A decade ago, a group of Johns Hopkins University grad students tried to hack one of the first commercially popular Near Field Communication payment systems – the kind of technology at the heart of Apple’s new mobile payment system. It took a few thousand dollars in gear and a few months of work. But the system, ExxonMobils Speedpass, was entirely hackable.十年之前，一群约翰霍普金斯大学的研究生就早已在尝试反击在商业领域正处于较为风行的近距离无线通讯技术（NFC）为基础的缴纳系统——这项技术就是苹果近期的移动支付系统的核心所在。这群研究生花费了几千美元制作了一个小装置，并经过几个月的希望，最后使埃克森美孚公司的电子收费系统，被反击得体无完肤。The key was reverse engineering the computer chip that broadcast the payment information for Speedpass. With hacking gear loaded into the back seat of an SUV, the students were able to spoof the Speedpass key fob.这次反击之所以需要顺利的关键之处在于用于了逆向工程（又称逆向技术，是一种产品设计技术重现过程，即对一项目标产品展开逆向分析及研究，从而演译并得出结论该产品的处置流程、的组织结构、功能特性及技术规格等设计要素，以制作出有功能相似，但又不几乎一样的产品。），使得计算机芯片中关于电子收费系统的缴纳信息流入。

通过可以摆放在越野车后座上的这种装置，这群研究生可以不费吹灰之力地戏仿埃克森美孚公司的电子支付密钥卡。“We could then just go out and buy things in your name,” recalled Matthew Green, now a research professor at Johns Hopkins’ who specializes in cryptography. “It was a fun project.”“我们可以过来用你们的名义卖各种东西。”现任约翰霍普金斯大学专门从事密码学的研究教授Matthew Green返回想当初的经历，“那感叹个十分有意思的实验。

”That may sound like a cautionary tale about the security of Apple Pay, which the company announced to fanfare on Tuesday as an efficient, secure new way to pay for a wide range of goods. But in fact, experts are excited about Apple Pay, arguing that it may herald a new era in transaction security and help end the rash of data breaches that have hit major retailers in recent years.对于苹果缴纳技术的安全性而言，这听得一起就像一个警告。在星期二的苹果发布会上，苹果公司声称，全新、高效而又安全性的缴纳手段——Apple缴纳可以出售绝大部分商品。专家们对于这项技术兴奋地赞不绝口，谈论着这项技术是将安全性交易带进了一个新的时代，并可以落幕数据外泄，这“老大难”的问题，让最近几年遭到压制的绝大部分零售商看见了一丝曙光。

Why?那其中的原因是什么呢？For starters, there are crucial differences between a Speedpass key fob and the iPhone that will be at the heart of Apple Pay. A key fob is dumb; it can transmit information but can’t do much else. An iPhone is smart; it can transmit information but also ask its user questions, such as: Do you really want to buy $75 worth of gas? To complete the transaction, the owner of the iPhone will have to confirm payment by placing a finger on the iPhone’s fingerprint reader, which comes standard on the iPhone 5S, as well the new iPhone 6 and iPhone 6 Plus.首先，决定性的差距就在电子收费密钥卡与苹果缴纳的相结合工具-----iPhone之间。密钥卡是会说出的，它除了传送着信息之外，没丝毫其他的用处，但是一台iPhone是十分智能的。它某种程度能传递信息还需要对使用者的不道德展开再行一次证实，比如:你知道想卖价值75美元的汽油吗？ iPhone的主人还要通过将手指放到Home键上已完成指纹证书，才能已完成本次交易。

这项指纹识别技术从5S上就早已开始用于了，在近期的iPhone6和iPhone6 Plus上也某种程度限于。This two-step process, experts say, could mark a major step forward in security of billions of dollars of transactions every day, particularly in the United States where antiquated credit card technology – long replaced in much of the world – is still the norm. This offers criminals mass hacking opportunities, as Target, Neiman Marcus, Home Depot and their customers have learned to their great dismay.专家们指出，这两步走的程序，为牵涉到巨额资金的交易获取了充足的安全性确保，因此，这项技术是交易领域突飞猛进的变革。特别是在对于美国而言，过时的信用卡技术在世界上正在渐渐被代替，这是个漫长的过程，所以，信用卡技术依旧还是目前少见的、规范性的交易手段。这给犯罪分子获取了大量可以用计算机展开黑客攻击的机会，作为已被黑客攻击过的倒霉鬼，尼曼，家得宝等大牌公司还有他们的消费者们都深受其害。

But more secure – even much more secure – is not the same as totally secure. Again, Apple offers a useful example. Security experts say iPhones are, in general, more secure than Android phones from viruses, hacks and government surveillance. But that superior security didn’t stop some sleazy, tenacious criminals from finding a way to steal intimate pictures from dozens of Hollywood celebrities and post them online.但是，更加安全性，甚至是更为更为安全性都无法等同于意味著安全性。苹果最近就再行一次沦为了“反面教材”。虽然安全性学专家声称，从病毒、黑客攻击、政府管制等各个角度来说，苹果系统大体上是比安卓系统安全性更加强劲的。

但极强的安全性系统依旧没有能阻挡一些颓废而又坚强的犯罪分子，他们寻找了某种方法盗取了十多位好莱坞明星的偷窥照并将其放在了网站上。（这就是最近闹得沸沸扬扬的“好莱坞艳照门事件”。）The weak point in Apple’s photo security, several experts have concluded, was not the iPhones used for taking many of the pictures; instead it was Apple’s iCloud service, which is both newer and, less secure than the iPhone itself.对于苹果照片安全性严重不足的弱点，各位专家早已得出结论，问题不在于iPhone本身摄制照片的原因，而是因为苹果云服务，它比苹果机子年长许多，因而更加比机子本身缺乏了一些安全性。

So what is the weak point in Apple Pay? Again, the iPhone itself has a strong set of security systems. The same may not be true of your thumb. People leave fingerprints everywhere, especially on the glass surfaces of their smartphones. Could somebody steal your thumb print and verify a purchase on Apple Pay without the actual iPhone’s owner knowing?那么，Apple缴纳的软肋又在哪里？苹果机子本身享有一套行之有效的安全性系统装置。但你的指纹是可以不实的。人们总会不经意间在四处留给自己的指纹，特别是在在他们智能手机的玻璃表面。有人需要偷走你的指纹，并在你从不知情的情况下，用于你的手机检验并出售商品吗？（我们不得而知。

本文来源：kaiyun官网-www.njsxkybj.com