This weekend, reports began to surface that some people who had made purchases on OnePlus' website were seeing unauthorized transactions pop up on their credit cards. OnePlus released a statement on its website saying that it was looking into the issue and today in an update, the company said it's shutting down credit card payments on its site. "This is a serious issue and we are investigating around the clock. As a precaution, we are temporarily disabling credit card payments at oneplus.net," it said. "PayPal is still available, and we are exploring alternative secure payment options with our service providers."
In the coming months, Australians will be able to transfer money between one another using only a mobile number or email address, with the country's New Payments Platform (NPP) allowing for the near real-time transfer of funds between bank accounts, regardless of the financial institutions involved. While the NPP has been touted as great for consumers, Nick Savvides, Symantec CTO for Australia, New Zealand, and Japan, told ZDNet it is an even greater opportunity for attackers as they will have the ability to move money quickly. These transactions are held for a number of hours to allow batch analytics to be run thoroughly and for time to isolate dodgy transactions. Under the NPP, banks will have 30 seconds to clear the settlement and forward the funds. "So now, all of that infrastructure that is built to do batch analytics doesn't exist anymore and they need to work in real-time, which means we now have to trust the authentication method," Savvides explained.
You're sitting at home minding your own business when you get a call from your Credit card's fraud detection unit asking if you've just made a purchase at a department store in your city. It wasn't you who bought expensive electronics using your Credit card -- in fact, it's been in your pocket all afternoon. So how did the bank know to flag this single purchase as most likely fraudulent?