Vulnerabilities in Apple Pay, Samsung Pay and Google Pay allow attackers to make unlimited purchases using stolen smartphones enabled with express transport schemes. Until June 2021, purchases could be made at any PoS terminals, not only in public transport. The feature is available in the U.S., U.K., China and Japan, according to a report presented at Black Hat Europe on Wednesday. The researchers were able to perform the same actions with a Mastercard using a flaw found by ETH Zrich that they say was later eliminated.”]