Imagine losing ten thousand dollars from your iPhone while it is still locked in your pocket. In a wild experiment involving YouTuber Marques Brownlee, security researchers demonstrated a clever attack that exploits a vulnerability in Apple Pay's Express Transit Mode. By using specialized NFC equipment and a laptop, the team tricked the iPhone into thinking it was at a subway gate, allowing them to bypass Face ID and authorize a massive payment without the owner ever knowing. Interestingly, this specific trick only works when an iPhone is paired with a Visa card, as Mastercard and American Express use different security protocols that successfully block the exploit. While Apple and Visa suggest that such a complex attack is unlikely to happen in the real world, it serves as a fascinating reminder that even the most secure devices have hidden gaps. If you are feeling uneasy, the simplest fix is to switch your default transit card to a different provider or disable the Express Transit feature entirely.