Debunking AirDrop and Apple Pay Security Myths

A viral video on TikTok last year declared the dangers of having AirDrop activated on iPhones, while other videos pointed to Apple Pay as another security risk.

The lingering impact of this bad advice is that two useful and secure features of the iPhone aren’t being used by those who took the information at face value.

The Claim vs. Reality
The TikTok videos claimed that if your AirDrop is turned on, a hacker can wirelessly extract your banking details just by being nearby. To make the hoax more convincing, some videos instructed users to check a setting to "turn off" the vulnerability. But here’s the problem: no such setting exists, and AirDrop doesn’t work in the way they claimed.

AirDrop is a Bluetooth and Wi-Fi-based wireless option that allows secure transfer of files between Apple devices. Before a transfer even begins, two iPhones must verify each other using encrypted signals. And even then, the receiving device must accept the transfer.

The notion that a hacker could somehow bypass all these safeguards and pull financial data from your device just by walking past you is like claiming that someone can withdraw money from your bank account just by staring at your ATM—it’s simply not how the technology works.

AirDrop and Apple Pay are Completely Different
To further confuse users, videos that conflated the two separate technologies made it sound like they were somehow the same wireless conduits.

They use different wireless technologies that manage completely different data transfers and have nothing to do with each other.

AirDrop is a file-sharing feature that allows users to send photos, videos, and documents between devices using a combination of Bluetooth and Wi-Fi at a range of up to 30 feet.

It also requires user approval before accepting a file unless set to “Everyone” (which is not recommended).

Apple Pay is a mobile payment system that securely processes transactions using NFC (Near Field Communication), not Bluetooth and uses tokenization to protect financial data at a range of about 1.5 inches.

This means that even if a hacker could intercept an Apple Pay token, it would be useless for any other transaction.  Real hackers would never waste their time trying to ‘hack’ Apple Pay in the wild.

In addition, it requires Face ID, Touch ID, or a passcode to authorize any transactions further debunking the viral videos.

How to Safely Use Both
If you think about the level of security Apple Pay provides, it’s much safer than carrying a wallet full of physical credit cards.

If you lose your wallet, it provides a thief with direct access to your cards; if you lose your phone, a thief has multiple levels of biometric security to overcome.  Meanwhile, you can remotely disable your iPhone, making it nearly impossible for your information to be compromised.

For Apple Pay security, enable Face ID/Touch ID for transactions, use a strong backup passcode, and regularly monitor your transactions.

For AirDrop security, set it to ‘Contacts Only’ or turn it off until you want to use it. Avoid public Wi-Fi connections when using it and keep your iOS updated to stay up with any vulnerabilities.