swipe reader, for example).

Big issue: your Apple ID might be compromised. Go into appleid.apple.com and verify no strange devices are listed. And to be safe, change your password. This might be why you are seeing Apple Pay notifications.

ADD: in general, Apple Pay is secure. System is similar to the chip in credit cards. CC issuer generates a fake CC number that gets stored on the device in the Secure Enclave (no app/software access to that). Any CC transaction with Apple Pay sends the fake number with a random counter value, and if jives with what CC issuer has on file, they send back a one-time use CC number for the merchant to use. So if merchant's systems get hacked, the CC number they have for the charge for you cannot be used due to single use number (and that's maybe why the CC issuer flagged it: thieves hacked some merchant's system and tried to use the one-time use number and issuer knows it's a single-use number).
 
Last edited:

slippery-pete

macrumors 68020
Jun 23, 2007
2,284
1,263
I don’t see the option to turn on notifications for all purchases anywhere. In any case, I’ve never received Wallet notifications for non-ApplePay purchases on my phone before. I’ve been using Apple Pay for years, same phone, same card, and that was the only time.

What’s more, I don’t recall ever getting a declined applepay notification before, even when an applepay transaction was declined. But maybe it was a different type of decline. I don’t know, this is all still very confusing.
For Amex it is simple. Go to wallet/click on the card/then click ... in upper right hand corner/about half way down you'll see an area called "Transactions". make sure "show history" and "allow notifications" are turned on.

Absolutely love the feature. I funnel everything through my Amex and had 1 occasion where somebody used my card frequently. I called Amex right after I got notification, boom no charge went through and had new card the next day.
 

subjonas

macrumors 603
Original poster
Feb 10, 2014
6,270
6,756
Just a guess here, as it's been a while since I've added a card to Wallet (and do not want to remove one just for testing purposes), but, depending on issuing bank, might not need much information off credit card to enter manually into Apple Pay on their device.

At that point, issuer might be doing standard security checks like what happened. Eg. real owner buys stuff generally in one city/state, and all of a sudden a charge going in across the country, especially if large? Especially easy to spot if card was used earlier in the day in home area.

Or, card was flagged if a bad guy was trying to guess, for example, the CVV code when trying to register. And when a possibly cloned card was attempted to be used, all sorts of flags go off (ie. a whole crew of thieves are using the CC skimmed off a standard swipe reader, for example).

Big issue: your Apple ID might be compromised. Go into appleid.apple.com and verify no strange devices are listed. And to be safe, change your password. This might be why you are seeing Apple Pay notifications.

ADD: in general, Apple Pay is secure. System is similar to the chip in credit cards. CC issuer generates a fake CC number that gets stored on the device in the Secure Enclave (no app/software access to that). Any CC transaction with Apple Pay sends the fake number with a random counter value, and if jives with what CC issuer has on file, they send back a one-time use CC number for the merchant to use. So if merchant's systems get hacked, the CC number they have for the charge for you cannot be used due to single use number (and that's maybe why the CC issuer flagged it: thieves hacked some merchant's system and tried to use the one-time use number and issuer knows it's a single-use number).
Thanks for the input (and I did change my pw, thanks). I guess those are all possibilities, but I’m still pretty clueless to be honest. I should have also noted (especially for those thinking they weren’t fraudulent transactions), along with those first two small transactions, there were a slew of other small transactions that were attempted even while I was on the phone with my bank trying to figure out the issue. I only know this because the bank rep told me as it was happening. Those attempts didn’t show up as wallet notifications probably because by then my card was already cancelled.

For Amex it is simple. Go to wallet/click on the card/then click ... in upper right hand corner/about half way down you'll see an area called "Transactions". make sure "show history" and "allow notifications" are turned on.

Absolutely love the feature. I funnel everything through my Amex and had 1 occasion where somebody used my card frequently. I called Amex right after I got notification, boom no charge went through and had new card the next day.
That’s great, Amex seems to be a great card. But as far as the settings, those were already checked for me for my (non-Amex) cards, so I don’t think they have anything to do with getting regular card (non-Apple Pay) transaction notifications. I guess it’s just a feature Amex has set up automatically for their Apple wallet users.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.