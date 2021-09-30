Apple Pay failure with Visa cards allows payments without owner authorization
Researchers have found a flaw that allows Apple Pay payments to be made from a locked iPhone, without the knowledge of the device’s owners.
This This method works even if the iPhone is in a pocket or in a backpack, and it also ignores the Apple Pay transaction limit.
Researchers at the University of Surrey in the United Kingdom, during a study on proximity payments, found that iPhones confirm transactions under certain conditions, such as password entry, Touch ID confirmation (fingerprint) and Face ID (face recognition).
Every day a summary of the main news in the tech world for you! However, in some scenarios, such as payment for public transport in European countries, the payment confirmation process becomes cumbersome for users. That’s why Apple introduced the “Public Express Transport” function, which allows transactions to take place without the need for authentication. Public Express Transport only works for specific services, such as London Underground turnstiles, which have payment devices that emit a specific data string designed to activate this Apple Pay function. According to the researchers, Apple Pay Express Public Transport mode, combined with a Visa card, can be used by criminals to make payments without users’ knowledge.
How it works
Public Express Transport only works for specific services, such as London Underground turnstiles, which have payment devices that emit a specific data string designed to activate this Apple Pay function.
