Apple Watch Will Use Skin Contact for Apple Pay Security

[Mtmspa]

Touch ID was going to result in a lot of severed fingers according to the MR posters. Haven't heard reports of this happening.

 

[jm001]

I have bony wrists. With most watches I wear the back is rarely plastered up against the back of my wrist. How tight are people going to have to wear this thing? I think there's going to be a lot of re-entering your pin.

No matter how bony, a watch will always have contact with your skin. Now the question is do ALL 4 sensors need to be in contact or at least just one. I like to wear my watches slightly loose so I would hate to re-enter a pin while wearing it.

 

[ulyssesric]

So the robbers can't just chop off your finger; they have to chop off your arm now.

Just kidding.

 

[i.mac]

That's very cool. Hope for their sake that they patented that idea.

Samedung: hey apple, you stole my idea!

Apple: no I did not.

Samedung: I will sue you just the same for stealing my idea. It is my idea, convergence of design, you see?

Apple: oh brother!

 

[Apple blogger]

Ok so this means the watch will know which skin is it? Mine or someone else's? And everytine I remove the watch I have to again enter my pin?

 

[StyxMaker]

Maybe the second generation Apple Watch will have Touch ID and be waterproof.

Now, how would that work? If you're wearing a watch try holding it up close to the wall while keeping your finger on the watch face.

 

[Karma*Police]

That's very cool. Hope for their sake that they patented that idea.

With our slow legal system, does it even matter? Samsung and Google will make billions by the time the case is even heard by a jury. And even when they lose, it'll be a slap on the wrist compared to what they'll have made by stealing.

 

[StyxMaker]

I can imagine some sort of light simulation built in to the card.

Where there's a will, there's a way.

Some people seem to believe they live in an episode of Mission Impossible.

 

[andrewzzz]

Hm

This is a concern with PayPass and PayWave credit cards. They don't need any PIN for transactions under $80 (at least here in NZ that's the case). The credit card companies are happy to refund any fraudulent transactions because it's worth their while to have people spending money more easily. I imagine the same is the case for Apple Pay.

Only flaw with Apple's approach I see is someone overseeing you enter the PIN, then steal your watch, put it on their hand, re-enter the PIN, and go shopping.

 

[maxwelltech]

So I guess the FBI will now know what type of skin color and DNA patterns you have

 

[StyxMaker]

So you enter your PIN and can make payments. Then every night you get home and take it off to charge and the next day you have to re enter the PIN. Sounds like just one more POS to remember every morning while I'm getting ready for work. No thanks.



EDIT: Apparently needfx realized the same thing I did.

I'm sure you will be asked to enter your PIN as soon as you put on the watch. Won't have to remember a thing.

I'm amazed at all the idiotic reasons people can think up for not liking the Apple Watxh.

 

[Jakexb]

"Taptic feedback" whenever it asks for a payment?

You have to press the side button when paying with the watch. It's in the demo I think.

 

[HerbieMac]

Somewhat clever. Implies mandatory passcodes for all.

 

[StyxMaker]

Your sentiment against dragging a dead body into walgreens I agree with… BUT… I can't believe nobody has addressed this:



Heavy sleepers / passed out drunk / etc: now anybody can access your phone with just putting your finger to the TouchID. It has made hacking their phones EASIER since there is no mental input required. That goes to speak about just accessing your contacts / bank or ANY now-TouchID-protected apps, messages, etc. Further, right now it's just walgreens… I can see them allowing person-to-person payments in the not-too-distant future… hell, prob will be done on Day 1 with Paypal/Venmo/Square… or BitCoin/Altcoin currencies… where there is no third-party viewing the transaction.



Hmmmmm

I don't sleep around strangers and I'm never passed out drunk.

 

[Plutonius]

Hopefully it detects that the hand is warm to prevent thefts.

But what if you are a zombie .

Nothing is ever totally secure.

 

[tl01]

Cool tech, not practical implementation. The way so many of the terminals are positioned, you're going to have to do a handstand to get your wrist/phone on the there properly. I'd rather just use the iPhone!

Let's wait and see before we jump to conclusions. I'm pretty darn excited about it.

