I love paying with my iPhone. I use Apple Pay at grocery stores, vending machines, and really anywhere else that’s compatible. However, if you use Apple Pay, too, be warned—a recently discovered security flaw could allow hackers to steal from right from your mobile wallet, particularly if you use public transit.
Now, the fault doesn’t lie with Apple Pay as a whole, rather, one specific feature of it: Express Transit. This option is great for anyone who commutes via public transit—with Express Transit, you don’t need to authenticate a metro purchase with Face ID or Touch ID. Instead, you simply hold your iPhone up to the terminal, and the transaction is instantly approved. It’s just as convenient to use as a traditional metro card, without needing to carry one around with you.
Even though Express Transit eliminates one of Apple Pay’s security features, it’s still usually a safe bet; metro transactions are not large, and there is a daily cap on the amount of money you can spend using the feature. In theory, even if there were a security risk, a hacker wouldn’t be able to get away with too much money before being caught.
Unfortunately, this new security flaw isn’t typical. As demonstrated by The Telegraph, one can replicate a metro terminal using a combination of software and hardware that will activate the Express Transit feature on iPhones; doing so this way bypasses that security cap. Researchers were able to drain as much as £1,000 (around $1,380) from a test iPhone. That’s one expensive subway ride.
It’s important to note that this flaw requires physical access to your iPhone. You’re not at risk using legitimate transit terminals; the only concern is if someone steals your iPhone, or you leave it unattended. Still, those situations are within the realm of possibility, so this vulnerability is a concern.
Luckily, the flaw doesn’t affect all cards using Express Transit; at this time, the issue is isolated to Visa. According to The Telegraph, researchers claim the flaw exists in both Apple’s system and Visa’s. Apple, however, pointed the finger at the financial company, and assured customers that any unauthorized payments would be reimbursed through Visa’s policy. Visa, for their part, claims that these types of hacks have been studied extensively, and wouldn’t pose a threat in the real world.
If you’d rather not take Visa’s word for it, you can protect yourself by going to Settings > Wallet & Apple Pay > Express Transit Card. Here, choose a card that isn’t Visa; MasterCard (which includes Apple Card) and American Express are not affected by this flaw. If you only have a Visa card to use, tap “None” to disable the feature entirely.
[9to5Mac]
Have you ever been browsing an older website, only to find yourself face-to-face with a 404 error when you click on a link to a long-abandoned site? W
Microsoft’s Word app has a dark mode that you can use right now, but it’s not as dark as you might prefer it if you’re the kind of person who likes wo
WhatsApp’s controversial new privacy policy goes into effect May 15, 2021. The updated agreement gives Facebook permission to collect your WhatsApp da
We’ve covered why you may want to get a third-party password managing app to handle all your passwords; however, if you don’t want to deal with an out
An unusual bug is currently breaking iPhones’ wifi connections. Luckily, it’s easy enough to avoid—and to fix if your phone becomes afflicted—but dang
Perhaps our phones are trying to do us a favor by erring on the side of politeness, but boy, they sure do love to try to keep us from swearing, don’t
If your iPhone or iPad is frozen or not recognizing touchscreen inputs, a forced restart may be necessary to get it working again. The force restart m
Apple is good at what they do; they release something new—like, say, the iPhone 13—and instantly you think I need that. But do you? Look, maybe your c
We are a comprehensive and trusted information platform dedicated to delivering high-quality content across a wide range of topics, including society, technology, business, health, culture, and entertainment.
From breaking news to in-depth reports, we adhere to the principles of accuracy and diverse perspectives, helping readers find clarity and reliability in today’s fast-paced information landscape.
Our goal is to be a dependable source of knowledge for every reader—making information not only accessible but truly trustworthy. Looking ahead, we will continue to enhance our content and services, connecting the world and delivering value.
