Here’s the hack:
- A small commercially available piece of radio equipment is placed near the the iPhone, which tricks it into believing it is dealing with a ticket barrier
- At the same time an Android phone running an application developed by the researchers is used to relay signals from the iPhone to a contactless payment terminal – this could be in a shop or one the criminals control
- Because the iPhone thinks it is paying a ticket barrier, it doesn’t need to be unlocked
- Meanwhile the iPhone’s communications with the payment terminal are modified to fool it into thinking the iPhone has been unlocked and a payment authorised – allowing high value transactions to be made without entering a PIN, fingerprint or using Face ID
The response to this:
Apple said the matter was “a concern with a Visa system”.
Visa said payments were secure and attacks of this type were impractical outside of a lab.
Impractical? As we’ve long seen (at least in the US), credit card hacking devices can get very small and surreptitious. And from the description above, the only thing that needs to be in place near the ticket barrier is a radio, which can certainly be small enough to be practically unnoticeable.
That said, this is all theoretical, not something that’s made its way into the wild. Yet. Still time to address this point of weakness, if these researchers are proven correct.