Latest news with #Dh39
The National
29-04-2025
- Business
- The National
'Cyber criminals took Dh39,000 from my account as I planned my wedding'
At a time when UAE resident Ambia Hoque should have been excited for her wedding, she recalls being distressed when fraudsters transferred her credit card to their digital wallet. The experience left her emotionally and financially shattered. The 30-year-old marketing manager says her RAKBank credit card was fraudulently registered on Apple Pay to an unknown device without her authorisation. 'In the span of one hour, nearly Dh39,000 ($10,610) was drained from my account across multiple local and international transactions, which is completely out of character for my spending habits,' she recalls. 'Distracted by wedding preparations, I did not notice the transactions immediately, but the moment I did, I reported the fraud to the bank and filed a police case.' However, she claims the bank has refused to help, insisting that Apple Pay transactions are 'secure' and that she must bear the loss. Ms Hoque says she never shared her one-time password with anyone, yet her card was added to an unknown device. Transactions involving large sums were approved without any security checks. No fraud alerts were triggered, no verification was done, and Ms Hoque says she was left to discover the theft on her own. The bank has also charged her cash advance fees on the fraudulent transactions, she claims. As digital wallets gain popularity for their speed and ease, they become more attractive targets for cyber criminals. US consumer losses involving digital wallet fraud exceeded $347 million in 2024, according to Federal Trade Commission data. A digital wallet is an electronic payment storage system that houses your credit card, debit card and other financial information so you can conveniently pay for purchases by tapping your phone or other connected device at a merchant's contactless checkout terminal. It's usually facilitated by payment applications like Google Pay, Apple Pay or Samsung Pay. Ms Hoque says although the Central Bank of the UAE acknowledged her experience was fraud, since it happened through Apple Pay, both RAKBank and the regulator told her to bear the financial loss. 'Instead of focusing on my wedding and my new life with my husband, I was dealing with endless calls and emails, desperately trying to get back what was stolen from me,' she says. 'How is it fair that scammers can exploit us so easily while we're left to deal with the consequences? I just got married three months ago and don't have the funds to cover transactions I never authorised. How many more people need to fall victim before real change happens?' When she contacted Apple, Ms Hoque was told that Apple Pay is not a payment service and is not involved in authorising, executing or processing transactions. She was asked to raise any dispute related to the authorisation of a transaction or alleged fraud with the financial institution that issued the card, according to Apple's response seen by The National. While RAKBank refused to comment on individual customer cases, a representative says when account credentials are compromised outside of the bank's secure systems, the lender's ability to assist the customer is 'limited' and the appropriate remedy for customers in these instances is to reach out to law enforcement agencies and report the fraud. 'This is why we continuously urge customers to remain vigilant against fraud attempts and to safeguard their personal and banking information. We remain committed to support affected customers to the extent possible and to raising awareness on fraud prevention,' said the representative. Steve Cronin, a financial independence coach and founder of says banks and the UAE Central Bank need to step up to address this challenge, as many people's cards are being added to someone else's Apple Pay and then not getting reimbursed. He advises customers to limit the number of cards they have, use the bank's website or app to reduce their card limit, block international transactions and reduce the maximum transaction limit. He suggests even temporarily blocking cards that aren't used often. Avoid using debit cards online or in shops. Ensure SMS notifications are switched on for all cards. If you see anything suspicious, block the card immediately through the app and then call the bank. Some people have been reimbursed by complaining to Apple or even the merchant, Mr Cronin says. Carol Glynn, founder of Conscious Finance Coaching, says the burden of proof often falls on the consumer and stresses the need for stronger protections, clearer accountability between financial institutions and tech companies, and better education on digital security. Until then, awareness and vigilance are the best defence, she warns. Users should enable biometric and two-factor authentication, use strong and unique passwords, and avoid storing card details in unsecured apps to secure digital wallets, says Maher Yamout, lead security researcher for the Middle East, Turkey and Africa at cyber security company Kaspersky. 'Always download wallet apps from official stores and ensure your device is equipped with online payment protection. Users should also activate real-time banking transaction alerts to catch any suspicious activity, and lock both devices and financial apps with unique passcodes to secure sensitive data in case of theft or loss,' he suggests. 