"Vulnerability Exposes iPhone Users to Payment Fraud"

New research from the University of Birmingham and the University of Surrey has found that many iPhone users are vulnerable to payment fraud due to Apple Pay and Visa vulnerabilities.  The researchers stated that they could bypass an iPhone’s Apple Pay lock screen to perform contactless payments when the Visa card is set up in ‘Express Transit mode’ in an iPhone’s wallet. Transit mode allows users to make a quick contactless mobile payment without fingerprint or facial recognition authentication.  The team used simple radio equipment to uncover a unique code broadcast by the transit gates, or turnstiles, which unlocks Apple Pay. This code, dubbed ‘magic bytes,’ was used to interfere with the signals going between the iPhone and a shop card reader. The researchers could then trick the iPhone into believing it was interacting with a transit gate rather than a shop card reader by broadcasting the magic bytes and changing other fields in the protocol.  Therefore, this weakness could potentially be exploited by hackers to make transactions from an iPhone inside someone’s bag without their knowledge.  The technique even enabled the experts to bypass the contactless limit, enabling any amount to be taken without the iPhone user’s knowledge. This is because the shop reader believed the iPhone had successfully completed its user authorization.  The researchers stated that the vulnerability only applies to Apple Pay and Visa systems working together and does not affect other combinations, such as Mastercard in iPhones.
 

Infosecurity reports: "Vulnerability Exposes iPhone Users to Payment Fraud"