Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Apple Pay Possible Secuirty Flaw.

Mac 128 said:
Since the watch doesn't re-lock when transferring to someone else this way, anything that's accessible on the watch from the phone would be available with the victims IPhone, which will also be stolen. If you keep sensitive information in your contacts, for instance, there might be enough there to steal someone's identity. Before the watch, the phone would be locked, and easily bricked if stolen, making it a much less desirable item to steal on its own.

This really isn't about liability per se, as more of an exercise in exploiting an Apple security hole. The idea of a gang of thieves who drug unsuspecting Watch users and commit credit card fraud is one such realistic example, given that such thieves have operated this way in the past, and it's a very old con -- just look up Mickey Finn. That said, I'm not trying to instill panic, just explore a hypothetical. I certainly don't think this could likely happen to me or many others on this forum. But, to the extent it concerns Apple, it would be less about card liability for the victim, and more about Apple not wanting Watch wearers target for crime, which is the reason lawmakers have passed legislation to require phones to be "bricked".

However, to address your question here's the hypothetical I'm basing this scenario on -- it's 2016 and contact-less pay terminals are everywhere and they all accept Pay. People have slimmed down their wallets to just whatever cards and IDs that can't be accommodated by the watch, namely a driver's license, and perhaps a little cash. I know once Pay is accepted everywhere I won't be carrying a credit card anymore. At the present, I only carry one, but I have others I don't carry -- all of which are tied to Pay. I never carry cash. So let's say it's a typical mugging, the guy takes my watch, iPhone and wallet, which gives him two useless pieces of electronics, and a driver's license (though the watch can probably still be sold easily on the black market). But is that really enough to warrant assault with a deadly weapon charge if caught?

Now enter the smart criminal, who drugs his victim anonymously, robs them of an unlocked Watch, iPhone and any other valuables they may have, assuming no credit cards in the wallet. But even if there is a credit card in the wallet: we don't know how Pay will work with ATMs, but if a pin is no longer required, then there's a quick source of cash that wasn't available before. Also, some clerks might ask for an ID when using a physical card, but with Pay there's no questions asked. Also, a drugged victim can't log into iCloud and cancel Pay until they wake up. So many reasons to do it this way versus just pick-pocketing a wallet which is likely to be empty anyway in this hypothetical.
Click to expand...

This is what I'm talking about smart criminals will just do this
 
Lets say a criminal somehow manages to double-tap my watch button and activate apple pay, and had some handheld device that replicated the handshake and every bit transmitted from my watch from a few centimeters away.

How does he use that data to commit fraud?

First, it can only be used once, because it's a one-time-use token that is transmitted.

He can't just go use it at Best Buy to purchase a new Macbook Pro for himself. The handshake is going to be tied to his device, and encrypted, so the data is useless outside of his sniffing device. He would have to push the payment through himself, using his own merchant account? It's not easy to open a fake merchant account, and it's easy to shut down and find those involved because of banking laws that just dont make it that easy.

I would also imagine there is a window of time before the encryption keys expire as well... and it's probably minutes not hours.

Does NFC work at all offline? Or does the handshake involve the bank?

I could be completely wrong with my points... but from a technical standpoint, this seems extremely difficult, if not impossible, to exploit in this way...
 
Quahog said:
Lets say a criminal somehow manages to double-tap my watch button and activate apple pay, and had some handheld device that replicated the handshake and every bit transmitted from my watch from a few centimeters away.

How does he use that data to commit fraud?

First, it can only be used once, because it's a one-time-use token that is transmitted.

He can't just go use it at Best Buy to purchase a new Macbook Pro for himself. The handshake is going to be tied to his device, and encrypted, so the data is useless outside of his sniffing device. He would have to push the payment through himself, using his own merchant account? It's not easy to open a fake merchant account, and it's easy to shut down and find those involved because of banking laws that just dont make it that easy.

I would also imagine there is a window of time before the encryption keys expire as well... and it's probably minutes not hours.

Does NFC work at all offline? Or does the handshake involve the bank?

I could be completely wrong with my points... but from a technical standpoint, this seems extremely difficult, if not impossible, to exploit in this way...
Click to expand...

By exploit I mean the mobile terminal he uses puts money into his own account.
 
Sheon said:
By exploit I mean the mobile terminal he uses puts money into his own account.
Click to expand...

The possibility of this has already been thoroughly debunked upthread. The thief would have to have a merchant account in good standing with the mastercard/visa/etc.
 
mightyjabba said:
But I see nothing about using Apple Pay via the watch that seems more risky than using other sorts of payments (just the opposite, in the vast majority of situations). Bottom line is, drink responsibly and keep your wits about you and you should be fine. You know -- the same advice that would apply whether you have an Apple Watch or a wallet full of cash & credit cards.
Click to expand...

Yes, I agree. But I will say again, stealing credit cards to use them is generally not done because they can be quickly cancelled after a mugging, and even if the victim is incapacitated to delay the cancellation, they are more likely to be refused by a merchant who checks ID (as more and more do, especially on expensive purchases). Not to mention mugging someone at gunpoint has far greater risks and consequences.

The Watch offers a unique opportunity to gain access to a great deal of data and easy to use credit cards, from generally well-heeled people -- the incapacitation of which will give a criminal time to use it with little chance of getting caught. And I would argue that almost everyone who owns an Watch already uses Pay and has their watch set up to use it, versus the paucity of those using it on the iPhone alone.

I would agree that Pay is perhaps the most secure method of making a transaction, where available, and the vulnerability exists only in the Watch itself, and Apple is likely working on a fix for this to be implemented sometime in the future ... especially since this is not a high risk scenario. Nobody wants anyone to be targeted for theft because they have an Watch, but as you and others point out, it's a somewhat elaborate scheme that would ultimately only affect a few statistically insignificant victims.

Short of turning Pay off, perhaps an intermediate solution is to require a simple one or two-digit passcode every-time, which if not entered correctly requires re-authentication without allowing further use even with the correct passcode. Then, even if someone is able to exploit this issue and procure your watch somehow, they still won't be able to use it, just like your iPhone.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back