apple pay not as secure as in iphone?

Discussion in 'Apple Watch' started by jiangning, May 21, 2015.

  1. jiangning macrumors newbie

    Joined:
    Jan 29, 2010
    #1
    Apple pay on apple watch is standalone so the cards don't carry over from your iphone. On iphone, you will need to use touch ID to make a purchase but that doesn't happen on the watch. I suppose there should be extra security measures such as granting a transaction only when the iphone is nearby. However that is not the case as I have successfully brought out apple pay through double click even if no iphone is detected.

    So does that mean if the watch is lost then whoever picks it up could use my apple pay, given that they have got around my passcode?

    My point is: Apple pay on iphone has double security -- passcode and touch id, but on watch it only counts on passcode, which doesn't seem secure enough for me. Any thoughts? Maybe I've missed something?
     
  2. Givmeabrek macrumors 68040

    Givmeabrek

    Joined:
    Apr 20, 2009
    Location:
    NY
    #2
    The phone only needs touch ID. The watch needs the passcode. It will erase after ten mistakes (if you set it). So the difference is touch ID versus passcode.

    They are both more secure than a credit card. Lose that and you lose much more...... :cool:
     
  3. JayLenochiniMac macrumors G5

    Joined:
    Nov 7, 2007
    Location:
    New Sanfrakota
    #3
    What do you mean both passcode and TouchID? I only use TouchID when using Apple Pay on the iPhone, and you can change this to activating Apple Pay with a passcode rather than TouchID on iPhone.

    If someone takes it off your wrist, it gets locked so not sure what you mean.
     
  4. melman101 macrumors 68030

    Joined:
    Sep 3, 2009
    #4
    You're not really missing anything, other than not trusting your passcode. I don't have an iPhone 6 but I assume that you can use Apple Pay with a passcode as opposed to touch ID so it's the same there.

    There is no touch ID sensor on the watch. Also, the watch locks when it's taken off your wrist.

    I feel the watch is sufficiently secure for using Apple Pay. It's not like I could potentially leave my watch somewhere. I'm always wearing it.
     
  5. Trius macrumors 6502a

    Trius

    Joined:
    Aug 7, 2008
  6. JayLenochiniMac macrumors G5

    Joined:
    Nov 7, 2007
    Location:
    New Sanfrakota
    #6
    Your assumption is correct. You can use a passcode in lieu of TouchID if the latter doesn't work well for you.
     
  7. jiangning thread starter macrumors newbie

    Joined:
    Jan 29, 2010
    #7
    Yeah I do agree it's more secure than the wallet lol. I guess I just don't trust passcode as much as my fingerprints.:p
     
  8. melman101 macrumors 68030

    Joined:
    Sep 3, 2009
    #8
    Yea, but anyone who has your iPhone 6 can use Apple Pay with the passcode. LOL! :) It's the same thing! :). And it would be much easier for them to take your iPhone then your Apple Watch.
     
  9. mistame macrumors member

    Joined:
    Sep 18, 2014
    #9
    In addition to the watch locking when you take it off, you can disable apple pay remotely from icloud.com for the watch. Sure, if someone can "get around" your passcode it's insecure, but you can say that for any service. Gmail is insecure because someone could get potentially around my password.
     
  10. PedCrossing macrumors 6502

    PedCrossing

    Joined:
    Apr 3, 2012
    Location:
    The Loop
    #10
    Apple watch is on the wrist and iPhone is in the pocket, it's easy to tell which is likely to be stolen or left behind. I'm not worried about the security at all, even if something happens, just contact the bank, it's no big deal.
     
  11. JayLenochiniMac macrumors G5

    Joined:
    Nov 7, 2007
    Location:
    New Sanfrakota
    #11
    If the OP that concerned/distrustful of passcode, he should switch to complex passcode. It's more secure than the 1 in 50,000 probability of finding a random matching fingerprint (there's a 1 in 10,000 odds of guessing a simple 4-digit passcode).
     
  12. melman101 macrumors 68030

    Joined:
    Sep 3, 2009
    #12
    Yeah, I think I may do this myself to be honest :).
     
  13. DavidLynch macrumors 6502a

    Joined:
    Apr 9, 2015
    #13
    As others have said, if you have touch ID enabled on your phone you have the passcode as an alternative. Touch ID is also less secure than the passcode if someone is trying to get into your phone. Enable the erase on 10 unsuccessful attempts if you're concerned.
     
