--- title: Mobile wallet fraud: Apple Pay liability shifts and rising fraud tactics source_page: https://www.sardine.ai/media/fraudology/episodes/mobile-wallet-fraud canonical: https://www.sardine.ai/media/fraudology/episodes/mobile-wallet-fraud format: text/markdown date: 2023-11-02T00:00:00Z description: Mobile wallet fraud is rising, exposing Apple Pay liability shifts, contactless abuse, and the payment risks banks and merchants must watch more closely --- **Quick links:** [Human page](https://www.sardine.ai/media/fraudology/episodes/mobile-wallet-fraud) · [Home](https://www.sardine.ai) · [Customers](https://www.sardine.ai/customers) · [Blog](https://www.sardine.ai/blog) · [Demo](https://www.sardine.ai/demo) --- # Mobile wallet fraud: Apple Pay liability shifts and rising fraud tactics **Published:** 2023-11-02T00:00:00Z Mobile wallet fraud is rising, exposing Apple Pay liability shifts, contactless abuse, and the payment risks banks and merchants must watch more closely Today I’m digging into mobile wallet fraud, which is one of those areas that looks incredibly convenient on the surface and can absolutely be that for legitimate customers. But when you look closer, it also creates some very specific fraud risks that merchants, issuers, and fraud teams really need to understand. In this solo episode, I break down the rapid growth of Apple Pay, Google Pay, and Samsung Pay, along with the year-over-year increase in fraud losses connected to digital wallets. And honestly, this is exactly the kind of issue that gets harder to manage when adoption rises faster than understanding. Because when a payment method feels modern and low friction, people sometimes assume it is automatically low risk. That is not how this works. I spend a lot of time in this episode on Apple Pay fraud specifically, including loopholes that can create opportunities for abuse, and the very real complexity around fraud liability shift depending on geography, how the wallet is presented, how it is processed, and what card type is funding it. That is the part that tends to create confusion. And confusion is usually where losses start getting misread. This also gets into a broader issue around fraud detection, contactless payments, and benchmarking. Because if fraud teams do not understand where liability actually lands, how fraud detection technology is being applied, and how mobile payment fraud is being measured, they are going to have a harder time explaining risk clearly to leadership. Here is what that means in practice: Mobile wallet fraud is growing alongside adoption of Apple Pay, Google Pay, and other digital wallet products Fraud liability shift in digital wallets is not always straightforward and can vary by payment flow, geography, and funding source Apple Pay fraud and other contactless payment fraud issues require teams to understand both technical flow and operational responsibility Fraud prevention gets harder when companies assume wallet convenience automatically means lower fraud exposure What you’ll hear in this episode: Why mobile wallet fraud has risen so sharply as contactless payments become more common How Apple Pay fraud works in certain scenarios and where loopholes can create opportunity for abuse What fraud liability shift means for merchants, issuers, and different wallet processing flows Why fraud detection technology has to be applied thoughtfully in digital wallet fraud prevention How benchmarking and anonymous industry surveys can help fraud teams communicate risk more effectively You should listen to this episode if you: Work in payments, fraud, ecommerce, banking, or risk and need a clearer understanding of mobile wallet fraud Want to understand Apple Pay fraud, Google Pay fraud, and Samsung Pay fraud in more practical terms Need to explain fraud liability shift and mobile payment fraud risk internally Care about contactless payment fraud, online payment fraud, and account takeover fraud tied to wallet usage Want better fraud prevention strategies for digital wallet fraud as adoption keeps increasing If you liked this episode, be sure to subscribe and review the podcast on iTunes, Spotify, YouTube, or wherever you listen to podcasts. It really helps with getting the word out. Episode notes & key takeaways Why mobile wallet fraud is rising with adoption Let’s break this down. One of the most important things to understand about mobile wallet fraud is that growth creates opportunity. As more consumers adopt Apple Pay, Google Pay, Samsung Pay, and other contactless payment methods, fraud naturally follows the volume. That part is not surprising. What is more important is understanding where the risk actually enters the flow. Because it usually is not as simple as “the wallet caused the fraud.” The wallet may be the interface the customer sees, but the fraud risk can come from compromised cards, account takeover fraud, weak provisioning controls, confused liability assumptions, or a failure to recognize suspicious behavior before a wallet is funded and used. That is where things get more complicated than the marketing version of contactless payments tends to suggest. And that matters. Because if merchants or banks assume digital wallet fraud is someone else’s problem, they may miss where their own controls are weak. The payment method may be newer. The underlying fraud patterns are often not. Here is what stands out: Mobile wallet fraud tends to rise as consumer adoption and transaction volume rise Digital wallet fraud often connects to existing weaknesses in identity, device trust, or card provisioning Contactless payment fraud is not always about the tap itself, it is often about what happened before it Fraud prevention has to account for the full payment journey, not just the