Security Exploit Could Allow Hackers to Steal Money via Apple Pay Express Transit from Locked iPhones

BY Chandraveer Mathur

Published 30 Sep 2021

Security researchers have discovered a new vulnerability with Visa cards that allows hackers to withdraw money from them when they are set as the default card for Express Transit in Apple Pay (called Express Travel in the UK).

The Express Transit feature on Apple Pay allows contactless transactions for public transport such as the London Underground. Since the transaction values are usually small and the daily transaction limit is capped, Express Transit does not require the user to authenticate transactions using Face ID or Touch ID. This also saves time and enhances convenience when tapping in and out at the train gates.

In a demonstration of the new vulnerability shared by The Telegraph, a hacker could trick this contactless system to perform arbitrary transactions and steal money from a locked iPhone without the user’s knowledge. However, for this to work, the hacker would need to be in physical possession or proximity of the victim’s device.

The researchers demonstrated that by mimicking a signal from a public transport terminal, the victim’s iPhone could be coerced into paying the hacker. However, the security researchers demonstrating this vulnerability were also able to bypass the cap on the maximum value of transactions and were able to process a £1,000 payment, all without requiring the victim’s authentication.

Apple noted that the fault is with Visa’s systems. The company added that any unauthorized payments would be covered by Visa’s zero liability policy.

“Visa cards connected to Apple Pay Express Transit are secure and cardholders should continue to use them with confidence,” a Visa spokesperson said. They added that variations of contactless fraud schemes have been studied in laboratory settings for over a decade and have “proven to be impractical to execute at scale in the real world.” The Visa spokesperson claimed that the vulnerability’s discovery did not mean people were at risk.

Although Apple is passing the blame over to Visa and Visa believes that customers are still secured, the exploit is specific to Visa cards set as the default for Express Transit on Apple Pay. Pairing a MasterCard or American Express card to Express Transit doesn’t put the user at risk.

Related Articles

Retail Apple Store India First Image

Apple Enforces Exclusivity, Bans 22 Rival Brands Near First Retail Store in India

Sriansh

Don’t Hang Up During Accidental Crash Detection Calls, says Apple

Dave Johnson
Universal Control

Users Reporting Issues With Continuity Features on macOS 13.3 and iPadOS 16.4

Sriansh

Apple Says It’s Closer to a Completely Carbon-Neutral Supply Chain

Dave Johnson
must-have-ipad-pro-pencil-apps-featured

IPAD PRO 2

Oct 30, 2016

11 Must Have Apps for Apple Pencil and iPad Pro Users

Khamosh Pathak

iPad Pro is a beast of a machine. Yes, it runs iOS but don’t let that fool you. iOS has many ways to be productive and for doing creative work. Granted, it’s different

Read More

MACOS

Jun 13, 2016

‘Apple File System’ Is the Company’s New File System for watchOS, iOS, tvOS, and macOS

Rajesh Pandey

It has long been rumored that Apple is working on a new file system to replace the archaic HFS+ file system that macOS currently uses. The company was expected to announce a new file system

Read More
Apple volunteer

APPLE NEWS

Mar 16, 2015

‘Apple Global Volunteer Program’ will let employees sign up to help local communities

Evan Selleck

Apple is no stranger to donating large sums of money to a cause, or to even help diversification within the tech industry. But now it's aiming to donate some individual human hours as well,

Read More

Want to know more about apple Products

We launch new articles subscribe and get updated. MAX 1 email a week. No spam, ever.

Cancel