• Fri. Feb 23rd ,2024

Researchers discover Visa, Apple Pay contactless payment hack


By   Rini Dalvi

Date: Sep 30, 2021

A recent study has reportedly unveiled a new, potentially severe lapse in Apple Pay security. According to the researchers from Birmingham and Surrey Universities, large unauthorized contactless payments can be made through locked iPhones by exploiting how an Apple Pay feature, that allows commuters to make quick payments at ticket barriers, functions with Visa.

The researchers have reportedly demonstrated this in a video that showed a contactless Visa payment of £1,000 (USD 1343.64) being made without unlocking the iPhone.  

Speaking on the matter, Apple Inc., stated that it is a concern with a Visa system.

While on the other hand, Visa has stated that the payments were secure, and hacks of this sort are impractical outside a lab.

However, the researchers mentioned that the problem applies to Visa cards that are set up in 'Express Transit' mode in the iPhone's wallet.

For the uninitiated, Express Transit is an Apple Pay feature that allows commuters to make faster contactless payments without having to unlock their phone.  

As a part of the demonstration, the scientists reportedly placed a tiny commercially available piece of radio equipment near the iPhone, which dupes it into believing that it is dealing with a ticket barrier. At the same time an Android phone using an app developed by the researchers relays the signals from iPhone to a contactless payment terminal. The terminal can be in a shop or can be the one controlled by the criminals.

The iPhone's communications with the payment terminal are manipulated to make it look like the iPhone has been unlocked and the payment is authorized. This can enable high-value transactions without entering a PIN, Face ID, or fingerprint.

Commenting on the new finding, Visa stated that it took all security issues seriously. However, Visa cards that are connected to Express Transit are safe, and users can continue using the cards confidently.

Apple put out an official statement that said the company takes any security threat to its users' security very seriously. Adding that the demonstrated payment exploit is of concern with the Visa system, which Visa has deemed unlikely to be reproduced in real-world settings considering the multiple levels of security that is currently in place.

Source credit: https://www.bbc.com/news/technology-58719891


Rini Dalvi

Rini is a professional content writer with immense experience, and has written some fantastic technical and entertainment blogs. She completed her graduation in IT engineering, however, her zeal for writing engaging articles made her pick content development as a full-time career. She currently pens down articles for littlesaigoncollective.com Her other interests include reading, dancing, and cooking.

Related Post

Bank of Korea begins second-phase testing of CBDC on Samsung devices

Date: Sep 30, 2021 Rini Dalvi

Amazon’s fashion store to use algorithms that curate customer outfits

Date: Sep 30, 2021 Rini Dalvi

Samsung and Vodafone launch first 5G open RAN site in the UK

Date: Sep 30, 2021 Rini Dalvi