'Lastly, it's essential to have an endpoint security software or modern antivirus to protect against specific malware types that steal digital wallet details.' It's important to use only trusted providers like Apple Pay, Google Pay, Samsung Pay, or PayPal, and take the time to understand the security features each one offers, Mr Yamout recommends. Hackers exploit phishing, fake apps and malware-like banking trojans to steal login credentials or intercept one-time passwords, he warns. Ms Glynn suggests freezing the card immediately, cancelling it and reporting the fraud to the bank. Work with them on their refund request process. 'If you are not happy with their treatment of your case, you can log a complaint with the Central Bank of the UAE through their official channels. You need to give the bank 30 days after lodging a formal complaint with the bank to respond before you can approach the Central Bank. You can also file a police report, especially if large amounts are involved. This creates an official record that may support further action with your bank,' she says. 'Request a full investigation and ask your bank for documentation showing how and when your card was added to the wallet, including IP addresses and device IDs. If your bank refuses responsibility, you can also raise the issue with the consumer protection department at the Central Bank.' She explains that while the Central Bank has stated that Apple Pay transactions are considered secure, persistent complaints and a clear pattern of similar incidents could prompt further scrutiny or even policy changes in the future. While Apple Pay doesn't process payments themselves (the bank or card issuer does), Apple has a duty to investigate if a card was fraudulently added to their platform. Victims can contact Apple Support and request an investigation into when and how the card was added, the device ID and location linked to the unauthorised registration, and whether biometric or password protections were bypassed or exploited, Ms Glynn suggests. 'In some cases, Apple may provide supporting documentation that can be used to escalate the issue with the bank or regulator. However, Apple typically redirects liability to the issuing bank, because the bank is the one authorising the transaction once the payment leaves the Apple Pay environment,' she says. 'That's why it's so important for both companies to be held accountable and for consumers to push back when responses are dismissive.'
The National
29-04-2025
- Business
- The National
OTPs and outrage: How cyber criminals are exploiting digital wallets
At a time when UAE resident Ambia Hoque should have been excited for her wedding, she recalls being distressed when fraudsters transferred her credit card to their digital wallet. The experience left her emotionally and financially shattered. The 30-year-old marketing manager says her RAKBank credit card was fraudulently registered on Apple Pay to an unknown device without her authorisation. 'In the span of one hour, nearly Dh39,000 ($10,610) was drained from my account across multiple local and international transactions, which is completely out of character for my spending habits,' she recalls. 'Distracted by wedding preparations, I did not notice the transactions immediately, but the moment I did, I reported the fraud to the bank and filed a police case.' However, she claims the bank has refused to help, insisting that Apple Pay transactions are 'secure' and that she must bear the loss. Ms Hoque says she never shared her one-time password with anyone, yet her card was added to an unknown device. Transactions involving large sums were approved without any security checks. No fraud alerts were triggered, no verification was done, and Ms Hoque says she was left to discover the theft on her own. The bank has also charged her cash advance fees on the fraudulent transactions, she claims. As digital wallets gain popularity for their speed and ease, they become more attractive targets for cyber criminals. US consumer losses involving digital wallet fraud exceeded $347 million in 2024, according to Federal Trade Commission data. A digital wallet is an electronic payment storage system that houses your credit card, debit card and other financial information so you can conveniently pay for purchases by tapping your phone or other connected device at a merchant's contactless checkout terminal. It's usually facilitated by payment applications like Google Pay, Apple Pay or Samsung Pay. Ms Hoque says although the Central Bank of the UAE acknowledged her experience was fraud, since it happened through Apple Pay, both RAKBank and the regulator told her to bear the financial loss. 'Instead of focusing on my wedding and my new life with my husband, I was dealing with endless calls and emails, desperately trying to get back what was stolen from me,' she says. 