And what happens when a million people miss type their pin three times? Millions of records. Like I said, it needs to support millions of records. What happens if they only plan for 10 people to have this issue at a time and there is an 11th person? Small example but you get the idea. They need to plan for large scale, or else there will be more problems. This is like fixing a bug within a day vs a week to make sure it doesn't cause any more issues. Sure they can slap a poorly designed database table together, but it could cause issues if a lot of people suddenly start mistyping their pins several times. This is how you handle large databases or a large customer base. Plan for a large data set. For example, we started using bigint instead of int for tables that constantly grow due to running into the limits of ints numerous times. You think it will never happen, but it does. And adjusting the code after the fact is very time consuming. Or a horrible approach is to reseed the index so that it utilizes the negative int values. So....you plan ahead. Oh and obviously our site was not even close to the same scale as Apple. NO WAY. It doesn't matter how big or small a company is. It is still taking software development resources from other projects to implement this issue which should have been implemented at the API level in the first place. What happens if there is a bug in Apple's implementation of these security checks? What happens if like you said it will be a relatively small table but suddenly became larger than what they were planning and unforeseen bugs started to show up? This is the problem with most software development these days. You think some of this stuff never happens, but it does.