final transaction event Why Apple Pay fraud and liability shifts create so much confusion Here’s what’s actually happening. Apple Pay fraud gets a lot of attention because Apple Pay is widely used, widely trusted, and often treated like a cleaner or safer payment path by default. In many cases, it does improve the experience. But from a fraud standpoint, the part teams need to understand is how risk and responsibility change depending on how the wallet is set up and used. That is where the confusion starts. Fraud liability shift is not one universal rule. It can depend on geography, network rules, whether the transaction is card present or card not present, how the wallet credential was provisioned, and what type of card is funding the wallet. So when companies oversimplify this, they end up making bad assumptions about who is absorbing losses and where better controls are needed. Right. And when the rules are not clearly understood internally, fraud teams may be blamed for outcomes that were never properly mapped in the first place. Or merchants may think they are protected in ways they are not. Or issuers may underestimate where Apple Pay fraud can still enter the system. A few practical takeaways: Apple Pay fraud should be evaluated in the context of provisioning risk, authentication, and transaction type Fraud liability shift can vary significantly depending on how the wallet payment is processed Mobile payment fraud becomes harder to manage when teams do not align on who owns which risks Online payment fraud and contactless payments both require a clear understanding of network and issuer rules Why provisioning and account takeover matter so much This is where the real risk often shows up. A lot of the fraud conversation around digital wallets focuses on the payment event itself. But the more important question is often what happened when the wallet was funded or linked in the first place. If a stolen card gets provisioned into a wallet, or if an attacker uses account takeover fraud to gain control of the right credentials, the fraud problem may already be in motion before the first transaction even happens. That is a problem. Because once a compromised account or card is successfully tied to a wallet, the downstream activity can look more legitimate than it really is, especially if teams are relying too heavily on the wallet brand as a trust signal. That usually does not end well. This is exactly why fraud detection has to start earlier. Teams need to think about identity, device, behavioral inconsistency, and unusual account changes, not just transaction authorization. The transaction may be where the loss appears. It is not always where the problem began. What good teams should be watching: Mobile wallet fraud often starts with compromised credentials or weak wallet provisioning checks Account takeover fraud can create a path into otherwise trusted wallet environments Fraud detection should connect account events, wallet enrollment, and transaction behavior together Card fraud in digital wallets may look lower friction to the customer while still being high risk behind the scenes Why fraud detection has to be applied differently in digital wallets This is one of the more practical parts of the discussion. Fraud teams often have tools that work reasonably well for traditional ecommerce fraud or card fraud, but those same tools do not always translate perfectly to mobile wallet fraud. Not because the tools are useless, but because the signal environment can be different. The wallet changes the data available, the customer behavior, and sometimes even the assumptions teams are using. And that matters. If companies apply fraud detection technology without adapting it to wallet-specific patterns, they may over-trust certain transactions or miss early signals that would have looked suspicious in another payment flow. That is why how fraud detection is used is just as important as whether a company has it at all. I also touch on the importance of measurement here, because benchmarking matters. When fraud teams have good comparative data, especially from anonymous surveys and reliable peer benchmarks, they are in a much stronger position to explain whether rising mobile payment fraud is isolated or part of a larger market shift. A few things worth paying attention to: Fraud detection for digital wallet fraud should reflect wallet-specific behavior and provisioning risk Payment fraud prevention gets stronger when teams compare wallet outcomes against broader industry benchmarks Contactless payments can create a false sense of safety if teams do not validate what the data is actually showing Good internal reporting helps leadership understand whether risk is rising because of fraud, adoption, or both Why mobile wallet fraud needs more attention now Honestly, the biggest takeaway here is pretty straightforward. Mobile wallet fraud is growing because digital wallet adoption is growing, and too many teams still do not have a shared understanding of where the risk starts, how liability shifts, and what controls matter most. That is the part that holds up. Apple Pay fraud, Google Pay fraud, and Samsung Pay fraud are not all identical, and the liability rules are not always simple. But the bigger lesson is the same across all of them. Convenience does not remove fraud risk. It just changes where you need to look for it. So if you work in payments, ecommerce, issuing, acquiring, or fraud prevention, this is the time to get clearer on wallet provisioning, account takeover exposure, fraud detection strategy, and internal ownership of losses. Because once mobile wallet fraud scales faster than your understanding of it, the cleanup gets much harder. That is the part I would pay attention to.