1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Apple Pay Visa feature could be hacked to drain your wallet

    From TechnologyDaily@1337:1/100 to All on Thu Sep 30 13:00:02 2021
    Apple Pay Visa feature could be hacked to drain your wallet

    Date:
    Thu, 30 Sep 2021 11:43:54 +0000

    Description:
    Security researchers demonstrate attack that tricks an iPhone into making large payments without explicit user authorization.

    FULL STORY ======================================================================

    Cybersecurity researchers have demonstrated what they claim to be security issues in Visa and Apple payment mechanisms to make fraudulent contactless mobile payments .

    The researchers from University of Birmingham and University of Surrey used a locked iPhone to make a payment via NFC exploiting an Apple Pay feature
    called Express Transit thats designed to work with Visa to help commuters pay quickly at ticket barriers.

    In a video, the researchers successfully tricked an iPhone to make a Visa payment of a 1,000 payment without unlocking the phone or explicitly authorizing the payment. TechRadar needs you!

    We're looking at how our readers use VPNs with streaming sites like Netflix
    so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.

    Click here to start the survey in a new window << Shield yourself with these best identity theft protection services We've put together a list of
    the best endpoint protection software These are the best malware removal software on the market

    According to reports, while Apple said the matter was an issue with Visas payment system, Visa countered the research by saying that its payments were secure and that this type of attack couldnt be replicated outside of the lab in the real-world. Fooling the phone

    The hack involves the use of a small commercially available piece of radio equipment, which is placed near the iPhone to trick it into believing it is dealing with a ticket barrier. At the same time an Android phone running a custom app developed by the researchers is used to relay signals from the iPhone to any contactless payment terminal.

    Since the iPhone thinks it is paying a ticket barrier, it does so while still being locked. On the other end, the custom Android app modifies the iPhones communications with the payment terminal, which thinks the iPhone has been unlocked and the payment has been authorized legitimately.

    Importantly, the researchers share that the Android phone and payment
    terminal used in the hack don't need to be near the victim's iPhone.

    "It can be on another continent from the iPhone as long as there's an
    internet connection," Dr Ioana Boureanu of the University of Surrey told the BBC .

    The researchers reportedly shared their discovery with both Apple and Visa about a year ago, but are still awaiting a fix. Visa meanwhile is of the opinion that the hack is "impractical outside of a lab. Protect your devices with these best antivirus software

    Via BBC



    ======================================================================
    Link to news story: https://www.techradar.com/news/apple-pay-visa-feature-could-be-hacked-to-drain -your-wallet/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)