Imagine your iPhone is in your pocket, completely locked, yet someone manages to withdraw thousands of dollars from your digital wallet without touching the screen or requiring facial recognition! This might sound like something out of a science fiction movie, but it actually happened in a real, albeit controversial, experiment. Security researchers from the Universities of Surrey and Birmingham carried out a sophisticated attack targeting the iPhone of popular YouTuber Marcus Brownlee (MKBHD), successfully withdrawing a whopping $10,000 from his locked device.
Fast-paced transport trick
The attack, highlighted by the popular Veritasium channel, exploits a vulnerability in Apple Pay's Express Transit Mode. This feature is designed to allow quick payments at subway and bus stations without needing to unlock your iPhone or use Face ID. However, researchers found a way to trick the phone into thinking it's at a transit station gate when it's actually at a fake card reader.
This requires physical access to the device and specialized equipment. An NFC reader connected to a laptop is used to intercept the connection. The NFC reader's ID is then modified to match the IDs of authorized terminals, and the collected payment data is sent to another phone (a compromised phone) which is placed near a legitimate card reader to complete the theft.
Why Visa cards specifically?
What's interesting about this vulnerability is that it only works with a very specific combination: an iPhone and a Visa card. It turns out the problem isn't with Apple's operating system itself, but rather with Visa's security protocols for handling express transfer transactions. The attack doesn't work with Mastercard or American Express cards because these companies use different security methods that can't be fooled in the same way.
Users of Samsung devices and the Samsung Pay service are also safe from this type of attack, which puts the ball in Visa and Apple's court to clarify who is responsible for this security gap that allows bypassing the limits of traditional transactions and withdrawing huge sums of up to thousands of dollars in a single operation.
Should you be worried about your money?
In response to this incident, Apple stated that the issue was related to the Visa system and that such fraud was unlikely to occur in the real world due to the technical complexity and physical access required. Visa, for its part, emphasized that its cardholders are protected by a “zero liability” policy, meaning that any fraudulent transactions of this nature can be easily recovered.
Simply put, you shouldn't worry
Experts believe that carrying out such a large-scale attack on the street would be extremely difficult, but it serves as an important reminder that technology, no matter how secure, can always contain unexpected vulnerabilities. If you're concerned, the simplest advice is to avoid using a Visa card as your primary source for "Fast Transit" on your iPhone, or simply disable the feature if you're not using supported public transportation.
Source:
5 comment