Researchers at the Newcastle University discovered a flaw in contactless Visa cards that can be exploited to steal up to 1M from cardholders without the PIN. The contactless credit have been widely adopted in response the several data breaches that exposed million credit card data worldwide. The new Visa cards do not recognize transactions in foreign currency, causing the approval for any transactions for sum larger up to 999,999.99 in any foreign currency. The attack scenario is quite simple, the threat actor could setup a rogue point-of-sale terminal on ATMs and even on mobile phones.”]
Source: https://securityaffairs.co/wordpress/29878/security/contactless-visa-cards-flawed.html