Recently, a study focusing on vulnerabilities within iPhone and Visa card payment systems has garnered significant attention. Leveraging NFC technology, researchers successfully stole $10,000 from YouTuber Marques Brownlee's locked iPhone. This particular security flaw was initially identified in 2021 by cybersecurity teams at the University of Surrey and the University of Birmingham.

The crux of this vulnerability involves attackers intercepting the communication between an iPhone and a payment terminal using an NFC reader. They then facilitate the theft by processing the transaction through another phone on a legitimate reader. The conditions required to exploit this vulnerability are notably stringent: the victim must have activated 'Express Transit Mode' on their iPhone and linked a Visa card, while the attacker needs both physical access to the device and specialized equipment.

Both Visa and Apple have acknowledged the vulnerability but emphasized that the probability of such fraud occurring in real-world scenarios is exceedingly low. They reassure users that they are safeguarded by a zero-liability policy, enabling them to contest and reverse any suspicious transactions.