We are reader supported. External links may earn us a commission.


Apple Pay’s Express Transit feature may pose a threat to Visa users

By Samuel Martinez September 30, 2021, 6:45 pm

It seems that Visa users may want to stop using Apple Pay’s Express Transit feature to pay for their tickets. It seems that the service may have a flaw that may affect users with Visa, which would allow other people to perform large unauthorized payments from locked iPhones.

Apple’s Express Transit Express feature started working less than a year ago. This enables Apple Pay users to quickly perform payments without the need for authentication via Face ID, Touch ID, or a passcode. This service is quite useful when you want to pay for something while you’re in a hurry, and it’s especially convenient when paying at ticket barriers. However, researchers from the United Kingdom have demonstrated that this feature would also allow large unauthorized visa payments thanks to a hack.


This demonstration was performed by Computer Science researchers from Birmingham and Surrey Universities, where they exploited a weakness in the Visa contactless system thanks to a small piece of commercially available radio equipment that’s placed close to the iPhone and set as a fake ticket barrier.

This information was then used on an Android device to relay the signal from the iPhone to a contactless payment terminal that is used to authorize the payment.

The researchers managed to perform a Visa payment of £1,000 from a locked iPhone, and they also told the BBC that “the Android phone and payment terminal used don’t need to be near the victim’s iPhone.”

And it seems that Apple doesn’t worry too much about this issue, as the company told the BBC that this was a problem with the Visa system.

“We take any threat to users’ security very seriously,” said Apple. “This is a concern with a Visa system but Visa does not believe this kind of fraud is likely to take place in the real world given the multiple layers of security in place. In the unlikely event that an unauthorized payment does occur, Visa has made it clear that their cardholders are protected by Visa’s zero liability policy.”

“Visa cards connected to Apple Pay Express Transit are secure, and cardholders should continue to use them with confidence,” said a Visa spokesperson. “Variations of contactless fraud schemes have been studied in laboratory settings for more than a decade and have proven to be impractical to execute at scale in the real world.”

The easiest way to perform this attack could be with a stolen iPhone. Still, there’s no evidence that this hack has been used in the real world, but that doesn’t mean it can’t happen. In other words, you may want to have a Mastercard linked to your Apple Pay account. That way, you will avoid becoming a possible victim of this issue.

Source BBC


Latest Articles


Here's how the Apple iPod changed the world in 21 years

iPod was an industry-changing device at its time, and it had a massive impact on modern smartphones, and the way we listen to music. We take a last look at the now-discontinued Apple iPod and the history it leaves behind.

By Roland Udvarlaki May 11, 2022, 10:00 am

How to use Mic Modes in VOIP and FaceTime Calls

This guide will go over the steps you need to follow to activate one of the available Mic Mode settings on Apple Devices to begin using the feature and improve your calling experience.

By Aryan Suren May 10, 2022, 10:00 am

This iPhone 14 feature might urge users to upgrade

Until now, it appeared that iPhone 14 would only be a minor upgrade over the iPhone 13 series. However, a new leak suggests that the iPhone 14 will come with one feature that might urge users to upgrade.

By Sanuj Bhatia May 9, 2022, 5:00 am