top of page
Search

šŸ” A locked iPhone just gave up $10,000: no PIN, no Face ID, no problem.

  • Writer: Federico Carrasco
    Federico Carrasco
  • Apr 15
  • 2 min read

Updated: Apr 16


Veritasium's Derek Muller and MKBHD (Marques Brownlee) ran a fascinating (and unsettling) experiment: they drained $10,000 from a fully locked iPhone using nothing but a small reader and a laptop. The phone screen never turned on.


šŸ§  What happened

  • A video by Henry ReichĀ (Veritasium) shows researchers successfully taking $10,000 from a locked iPhoneĀ belonging to Marques Brownlee.

  • The phone was never unlocked, and no authentication (Face ID, passcode) was used.


āš™ļø How the attack works (simplified)

  • It exploits Apple Payā€™s ā€œExpress Transitā€ mode, which allows payments without unlocking the phone (for things like Š¼ŠµŃ‚Ń€Š¾/subway rides).

  • Researchers used a man-in-the-middle NFC setup:

    • One device tricks the iPhone into thinking itā€™s making a small transit payment.

    • Another device charges a much larger amountĀ on a real payment terminal.

  • They manipulate transaction data so:

    • The iPhone thinks itā€™s a small charge

    • The payment terminal processes a large one


šŸ” Key limitation

  • The attack only works under very specific conditions:

    • iPhone with Express Transit enabled

    • A Visa cardĀ set for transit payments

  • It does NOT workĀ with Mastercard, American Express, or some Android systems due to extra security checks.


šŸ§© Whoā€™s responsible?

  • Apple says the issue is with Visaā€™s system, not the iPhone itself.

  • Visa claims:

    • The attack is unlikely in real-world scenarios

    • Users are protected by zero-liability policiesĀ (you can get refunded)


āš ļø Why it matters

  • The vulnerability has been known since 2021Ā but still works in certain setups.

  • Even though itā€™s complex and requires specialized hardware, it shows that:

    • Locked phones arenā€™t always fully secure

    • Convenience features (like tap-to-pay without unlocking) can introduce risks


šŸ›”ļø How to stay safe

  • Disable Express Transit mode, or

  • Remove your Visa cardĀ from transit payments


šŸ§¾ Bottom line

This isnā€™t an everyday scam youā€™re likely to encounter, but itā€™s a real, demonstrated vulnerabilityĀ involving NFC payments, mainly tied to Visaā€™s implementation, not the iPhone itself.


šŸŽ¬Here it is the full video with details on How Secure Is Tap To Pay?


Comments

bottom of page