Researchers have filmed a video showing how it is possible to exploit Apple Pay on iPhones to make large payments without unlocking the iPhone.
The video shows the researchers making a £1,000 Visa payment from a locked iPhone.
Apparently this is possible if a user has set up their Visa card for the Express Travel feature in the Wallet app. Express Travel is a feature that can speed up paying for travel at terminals on the London Underground and elsewhere. It enables users to tap in and out without having to unlock the iPhone first.
It seems that if the iPhone believes it is near a ticket barrier it can be fooled into making a payment even if it is locked. The researchers used radio equipment to trick the iPhone into believing it was near a ticket barrier and an app installed on an Android phone to relay the signal from the phone so that a payment could be taken.
While this is a proof of concept, not being exploited ‘in the wild’, it does demonstrate that payments could quite easily be taken from lost of stolen iPhones without them needing to be unlocked (although of course the Express Travel feature would need to have been set up).
The researchers claim that they alerted Apple to the issue a year ago.
Apple told the BBC: “We take any threat to users’ security very seriously. This is a concern with a Visa system but Visa does not believe this kind of fraud is likely to take place in the real world given the multiple layers of security in place”.
If you do have the Express Travel feature set up on your iPhone it might be wise to turn it off until Apple and Visa address the issue.
How to use Apple Pay on iPhone