← Back to stories Scrabble tiles on a wooden background spell out the word 'scam', concept for deception and trickery.
Photo by Markus Winkler on Pexels
凤凰科技 2026-04-16

Demo shows $10,000 in fraudulent charges on an Apple phone; Visa says exploit needs “very specific conditions”

What happened

It has been reported that a proof‑of‑concept demonstration circulating online targeted an Apple phone and displayed roughly $10,000 in fraudulent Visa charges. The video — described by its publishers as a security demo — reportedly showed an attacker completing card‑present transactions that the victim’s device appeared to authorize without their consent. Visa responded publicly, saying the exploit would only work under “very specific conditions,” signalling the company believes the risk to ordinary users is limited.

Technical and industry reaction

Details remain scant and unverified. Visa’s characterization suggests the issue is not a simple flaw in its network, but a narrow chain of factors (hardware, software, issuer settings or terminal behaviour) that must align for the attack to succeed. It has been reported that researchers and payments analysts are now probing whether gaps in tokenization, wallet implementations or terminal‑side logic could be involved, but no definitive root cause has been confirmed.

Broader context for Western readers

Mobile payments are complex systems involving device manufacturers, wallet providers, card networks and banks. In China, popular mobile payment rails such as Alipay (支付宝) and WeChat Pay (微信支付) use different flows than card‑based wallets in the West; that difference matters when comparing risk profiles across markets. Geopolitics and supply‑chain scrutiny have increased attention on device and payments security — will a headline about an iPhone become a broader trust issue for manufacturers and regulators? Possibly, but Visa’s comment tempers immediate alarm.

What consumers should do

Should users panic? Reportedly not, according to Visa’s assessment. Still, consumers should watch for updates from Apple and card issuers, review recent transactions, keep devices and wallet apps up to date, and report suspicious charges to their bank. Regulators and industry bodies will likely press for clearer technical disclosures so the public can judge how real and widespread the threat actually is.

AISmartphonesSpace
View original source →