Urgent iPhone warning as LOCKED handset can make ‘£1,000 Apple Pay payments’ – fix it NOW

AN iPhone bug means hackers could force your locked device to make large unauthorised contactless payments.

This is according to researchers at Birmingham and Surrey universities who discovered the critical issue during an Apple Pay hack experiment.

1

The experts created a video demonstrating how they could force a locked iPhone to make a contactless Visa payment of £1,000 to their account.

They did this by exploiting an issue that lets commuters pass ticket barriers quickly.

The issue is said to affect Visa cards set up in ‘Express Transit’ mode in your iPhone’s wallet.

Express Transit mode allows quick contactless payments without unlocking your iPhone.

This is great for passing ticket barriers quickly.

However, researchers have demonstrated how they can use radio equipment to trick an iPhone into thinking it’s passing a ticket barrier.

They also used an Android device to relay signals from the iPhone to a contactless payment terminal that they controlled.

The iPhone is forced into thinking it has been unlocked and is forced to make a contactless payment.

A PIN, Face ID or a fingerprint scan is not required for the hack to work.

The researchers said that the hacking system doesn’t even need to be near your iPhone.

It could be on another continent and still be able to take the money.

There’s no evidence that criminals are exploiting this attack and the researchers have only ever conducted it in a lab and using their own money.

According to The BBC, Apple said the issue was “a concern with a Visa system”.

However, Visa said that this kind of attack was impractical outside a lab setting and that its payments were secure.

If you’re concerned about a hack like this you can always turn off Express Transit mode on your iPhone.

Dr Andreea Radu, from the School of Computer Science at the University of Birmingham, led the research.

She said: “Our work shows a clear example of a feature, meant to incrementally make life easier, backfiring and negatively impacting security, with potentially serious financial consequences for users.

“Our discussions with Apple and Visa revealed that when two industry parties each have partial blame, neither are willing to accept responsibility and implement a fix, leaving users vulnerable indefinitely.”

Co-author Dr Tom Chothia, also in the School of Computer Science at the University of Birmingham, added: “iPhone owners should check if they have a Visa card set up for transit payments, and if so they should disable it.

“There is no need for Apple Pay users to be in danger but until Apple or Visa fix this they are.”

In other news, check out our iPhone 13 review and iPhone 13 Pro review.

Take a look at the new Lamborghini Huracan Evo that can clean your house and cook you dinner.

Find out about the wildly impressive Panasonic 65HZ1000 TV, which makes most tellies look rubbish.

Read our complete guide to Call of Duty Vanguard.

And Dell’s Alienware R10 Ryzen Edition is a gaming PC powerhouse that crushes both the new consoles.

We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at [email protected]