Apple Pay Surprise

[LoveToMacRumors]

Of course it worked, why do you think you have to add your cards on your WATCH again after adding them on your phone

 

[JayLenochiniMac]

Of course it worked, why do you think you have to add your cards on your WATCH again after adding them on your phone

Let's not be too harsh on the OP. Many people are still unaware that Apple Pay does not require cellular/wifi connectivity even on the iPhone.

 

[friedmud]

From what I gathered in this thread is once it goes off your wrist it needs to connect to the phone again to work plus enter password.

That's not true. If it comes off your wrist you'll need to unlock it again... but you don't have to have your iPhone around to do that.

 

[macdragonfl]

That's not true. If it comes off your wrist you'll need to unlock it again... but you don't have to have your iPhone around to do that.

Thanks for clarifying, someone else said different.

 

[mildocjr]

AW Apple Pay does not require a cellular connection, just like your debit card doesn't need a cellular connection.

 

[JayLenochiniMac]

AW Apple Pay does not require a cellular connection, just like your debit card doesn't need a cellular connection.

Ditto for iPhone Apple Pay.

 

[macdragonfl]

On AW, you can set COMPLEX PASSCODE. It does NOT have to be 4 digit. I have 9 digit passcode for my watch.

And you can also set so that AW erases data after 10 passcode tries.

Great tips, just changed, Better security for sure. Thx

 

[Julien]

Great tips, just changed, Better security for sure. Thx

It is just elementary exponential math.

PIN is 10,000
5 is 100,000
6 is 1,000,000
7 is 10,000,000
8 is 100,000,000
9 is 1,000,000,000
10 is 10,000,000,000

I use 5 on my Watch and 6 on my iPhone. Even a PIN is highly unlikely to be cracked and someone only has a 0.1% or a 1 in a 1000 chance with the 10 try limit set. So steal 1000 Watches and crack 1.

 

[Thai]

The problem with the 10 try limit is that i don't want my data to be erase because my 3 year old got his hands on my watch accidentally! With 9 digit passcode, no one is cracking mine!

 

[Julien]

The problem with the 10 try limit is that i don't want my data to be erase because my 3 year old got his hands on my watch accidentally! With 9 digit passcode, no one is cracking mine!

Makes sense but even a 5 code will only give a theft only a 50% chance of cracking entering a different code every 3 seconds for 8 hours a day for 5 days straight. Sound like fun and definitely worth the effort.

 

[daijholt]

Obviously it would take several tries, but it wouldn't be hard someone you knew. I used to guess my moms passwords all the time when she would lock me out of things. lmfao

This is why getting wrong too many times in a row locks the watch for a certain time period, which increases with each series of failed attempts. Add to that the fact you can turn on "erase after 10 failed attempts" in the settings which nukes the watches data, including your apple pay setup but leaves it locked with activation lock, meaning it can't even be used by the thief afterwards, and its a pretty secure setup. I'm also pretty sure it won't let you use a simple passcode like 1234.

 

[MBHockey]

Concidering it's only 4 digits usually yup, but I hardly use my card in public or even keep with me because I really only use it for monthly payments.

This is why Apple enabled 6 digit codes.

Most people's password are usually high digit, low digit, high digit, low digit or reverse, or something stupid like 9876, or 7654
I'm not sure why my teacher taught us this in school but often it's about trying a bunch of different consistency of numbers & how many different ways can you use those numbers obviously.
Differently the most interesting teacher I had. Lol

& if you know the person you can Probly think up a couple Favorite words or names for complicated passwords for things like Apple ID and one letter has to be capital which most likely is the first letter and probably ether 2 digit or 4 digit code

 

[biosci]

Let's not be too harsh on the OP. Many people are still unaware that Apple Pay does not require cellular/wifi connectivity even on the iPhone.

I think we're more harsh on the person who replied about someone stealing their watch and guessing their passcode to make payments rather than the OP who didn't know how the AP Tokenization (sp?)worked!

 

[Feenician]

On AW, you can set COMPLEX PASSCODE. It does NOT have to be 4 digit. I have 9 digit passcode for my watch.

And you can also set so that AW erases data after 10 passcode tries.

Yep, me too. Simply set the phone (which in my case has an even more complex upper/lower alphanumeric, numbers and punctuation 17 character password) to unlock the watch and you're golden.

 

[Julien]

Yep, me too. Simply set the phone (which in my case has an even more complex upper/lower alphanumeric, numbers and punctuation 17 character password) to unlock the watch and you're golden.

Thread is about using Pay when you DON'T have your iPhone. Your Watch is still only a secure as its own passcode lock.

 

[Feenician]

Thread is about using Pay when you DON'T have your iPhone. Your Watch is still only a secure as its own passcode lock.

Good point However, chances are you had, and unlocked your phone before you left the house which would have unlocked Watch for as long as you keep it attached it to your wrist. In any case 9 digits isn't that difficult to enter should you need it but it fairly secure, provided you don't make naive D.O.B. + House Number choices or such.

Perhaps, now we that we have the ability to enter alphanumeric passcodes, now that we have a viable method of entry in iOS10.

 

[Julien]

Good point However, chances are you had, and unlocked your phone before you left the house which would have unlocked Watch for as long as you keep it attached it to your wrist. In any case 9 digits isn't that difficult to enter should you need it but it fairly secure, provided you don't make naive D.O.B. + House Number choices or such.

Perhaps, now we that we have the ability to enter alphanumeric passcodes, now that we have a viable method of entry in iOS10.

No need for alphanumeric pass-codes since a 9 digit is 1,000,000,000 combinations. MORE that safe enough since its would take someone several years working all day long every day to have any chance of brut force cracking.

 

[Feenician]

No need for alphanumeric pass-codes since a 9 digit is 1,000,000,000 combinations. MORE that safe enough since its would take someone several years working all day long every day to have any chance of brut force cracking.

Sure, but only in the simplest mathematical sense is that figure correct. Unfortunately, as with all things security and especially so with passwords, once you put humans in the mix things get rather more muddy. People tend to choose passcodes/passwords that mean something to them (I used the d.o.b. and house number example before) and with that then the domain of numeric passcodes that are meaningful to an indivual are vastly smaller than the domain of alphanumeric passwords and quite probably more likely to be based on publicly available information.

If alphanumeric passcodes did nothing to improve security then we would surely not have them anywhere.

 

[BarracksSi]

I'm still more comfortable using Pay on my Watch than using the card.

 

[Feenician]

I'm still more comfortable using Pay on my Watch than using the card.

As you should be. Watch can neither be skimmed nor the pin code shoulder surfed (assuming you have unlocked it before attempting to pay)

 

[CodeSpyder]

I'm not sure why it wouldn't need a Internet connection but ok? Lol

Because the Apple Watch has an NFC chip.

 

[Julien]

Because the Apple Watch has an NFC chip.

...and credit cards (which Pay replaces with a secure token) have never needed an internet connection either. For anyone who is perplexed by Pay here is great article about the way Pay works.

http://www.kirklennon.com/a/applepay.html