  14. BillyTrimble macrumors 6502a

    Joined:
    Sep 20, 2013
    #14
    Unless I'm completely misunderstanding you, ya, you missed a lot.

    What do you mean "got around my passcode"? Do you mean guessed your passcode? Because that is what they would have to do to use apply pay once you removed your watch from your wrist. Do you know how many combinations it would take to find your code? Are you using 9999 or 1234? If not, stop worrying. Or just don't use it.
     
  15. NT1440 macrumors G4

    NT1440

    Joined:
    May 18, 2008
    Location:
    Hartford, CT
    #15
    If your watch comes off no one can use ApplePay until it's back on your wrist and unlocked.

    ----------

    Based on....what exactly?
     
  16. fischersd macrumors 601

    fischersd

    Joined:
    Oct 23, 2014
    Location:
    Kitchener, Ontario, Canada
    #16
    If someone has your thumb print, they can (somewhat easily) create a latex copy that fools touch ID.
     
  17. Bryan Bowler macrumors 68040

    Joined:
    Sep 27, 2008
    #17
    Yea, and I'm sure that the everyday criminal is going to do just that. :confused:
     
  18. Julien macrumors G3

    Julien

    Joined:
    Jun 30, 2007
    Location:
    Atlanta
    #18
    I use 5 digit Passcode for 1 in 100,000.
     
  19. DavidLynch macrumors 6502a

    Joined:
    Apr 9, 2015
    #19
    I didn't say it was easy to crack, I said it was less secure than the passcode so the OP shouldn't worry about the passcode on the watch vs. touch ID. The touch ID will read a finger print lifted off another object. Again, the average person shouldn't have to worry about this.
     
  20. NT1440 macrumors G4

    NT1440

    Joined:
    May 18, 2008
    Location:
    Hartford, CT
    #20
    .....


    Only if they can also simulate the flow of blood through that latex. Do you happen to have intelligence agencies after you? No normal thief is ever going to be able to pull that off.
     
  21. melman101 macrumors 68030

    Joined:
    Sep 3, 2009
    #21
  22. mistame macrumors member

    Joined:
    Sep 18, 2014
    #22
    Just the latex fingerprint...created by the following process:

    "First, the fingerprint of the enrolled user is photographed with 2400 dpi resolution. The resulting image is then cleaned up, inverted and laser printed with 1200 dpi onto transparent sheet with a thick toner setting. Finally, pink latex milk or white woodglue is smeared into the pattern created by the toner onto the transparent sheet. After it cures, the thin latex sheet is lifted from the sheet, breathed on to make it a tiny bit moist and then placed onto the sensor to unlock the phone."

    Keep an eye out for those criminals on the subway carrying around their cameras. Don't forget to stay still once they get your phone off you so they can get a good high res snapshot of your fingertip.

    If someone did do this in a real world application I imagine it would be some government agency or corporate espionage level stuff happening, and you'd have bigger things in your life to worry about than them unlocking your phone to use Apple Pay.
     
  23. JayLenochiniMac macrumors G5

    Joined:
    Nov 7, 2007
    Location:
    New Sanfrakota
    #23
    And everyone is stuck with 4-digit passcode for ATM transactions and the like. I think the fear is a bit irrational.
     
  24. fischersd macrumors 601

    fischersd

    Joined:
    Oct 23, 2014
    Location:
    Kitchener, Ontario, Canada
    #24


    I watched a few videos of how people have done it. You can use silicone, but you also have to put some graphite in the mix to give it capacitance, so it more closely simulates skin.

    This is something a 3d printer would be good for (printing the finger print mould, that you would put your silicone/graphite mix into). :)

    Anywho, that's just hypothetical.

    This thread should just die - the watch is every bit as secure as the iPhone in regards to ApplePay and I do hope future revisions of the watch do have Touch ID. (I'm not afraid of people copying my prints) :)
     
  25. jomo25 macrumors regular

    Joined:
    Jun 29, 2010
    #25
    Question to all those who are worried about either their phone or watch being stolen, and their ApplePay hacked (via TouchID being faked or their passcode guessed): Do you carry your credit cards with you in your wallet or purse?

    Those are much more easily stolen from you without your noticing, used at a greater number of merchants/POS points, and with absolutely no security measures to stop the burglar.

    Put your worries where they belong. Not where they are wasted.
     

Share This Page