'How is it fair that scammers can exploit us so easily while we're left to deal with the consequences? I just got married three months ago and don't have the funds to cover transactions I never authorised. How many more people need to fall victim before real change happens?' When she contacted Apple, Ms Hoque was told that Apple Pay is not a payment service and is not involved in authorising, executing or processing transactions. She was asked to raise any dispute related to the authorisation of a transaction or alleged fraud with the financial institution that issued the card, according to Apple's response seen by The National. While RAKBank refused to comment on individual customer cases, a representative says when account credentials are compromised outside of the bank's secure systems, the lender's ability to assist the customer is 'limited' and the appropriate remedy for customers in these instances is to reach out to law enforcement agencies and report the fraud. 'This is why we continuously urge customers to remain vigilant against fraud attempts and to safeguard their personal and banking information. We remain committed to support affected customers to the extent possible and to raising awareness on fraud prevention,' said the representative. Steve Cronin, a financial independence coach and founder of says banks and the UAE Central Bank need to step up to address this challenge, as many people's cards are being added to someone else's Apple Pay and then not getting reimbursed. He advises customers to limit the number of cards they have, use the bank's website or app to reduce their card limit, block international transactions and reduce the maximum transaction limit. He suggests even temporarily blocking cards that aren't used often. Avoid using debit cards online or in shops. Ensure SMS notifications are switched on for all cards. If you see anything suspicious, block the card immediately through the app and then call the bank. Some people have been reimbursed by complaining to Apple or even the merchant, Mr Cronin says. Carol Glynn, founder of Conscious Finance Coaching, says the burden of proof often falls on the consumer and stresses the need for stronger protections, clearer accountability between financial institutions and tech companies, and better education on digital security. Until then, awareness and vigilance are the best defence, she warns. Users should enable biometric and two-factor authentication, use strong and unique passwords, and avoid storing card details in unsecured apps to secure digital wallets, says Maher Yamout, lead security researcher for the Middle East, Turkey and Africa at cyber security company Kaspersky. 'Always download wallet apps from official stores and ensure your device is equipped with online payment protection. Users should also activate real-time banking transaction alerts to catch any suspicious activity, and lock both devices and financial apps with unique passcodes to secure sensitive data in case of theft or loss,' he suggests. 'Lastly, it's essential to have an endpoint security software or modern antivirus to protect against specific malware types that steal digital wallet details.' It's important to use only trusted providers like Apple Pay, Google Pay, Samsung Pay, or PayPal, and take the time to understand the security features each one offers, Mr Yamout recommends. Hackers exploit phishing, fake apps and malware-like banking trojans to steal login credentials or intercept one-time passwords, he warns. Ms Glynn suggests freezing the card immediately, cancelling it and reporting the fraud to the bank. Work with them on their refund request process. 'If you are not happy with their treatment of your case, you can log a complaint with the Central Bank of the UAE through their official channels. You need to give the bank 30 days after lodging a formal complaint with the bank to respond before you can approach the Central Bank. You can also file a police report, especially if large amounts are involved. This creates an official record that may support further action with your bank,' she says. 'Request a full investigation and ask your bank for documentation showing how and when your card was added to the wallet, including IP addresses and device IDs. If your bank refuses responsibility, you can also raise the issue with the consumer protection department at the Central Bank.' She explains that while the Central Bank has stated that Apple Pay transactions are considered secure, persistent complaints and a clear pattern of similar incidents could prompt further scrutiny or even policy changes in the future. While Apple Pay doesn't process payments themselves (the bank or card issuer does), Apple has a duty to investigate if a card was fraudulently added to their platform. Victims can contact Apple Support and request an investigation into when and how the card was added, the device ID and location linked to the unauthorised registration, and whether biometric or password protections were bypassed or exploited, Ms Glynn suggests. 'In some cases, Apple may provide supporting documentation that can be used to escalate the issue with the bank or regulator. However, Apple typically redirects liability to the issuing bank, because the bank is the one authorising the transaction once the payment leaves the Apple Pay environment,' she says. 'That's why it's so important for both companies to be held accountable and for consumers to push back when responses are dismissive.'
The National
08-03-2025
- The National
Dubai chefs are getting creative with matcha, but is it a recipe for success?