 

[eastmanweb]

You don't have to worry about drive-by transactions

I wonder if it asks for confirmation or am i going to be paying for everyones stuff when i walk past a register?

An Watch transaction requires authorization after it is scanned by double-pressing the physical button on the side of the watch.

----------

This is a concern with PayPass and PayWave credit cards. They don't need any PIN for transactions under $80 (at least here in NZ that's the case). The credit card companies are happy to refund any fraudulent transactions because it's worth their while to have people spending money more easily. I imagine the same is the case for Apple Pay.

An Watch transaction requires authorization after it is scanned by double-pressing the physical button on the side of the watch.

 

[a0me]

Not very secure. Crafty thieves would just have a slither of plastic at body temp to slide underneath the watch as they nab it. Im sure someone will start selling a tool. Bad idea to leave something authorised for a long time period. Asking for trouble.

Easy, if you spot Ethan Hunt (or James Bond, or Jason Bourne, or Nikita) trying to steal your Apple Watch, run the other way!

 

[Kaibelf]

Your sentiment against dragging a dead body into walgreens I agree with… BUT… I can't believe nobody has addressed this:

Heavy sleepers / passed out drunk / etc: now anybody can access your phone with just putting your finger to the TouchID. It has made hacking their phones EASIER since there is no mental input required. That goes to speak about just accessing your contacts / bank or ANY now-TouchID-protected apps, messages, etc.

Really? Well, I'm not a total mess who falls asleep in my own drunken vomit, and I don't expect someone to unlock my phone in the dead of night in order to go shopping. Also, I don't live with trash who would steal from me, and I don't take homeless people into my home at night, so I think I'll take the risk.

 

[JayLenochiniMac]

you will have to reenter the pin daily after charging

That's what I was thinking, but why can't Apple take it one step further and authenticate it without requiring the password once it detects TouchID from your iPhone (which many of us do on a daily basis)?

 

[Robert.Walter]

So every morning I will have to put in a PIN code? Hassle.

I'm surprised the new fine-grained pressure-sensitive touch screen can't recognise my fingerprint and use that for authentication. That would be genius.

Alternatively, if the sensors are able to typify my heartbeat, or capillaries in my wrist, so that when I strap it on the watch recognises me, that would also be good.

Strapping it on, and then tapping the TouchID on the phone to authenticate (possibly with the phone recognising the wrist it is placed on and then matching that to the phone as an alternative to entering a PIN would also be a good solution.

I will be surprised if one really has to enter a pin every day, or every time they take the watch off during the day, to unlock these features on the watch once they strap it on again.

 

[thasan]

looks lame. what if:
1. i put finger underneath the watch and then take it out? that way it should measure the heartbeat as well from finger tip, right?
2. many ppl takes off watch several times a day. that includes workers of certain types (for safety, chemicals etc), practicing muslims (for ablutions). i dont think people will buy things every few minutes. that means they got to put pin each time. what difference does it make from entering the pin for ur card?

 

[JayLenochiniMac]

So every morning I will have to put in a PIN code? Hassle.

I'm surprised the new fine-grained pressure-sensitive touch screen can't recognise my fingerprint and use that for authentication. That would be genius.

If Apple is smart, they'd design it so it detects TouchID when we first use our iPhone 5s/6/6+ upon wearing the watch and this takes the place of having to enter the passcode.

 

[rdlink]

Unless they take your wrist with the watch...

At which point you will likely not ever care again...

----------

Not very secure. Crafty thieves would just have a slither of plastic at body temp to slide underneath the watch as they nab it. Im sure someone will start selling a tool. Bad idea to leave something authorised for a long time period. Asking for trouble.

Okay, please just stop and think before you post. First of all, the sensors are sophisticated enough that they used infrared and visible LEDs to sense your heart rate. I think they're sophisticated enough to know the difference between someone's warm skin, with blood flowing through it and a warmed up plastic card. Next, how long do you think the card would stay at body temp? Certainly no more than 3 seconds. Sheesh! It's a wonder Apple ever gets a product out of their labs without your brilliant engineering mind.

 

[timborama]

So basically you have to renter the pin every day, since you need to charge every night. Breakthrough... Not!