1. 4
  1.  

  2. 1

    I wonder if the just released IOS 9.3 fixes this.

    1. 1

      This seems to be based entirely on the payment authorization code that gets passed back and forth. The fix, then, is probably to limit the length of time, and the number of times the code can be used?