Originating in China in the 14th century before finding its way to Japan in the 16th century – where the bulk of it is still produced today – matcha has become a coffee shop staple around the world over the last 10 years. But more recently, especially in Dubai's creative cafes and restaurants, the caffeine-dense ingredient has been integrated into a multitude of different sweet and savoury dishes. Its earthy flavour often prompts a love or hate reaction. It is often sweetened in latte, so that those looking for its antioxidant properties can still reap its health benefits. The vibrant green colour of matcha is also part of the appeal, especially for experimental chefs. Here, The National taste tests some of the unique flavour combinations featured around Dubai. This Emirati-owned restaurant is known for its creative combinations of Nashville-style chicken burgers across five emirates. The menu has been boldened by a new addition – the matcha bundle. The bundle consists of a matcha beef Wagyu burger (Dh39) and matcha chicken fries ( a side of crinkle cut fries with fried chicken drizzled with matcha garlic sauce. The subtly sweet matcha paired with salty beef is a nice combination. The sauce has the earthy matcha flavour with an underlying taste of garlic, which formed an flavourful pairing with the melted cheese and tangy pickles. The sauce with the chicken and fries was unusual, the taste of matcha somehow felt more prominent, overruling any hint of garlic in the sauce, which can be an acquired taste. Verdict: It's an interesting take on the trend, but perhaps matcha pairs best with either a sweet taste profile to balance its earthiness or a distinctly salty one to bring out its sweetness. Various locations across the UAE Inspired by the city of Isfahan in Iran, executive chef Omar Basiony has created a complex flavour profile with this Isfahan rose cake and culinary-grade Japanese matcha (Dh70), combining Mediterranean and East Asian flavours. The dessert consists of a rose spongy milk cake with a cold scoop of lychee sorbet, topped with a foam-like matcha mousse and a crunchy meringue. 'What's difficult is that it's very defined and its flavour stands out in most dishes,' Chef Basiony told The National. 'It's exciting to experiment with matcha beyond its traditional uses.' The cold sensation is the first thing that jumps out. The creamy rose milk cake pairs well with the sharp yet sweet lychee sorbet, the floral and fruity flavours harmonising well with the earthy matcha. Verdict: This dessert is akin to having a cold, refreshing drink on a hot summer's day. The milky cake, cold sorbet and soft mousse melt together with every bite. This creative combination is a joyful adventure from beginning to end. J1 Beach, Dubai Nala cafe's culinary director and chef, Jill Okkers, chose to have a mild mix of both savoury and sweet matcha in her Pistachio Bostock (Dh45). It is soft French brioche bread layered with raspberry jam and pistachio, coated in batter and baked like a cookie. Once baked, the pastry is topped with a vanilla matcha mascarpone and more raspberry jam. 'It's like having a cookie for your breakfast,' said general manager and chef Sangiwe Khumalo. 'The matcha mascarpone goes well with pistachio and it's not too powerful. It doesn't overpower the pistachio, so all the flavours just come together.' Nala also has a pistachio matcha latte (Dh32). It's a creamy and sweet treat and great with the Bostock. Verdict: The two flavours most apparent in the Pistachio Bostock were the tart raspberry jam and the creamy matcha mascarpone, a bittersweet interplay of ingredients. This treat is for those who prefer their breakfast on the sweeter end. Al Quoz, Dubai For a twist on the traditional matcha latte, Bkry's iced coconut mango matcha (Dh42) and iced matcha with blueberry lavender cloud foam (Dh39) are ideal summer coolers. The tropical coconut and mango flavours bring out matcha's sweetness, which was a nice take on the ingredient. Blueberry and lavender weren't quite as overpowering, but a nice flavour combination nonetheless. Verdict: Both drinks were a welcome addition to the well-established matcha latte, elevating its taste without erasing its essence. However, the coconut mango matcha was the game-changer to be added to the regular orders. Al Quoz, Dubai Sweetness is often needed to offset matcha's naturally bitter taste and the Japanese pancakes (Dh50) at this Dubai cafe manage to do this without being too sweet. A milky matcha sauce flows over the stack of thick, fluffy pancakes with a texture that's akin to jelly, finished with a dusting of matcha powder. The dish is so picture-perfect, it's almost painful to cut through. Verdict: Lightly sweet and filling, it's the perfect combination of sweet and savoury. It's filling, so perhaps best served for breakfast rather than dessert. Although, there is a 40-minute wait time for this dish, it is worth the wait. Al Quoz, Dubai
