Update on Apple Pay / bank - Fraud (UK)

5 unauthorised payments started transferring out of our account via apple pay to 5 different payment cards at a bank called Revolut ( the are cards that you put money onto them ) while we sat at watched TV all via Apple Pay online transactions to who we don’t know .. this was not authorised by us , all this information has been supplied by MONZO who are claiming we have done it !! The investigation by the ombudsman has said that a token was set up in September 2024 and authorised by my wife’s device (Apple iPhone) and within the Monzo app , I can confirm that this did NOT happen and we are at a total loss at how this has occurred ! Yesterday I put my wife’s iPhone account email into NORD VPN and straight away this identified a breach in data on the black web back in September 2024 , which seems abit coincidental that’s when the so called token was set up ?

In fact Jeff we had this discussion back when we disputed the transactions and I used all the information you supplied and help me understand how Apple Pay works … no one can explain how it’s happened and keep blaming us , the truth is we have been defrauded out of £650 ($891) ny what I would say are some very sophisticated fraudsters who have somehow got into our account and made the payments disguised them as Apple Pay why I am saying this we spoke to Apple on the day this happened and they confirmed that no payments had been made via Apple Pay as these did not show up in the history however now Apple are now saying that they should not have told us that and will not help us endless phone calls being passed from one agent to another and just keep getting the door shut in our face when you search the net you find case after case after case of people who have had this type of transaction on their account and can’t explain how it’s happened even this week I have a colleague who I work with her dad has had £30 taken out of his account via Apple Pay at a butchers he goes to and no one can explain how that has happened. It all seems very very suspicious that something is wrong with Apple Pay and fraudsters today are able to get into this system collect the data and then set up payments without the anyone’s knowledge.

Who ever took the money transferred the money out of our account one after the other within 13 min

card 1 was transferred £ 150

card 2 was transferred £ 100

card 3 was transferred £ 150

card 4 was transferred £ 100

card 5 was transferred £ 150

basically we paid Revolut bank from our account which showed as Apple Pay online transactions , we only know now that they are prepaid cards because this is what the back have told us , each one had different Authority codes and transaction numbers

The transactions were made via online payment via Apple Pay to these accounts in Revolut bank our bank account shows five transactions to Revolut bank when you go into the transaction history it shows where it’s gone which was five prepaid cards so someone somewhere was able to get into our account and use our Apple Pay to make a payment as an online transaction, similar to if you were purchasing an item online

However, the bank and the ombudsman are saying that we set up the transaction in September 2024 and approved a token which then allowed these transactions to be made on that day which we have disputed as we have not done this so basically someone somewhere has hacked into either the banking app and used our Apple Pay or has hacked into the Apple Pay and used my wife’s debit card which is loaded within Apple Pay , and made the five payments. The payments only stopped once I emptied our account or otherwise I truly believe that this type of payment via Apple Pay would’ve continued until the account was emptied and we would’ve been looking at an awful lot more money

Hi thanks for taking the time to reply. Yes we have already done that on the day that the money was taken. The guy we spoke to was very helpful and looked into my wife’s account and said that these payments were not made via Apple Pay and advised us to continue with the dispute with our bank and tell our bank to contact Apple who would tell them that these payments did not happen However the bank did not do this which is also part of our dispute and when we have re-contacted Apple support via this method. They have passed us to one agent to another and basically in so many words have told us that this guy should not have told us that . Due to the nature of this attack on our account, we removed all payment cards from Apple Pay which unfortunately unknown to us removed all the history as we thought at the time we were under attack and all payment cards within the Apple Pay system was vulnerable. We have re-contacted Apple and made an official complaint And requested the taped conversation with this guy to be provided to us so we can prove that Apple have said that these transactions were not present unfortunately they have refused to contact us and are ignoring us .

The bottom lane is that the bank and the financial ombudsman have said that we made these payments to Revolut bank yet my wife was standing next to me with her phone in her hand screaming that our bank account was being emptied and when I logged onto our banking app, the money was just depositing out of it. It was only until I moved the remaining funds from our joint account to my own personal account. This stopped the bottom line is we have been victims of fraud but no one can tell us how this has been done everybody says Apple Pay is secure however this happened so something is not adding up and the bank will not accept what we are saying because we’re talking that’s associated with this payment was authorised on my wife’s device. When you look at my wife’s history with Apple Pay she has only used it once to purchase some clothing online every other payment is made via her phone via Apple Pay as tap and pay. It’s me that uses Apple Pay as a payment method online constantly. I also use my watch and my phone when I’m out she only uses her phone and her phone is never been left anywhere or security is up-to-date face recognition and two factor authorisation yet this still happened so you can imagine we just don’t know what is safe anymore.

I put the information onto a post but the post has been deleted .

all we know as I’ve said ,

5 online transactions using my wife’s debit card via Apple Pay to revolut bank , on investigation this turn out to be 5 prepaid Revolut debit cards , now originally Apple said this could not be done , then later on said this could be so I’m lost still how this has actually been done .

One other point my wife very rarely uses her card and always uses her phone , unless it was skimmed at a cash point machine ? Yet the token was set up on the 21st I just don’t get it . Unless the token is his and the money was paid , put the card skimming happened at another time ? It’s all very very confusing and no one actually knows what’s gone on , apart from the only clear cut evidence we did not make the payments

Thanks for getting back with this information and sorry for the long messages I will make sure they are broke up abit

I’ve copied this info for when the ombudsman comes back with a final decision .

Whats confusing which we don’t understand the token was set up on the 21 September 2024 , and then the money was taken on the 14th March with what we believe was a test payment 13mins before the rest went out , the wife did not register or use her phone on any site that day in question or put her details into anything.

what’s got me if the token was set up 6 months before surly a test payment would have gone out of the account , I’ve checked and nothing has been paid to any suspicious accounts .

so does the token last 6 months ?

thanks for all your reply’s I really do appreciate it

Andy