New security research reveals that a combination of flaws in both Apple Pay's Express Transit feature and Visa's card system leaves users vulnerable.
Apple Pay – How it Works and 1 Tip Everyone Should Use
Computer scientists from the University of Birmingham and the University of Surrey have published a paper on the new cocktail of flaws on GitLab. Their research suggests that it is possible for someone to generate fraudulent payments even if the iPhone is locked. The risk comes from the mix of Apple Pay's Express Transit (also known as Express Travel) and Visa's credit card system, meaning other credit card brands and payment methods are unaffected.
The vulnerability specifically occurs when you have a Visa credit card set up for Express Transit, which allows you to make contactless payments for mass transit purposes. The report says issues could arise if an attacker uses a contactless EMV reader like Clover or Square.
With the right preparation, attackers can “…bypass the Apple Pay lock screen and illegally pay from a locked iPhone.” Whether the phone is stolen or safely stashed in a backpack, they can make fraudulent charges if they can get close enough.