It isn't the OP's role or business to do the QA person's job and over an issue where someone foolishly attempted to use Apple Pay in a bank.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
I Broke All of Bank of America's Card Terminals With Apple Pay
- Thread starter Inframan
- Start date
- Sort by reaction score
It isn't the OP's role or business to do the QA person's job and over an issue where someone foolishly attempted to use Apple Pay in a bank.
I beg to differ.
Deniability isn't a solution to a problem, politically, scientifically, technologically, or otherwise.
In any sort of analysis, you always will need to supply a proof of concept on how a problem exists, and if so, how to create that problem repeatedly to show that it needs to be worked on. Otherwise, someone skeptical will just come in and say "it is just a fluke, nothing to see here, move along", while the problem indeed does exist.
You should follow the Bugtraq or Secunia mailing lists for security vulnerabilities. You will see how advisories are discovered, worked on, disclosed, and worked into the latest software releases. That is how it is done, and how this needs to be handled.
You can call it foolish all you want; but the OP discovered a problem that could become a serious problem, that needs to be fixed.
BL.
A "serious" problem because someone foolishly attempted to use Apple Pay at a bank branch as unadvertised? Surely you're exaggerating big time
Yeah, it is a SERIOUS problem when you can so EASILY take down the terminals in a bank and the tellers aren't educated enough to even understand why For real dude? You don't get why this is serious to a bank?
----------
Um, we were all telling him this could be coincidence, explaining correlation vs. causation, etc. Now it can be reported with confidence to those who can fix it.
For real dude? You don't get why this is serious to a bank?
Because the odd of another person foolishly assuming they can use Apple Pay to authenticate with TouchID in a bank is actually pretty low.
Again, it's not the OP's job to "prove" it to the bank. It's not necessary for the OP to disrupt the bank's operation and inconveniencing other customers during business hours by reproducing the problem in the middle of the day when this is best left simply reported to the manager of the bank. The manager can then have a QA person test the system after hours when other customers are not disrupted by the OP's well-meaning action.
I didn't mention a specific statistical test. If you have a counter-argument to the chance of someone else repeating the OP's tactics in a bank being low, then provide it.
No you didn't because you are just spouting off nonsense!
It isn't nonsense to say it isn't a high likelihood that most people would think to authenticate with TouchID via Apple Pay in a bank as the OP did.
Why not? B of A is one of the major partners in the Apple Pay launch and they've been advertising about it. I went to an ATM today and the static screen before login was touting B of A's affiliation with Apple Pay as "the easier way to pay". Knowing that B of A is pimping Apple pay and knowing that you have to slide your debit card at the bank for transactions just as you do when making a purchase, it's not a huge stretch of imagination that people might think it would work at the bank too - their card readers look just like card readers found in many stores.
I absolutely agree it's not a good idea to walk into banks and knowingly knock their machines offline during business hours, but I do think B of A should be made aware of it and do whatever they need to do to fix the problem, which is obviously on their end. Either fix their system so the machines accept it, or remove the NFC from their readers so it would do nothing. If it's not going to work, I don't see why they would have NFC capabilities enabled in the first place.
Tampering with the system and causing a malfunction. Especially when you do it on purpose.
It is a completely made up stat you just threw out there without any basis for it and it is counter-intuitive on top of it.
Last edited by a moderator:
My idea of statistics is different from yours then. The point is there aren't many people who'd try what the OP did and it isn't counterintuitive because otherwise the headline "Apple Pay wreaking havoc on banks across the country" would be hitting the national news.
I actually think this line is going to be blurring veeerrrryyyy soon. Iowa is starting a program to allow photo IDs via smartphones. For all intents and purposes, you will be using your iPhone to authenticate your identity in the coming year (in Iowa of course). I wouldn't put it passed people to already expect they can do this at a bank... after all it is an ATM card linked to Apple pay AND you still get asked for your PIN when making an actual transaction in a store.
----------
I simply can;t imagine the issues were linked. Did we establish whether it was actually the act of trying to authenticate identity using Apple Pay that caused the issues and not just some fluke? Sorry if we have. I didn't go back and read through the thread since last I posted.
EDIT: I guess the OP did claim to have gone back and done the same at another bank. Still shocked that he would be the only one to have tried to do this. Not saying he isn't being truthful but there has to be some missing information here...
Yes, it's a bug that BofA would have to fix if we are to be able to use Apple Pay (or rather, TouchID) to authenticate with our linked debit card to withdraw cash, etc. in the future. There's even a different bug at some airports where Apple Pay pops up when scanning with the boarding pass in Passbook as the scanners they use there are NFC and QR reader in one.
The vast majority of people would try Apple Pay as advertised so it isn't surprising that it isn't a big issue now.
----------
No, statisticians would provide odds, probability, etc. I've provided no such numbers. Nice try distracting from the point I'm trying to make though.
You're being a bit pedantic here, not everyone is an IT geek versed in the specifics of what constitutes a bug...
In any event, the system should be designed to ignore unexpected inputs. If the OP's phone indeed caused a system down condition due to the ApplePay input, then clearly the system didn't work as designed; it didn't ignore the unexpected input.
(and if you really feel the need to have a different opinion, fine by me. not interested in further debate over nuances, just offering a different view)
I don't have a means to test it at home, but I believe anything with NFC will actually trigger Apple Pay. My understanding is that this was a quick and dirty means of "always on Apple Pay" done by Apple. Not so much a bug as... lazy lol.
I don;t disagree that the vast majority would try to use Apple Pay as advetised. But it's been a couple of months. We really think the OP was the first one to do this? I am going to say that is doubtful. And being that it supposedly cripples BofA's system, I would think there would be notifications sent immediately to all branches about how to remedy, or at least put a band-aid, on the situation. An entire branch (supposedly two) were crippled and yet the OP is still able to keep going...
Last edited:
That's right!!! You just pulled nonsensical retorts out of your arse and stated them as if they were facts, lol!! Yet you had no basis for your statements and couldn't even provide any realistic common sense arguments to back up what you were saying.
That's right!!! You just pulled nonsensical retorts out of your arse and stated them as if they were facts, lol!! Yet you had no basis for your statements and couldn't even provide any realistic common sense arguments to back up what you were saying.
You're the one who accused me of using statistics when I didn't. It's common sense to say that it isn't likely that many people would attempt to do what the OP did, as most would use Apple Pay as advertised (i.e., in-store and online purchases). I'm not even presenting this as a fact to boot.
No, it is ANTI common sense, dude. Give up. You LOST this argument and are embarrassing yourself.
Yes, the NFC induction coil is always on. There isn't an on/off switch for that. However, a simple workaround is to pull up the boarding pass from the airline app rather than in the Passbook, at least until the airports upgrade to newer scanners that can disable NFC while enabling QR reader and vice versa. Having both NFC and QR reader always on in the scanners is lazy too.
----------
No it's not. Otherwise, we'd be hearing about far more incidents of this. Like lordofthereef said, it's been two months and the OP is the only one we've heard of this? Unless of course there's more to the story than the OP is telling us.
I was just referring to it being called a bug. But I guess that's smeantics. And I see this thread has enough of that!
I need to go into my local branch anyway. I will just try it and see what happens. Truth be told I am not even sure they are NFC capable.
Not entirely out of the question as some newer credit and debit cards have RFID/NFC chips. I don't bank with BofA so not sure what they have.