Revealed: How to steal money from victims' contactless Apple Pay wallets
Boffins devise tricks to dupe stolen or nearby iPhones into paying out when in transit mode and using Visa
Updated Apple's digital wallet Apple Pay will pay whatever amount is demanded of it, without authorization, if configured for transit mode with a Visa card, and exposed to a hostile contactless reader.
Boffins at the University of Birmingham and the University of Surrey in England have managed to find a way to remove the contactless payment limit on iPhones with Apple Pay and Visa cards if "Express Transit" mode has been enabled.
Express Transit mode enables Apple Pay transactions without unlocking an iPhone or requiring authentication. It's intended as a convenience feature to facilitate charges when passing through public transit ticketing gates that support contactless readers like Europay, Mastercard, and Visa (EMV).
Our work shows a clear example of a feature ... backfiring and negatively impacting security
"Our work shows a clear example of a feature, meant to incrementally make life easier, backfiring and negatively impacting security, with potentially serious financial consequences for users," said Dr Andreea-Ina Radu, in the School of Computer Science at the University of Birmingham, in a statement on Thursday.
The researchers involved – Andreea-Ina Radu and Tom Chothia at Birmingham and Ioana Boureanu, Christopher J.P. Newton, and Liqun Chen at Surrey – say they disclosed the flaw to Apple in October 2020 and to Visa in May 2021. However, they claim the two companies have been unable to cooperate on a fix due to finger-pointing.
“Our discussions with Apple and Visa revealed that when two industry parties each have partial blame, neither are willing to accept responsibility and implement a fix, leaving users vulnerable indefinitely," said Radu.
The research, to be presented at the 43rd IEEE Symposium on Security and Privacy in May, 2022, relies on an MITM replay and relay attack on iPhones with a Visa card designated as the "transport card." In other words, the signaling between the iPhone and the transit payment system is spoofed by a rogue terminal to open Apple's digital wallet.
"If a non-standard sequence of bytes (Magic Bytes) precedes the standard ISO 14443-A WakeUp command, Apple Pay will consider this a transaction with a transport EMV reader," the researchers explain in a write-up of their attack.
The Magic Bytes represent a code sequence broadcast by transit gates or turnstiles to unlock Apple Pay. What the researchers found after identifying this code with radio gear was that they could broadcast it with altered data fields to dupe appropriately configured iPhones. By altering specific fields in the wireless protocol, they can convince vulnerable iPhones to treat a transaction entered into a store-oriented contactless card reader as if it came from a transit gate, where no confirmation is expected.
- Apple Pay a haven for 'rampant' credit card fraud, say experts
- Apple says banks can't touch iPhone NFC without harming security
- Farewell, Android Pay. We hardly tapped you
Related data fiddling – setting a bit flag for the Consumer Device Cardholder Verification Method – tells the EMV reader participating in this interaction that on-device user authentication has authorized the amount, which allows transactions over the contactless payment limit without the victim's knowledge.
The primary requirement for this attack scenario is a stolen, active iPhone configured as described with a Visa card. The researchers claim funds could be pilfered from a vulnerable iPhone in a victim's bag, assuming proximity to the necessary hardware can be arranged.
"An attacker only needs a stolen, powered on iPhone," the team wrote. "The transactions could also be relayed from an iPhone inside someones bag, without their knowledge. The attacker needs no assistance from the merchant and backend fraud detection checks have not stopped any of our test payments."
The academics also developed a separate attack against the Visa-L1 protocol, intended as a defense against relay schemes of this sort, using an Android as a relay intermediary to carry out the attack. Visa-L1, the researchers explain, assumes the attacker cannot change the UID of a card or mobile phone and that relaying ISO 14443 messages is difficult due to timing constraints. Those are flawed assumptions.
Visa believes that rooting an Android smartphone is a difficult process, which requires high technical expertise
"The attack is possible because the protocol’s security relies on a random value sent only from the card side, which we can manipulate, and there is no randomness from the EMV reader," the academics explain.
"The protocol is meant to protect against attackers using unmodified devices, and Visa believes that rooting an Android smartphone is a difficult process, which requires high technical expertise."
In place of L1, the academics have proposed a new relay-resistant protocol, L1RP, that they claim to have proven via a security protocol verification tool called Tamarin.
Radu et al suggest that while we wait for Apple and Visa to respond, no one should be using a Visa card as the transport card in Apple Pay.
Neither Apple nor Visa responded to requests for comment. ®
Updated to add
After this story was filed, Timur Yunusov from security firm Positive Technologies contacted The Register to say that while the UK researchers’ claim the weakness they found “does not affect other combinations, such as Mastercard in iPhones, or Visa on Samsung Pay,” Positive Technologies nonetheless has identified flaws affecting those systems.
Yunusov said his firm found the same vulnerability separately, plus additional vulnerabilities in Samsung Pay and Google Pay that were demoed in June.
He said the Black Hat presentation and whitepaper describing those issues will be available next month.