A magazine for news and discussion about a small Silicon Valley fruit company. ### See also
anyone with knowledge of a user’s credit card number and expiry date to track all journeys made within the past seven days.
Honestly, if someone has your CC number and expiry date the last thing I would be worried about is them being able to see my history of subway trips.
Probably, but I’d still argue that one of the things you shouldn’t have to worry about is that data easily revealing your location history. It’s just kind of a goofy feature for the transit system to offer that has a lot of abuse potential that most customers aren’t aware of.
If 9to5Mac were run by reputable journalists, this poorly-researched article with its conspiratorial conjectures would have been taken down already.
The explanation for the Apple Pay aspect is something called the Payment Account Reference (PAR). Mastercard has a brief overview. Everything is working exactly like it is designed and as advertised. Apple Pay is not (and cannot) send your full real card number, but if you give a merchant your real card number, they can look up a reference number shared by every token associated with the card.
If someone has your credit card number, you have worse problems than being tracked through a subway station.
Also the MTA has already disabled the feature that allowed for this.
Bot