Its not spoken about anywhere much outside the dark web, but APT has significant vulnerability to fraudsters. To the best of my knowledge some of the issues include:
APT uses only the most basic ID verification system (one piece of stolen ID will open an account, these are readily available for cheap purchase on the darkweb).
The APT account name does not need to match the cardholder name
The APT account name does not need to match the ID being verified ( ID= Seventh Seal but Account Name = Eight Elf is OK)
APT splits the transaction cost of larger ticket items into 4 parts (so the credit card attached to the account is only processing 1/4 of the full transaction price...one of the key metrics fraud prevention systems use is the size of the transaction relative to available credit limit and balance so APT effectively reduces the size of the individual transaction processed on the card by 3/4
APT allows users to attach and remove multiple credit/debit cards to an account (so 4 different cards could be used for each part-payment thereby again flying under the radar of most fraud prevention systems)
APT allows immediate payment of the 4 part transaction (so the fraudster using 4 stolen cards can clear the balance immediately and generate a new code for a further $500 transaction on a brand new account...and even then delete cards used and use new set of 4 stolen cards meaning multiple transactions on the same card in short succession will not appear, bypassing fraud detection)
APT assumes all risk for card not present AND card present fraud. Retailers assume all risk and penalties (roughly 7% of transaction value) for card not present (online) fraud when accepting credit/debit card payment and as such spend millions in fraud detection systems and departments. One seldom spoken reason why retailers love APT...massive reduction of fraud burden is transferred to a foolhardy babe in the woods.
In Aus and NZ online and card fraud is booming. However the USA is THE target of fraud globally. Card Not Present Fraud currently sits at $US6.4 BILLION annually and growing exponentially (up 50% in a few years and increasing at a growing rate). Card present fraud has halved in the past 3 years thanks to Chip n PIN technology. However APT is now offering the potential to circumvent this in-store with a phone-generated barcode.
This is not a down-ramp. I am a holder. But these facts have prevented me buying the dip. APT is walking into this bear trap in the USA blindly assuming risk. Online fraudsters are a community. How to guides, forums...none of these things are difficult to find. A quick look on the darkweb markets will quickly reveal a series of hackers selling stolen credit cards and providing how to guides for all payment processors (paypal, square et al) to assist their ongoing sales efforts. Once you step into the USA market in a meaningful way you will get crucified if your house is not in order. Knocking back 50% is to my mind nothing more than recognition of the fact they have no idea what they are doing with fraud prevention IMO.
