Apple Wallet Compromised, Can I Ever Use It Again?

Question

Apple Wallet Compromised, Can I Ever Use It Again?

Recently while shopping in a sporting goods store that allowed touchless pay, my apple wallet was compromised. My phone was in my handbag (which supposedly has RFID protection🙄), but was powered on nonetheless. The next day I got 12 Apple wallet notifications back to back, someone was attempting to charge my account $0.01 over and over.

The charge appeared to be coming from the sporting goods store where I was shopping the previous day. I immediately phoned the bank, then the store’s headquarters, and this is what I found out:

These lovely thieves have yet another way to rob us blind. Their device is about the size of a Tamagotchi and bypasses any biometrics or passwords…even two-factor ID in a lot of cases. They slip right into your digital wallet unnoticed. They then mimic the retailers touchless pay kiosks, and start charging away. Their device mimics the retailer in every way, even the bank can’t tell the difference.

Thank god the one who got me, “tested” my account with tiny amounts first. THAT is what set off my bank’s security…they’re set up to detect unusual amounts.

I had to change all my bank account info, and as a precaution I changed all my passwords, including my Apple ID password. They also told me to power my phone off while in stores that allow touchless pay because an imply putting the phone in airplane mode won’t do the trick. Keep in mind, I’m just regurgitating info from my bank’s fraud specialist, I’m in no way an expert on the subject…this was my first go-round!

My question is this: Has this breach rendered my Apple wallet permanently unusable? My bank wasn’t sure if I can ever safely re-setup my Apple wallet. The technology the scammers and hackers are using is constantly evolving, so they couldn’t give me a definitive answer about the safety of ever using my Apple wallet again (in regards to this incident). Their suggestion was NEVER to set it back up on this device, or under my current Apple ID.

Is this correct?

Granted, the absence of my wallet

is a small price to pay for peace of mind, so for now I’ll just consider myself lucky this whole thing wasn’t much worse.

I mainly want to verify the info I got from my bank’s fraud department, and see if anyone else has had this happen.

Will I ever be able to safely and securely use my Apple Wallet again?

Thanks for any info!!

iPhone 13 Pro Max, iOS 16

Posted on Jan 3, 2023 6:07 AM

Reply

Answer 1

muguy

Level 10

91,148 points

Jan 5, 2023 4:52 AM in response to MissusJones78

Has this breach rendered my Apple wallet permanently unusable?

No. Your wallet was not breached. Simply being in the presence of NFC equipment is not enough to trigger a charge; you need to authenticate on the device using Touch ID or Face ID too.

My bank wasn’t sure if I can ever safely re-setup my Apple wallet. The technology the scammers and hackers are using is constantly evolving, so they couldn’t give me a definitive answer about the safety of ever using my Apple wallet again (in regards to this incident). Their suggestion was NEVER to set it back up on this device, or under my current Apple ID.

Is this correct?

Your card numbers do not back up.

Reply

Answer 2

Jan 4, 2023 11:24 AM in response to MissusJones78

Hello MissusJones78,

Welcome to Apple Support Communities! It sounds like you need help with Apple Wallet issues. We completely understand why you'd reach out, and are happy to help.

The following article provides information on the security of the Apple Wallet and how it functions:

Apple Pay security and privacy overview

If you are concerned about the safety of the Apple Wallet, please reach out to Apple directly:

Contact Apple for support and service

Please have a look and let us know if this helps!

Cheers!

Reply

Answer 3

Jan 8, 2023 3:58 AM in response to muguy

Respectfully, I think you may have misread my post.

The NFC isn’t my concern. I was making the point of being in a store with NFC, because those retailer’s are the ones with the greatest risk of being hit by these thieves.

The phone is essentially tricked into thinking it is being used by an NFC, and all security is bypassed in the process (PIN numbers, FaceID, TouchID, etc). Once they’re in, they’re in; they can access it from anywhere in the world as long as they have Wi-Fi.

the reason my bank isn’t sure if I can ever safely reactivate my apple wallet, is due to the fact that the wallet was already accessed by someone else. Any card I set up can potentially be used now that the breach has occurred.

It was not the NFC that breached my wallet.

That said, I appreciate you taking time to try and help me!

Reply

Answer 4

muguy

Level 10

91,148 points

Jan 8, 2023 5:06 AM in response to MissusJones78

MissusJones78 wrote:

Respectfully, I think you may have misread my post.

The NFC isn’t my concern. I was making the point of being in a store with NFC, because those retailer’s are the ones with the greatest risk of being hit by these thieves.

I’m not sure I understand the distinction you’re trying to make. Greatest risk? Hardly.

he phone is essentially tricked into thinking it is being used by an NFC, and all security is bypassed in the process (PIN numbers, FaceID, TouchID, etc).

that’s simply not possible as passing data requires authentication; it cannot be passively acquired

Once they’re in, they’re in; they can access it from anywhere in the world as long as they have Wi-Fi.

no. The NFC protocol and WiFi protocol are two separate things

e reason my bank isn’t sure if I can ever safely reactivate my apple wallet, is due to the fact that the wallet was already accessed by someone else. Any card I set up can potentially be used now that the breach has occurred.

not possible

t was not the NFC that breached my wallet.

then what did?

That said, I appreciate you taking time to try and help me!

Reply

Apple Wallet Compromised, Can I Ever Use It Again?

Similar questions