- Security flaw discovered in iPhones allows hackers to make contactless payment
- Experts published video proving they could take £1,000 from a locked iPhone
- Weakness lies in ApplePay and Visa systems and would affect commuters
A security flaw in iPhones allows hackers to make contactless payment without knowing the user’s passcode, researchers have found.
The issue affects users who have Visa cards set up to pay while in ‘transit mode’, a popular feature for commuters to make quick payments through gates.
Scientists discovered the flaw can also bypass the contactless limit – meaning any amount can be stolen.
Using simple radio equipment, they were able to interfere with the signals at turnstiles and fool the iPhone into thinking it was paying for travel – when in fact it was paying into a nearby card.
Experts at Birmingham and Surrey universities, who discovered the flaw, published a video proving they were able to take a £1,000 payment from a locked iPhone.
The weakness lies in the ApplePay and Visa systems working together and does not affect other combinations, such as Mastercard in iPhones, or Visa on Samsung Pay.
Dr Andreea Radu, of the University of Birmingham, said: ‘Our work shows a clear example of a feature, meant to incrementally make life easier, backfiring and negatively impacting security, with potentially serious financial consequences.
‘Our discussions with Apple and Visa revealed that when two industry parties each have partial blame, neither are willing to accept responsibility and implement a fix, leaving users vulnerable indefinitely.’
The flaw occurred when Visa cards are set up in ‘express transit mode’ in an iPhone’s wallet.
Using basic radio equipment, the team identified a unique code broadcast by the turnstiles, which can unlock Apple Pay. The researchers fooled the phone into thinking it was talking to a transit gate, whereas actually, it was talking to a shop card reader.
19:00 EDT 29 Sep 2021 , updated 19:04 EDT 29 Sep 2021