Tech creators are shedding new light on a worrying flaw in how iPhones handle contactless payments. A recent deep dive by the popular YouTube channel Veritasium shows how thieves can steal money from a locked Apple iPhone without ever needing your passcode. The exploit targets a specific transit payment feature, but there is a catch. It only works if you use a Visa card.
The hack exploits a gap in the express transit feature
The problem centers around the Express Transit mode in Apple Pay. This setting lets commuters tap a phone at a subway gate without unlocking it. Hackers figured out a way to exploit this convenience. By using specialized radio equipment, a thief can trick a locked iPhone into thinking it is near a transit gate.
Once the phone believes it is at a station, the equipment acts as a bridge. It relays the signal to a normal payment terminal somewhere else. Because of a specific security gap in how Visa processes offline transit payments, the locked phone approves a normal credit card transaction. If you use a Mastercard or American Express, you are completely safe because those networks block this trick.
Apple knows about the flaw, but Android phones remain secure
The YouTube video from Veritasium proves the hack is real, but pulling it off is actually very hard. A thief needs expensive gear, a customized setup, and plenty of time close to your pocket. Security experts originally reported this exact vulnerability in 2021. Apple decided not to change its system on iPhones because it believes a real-world attack is highly impractical. Visa shares this view and covers any fraudulent charges under its policy.
If you want to be completely safe, you can just turn off the transit feature in your phone settings. Interestingly, phones running Google software do not have this problem. Security testers tried the same relay attack on several Android models, but the system naturally blocked the transactions.
