Applepay weakness

Discussion in 'iOS 8' started by wesk702, Oct 23, 2014.

  1. wesk702, Oct 23, 2014
    Last edited: Oct 23, 2014

    wesk702 macrumors 68000


    Jul 7, 2007
    The hood
    The only downside I can see with Applepay is someone finding out your 4 digit pass, which can be circumvented by just watching someone type it in. Once in, a thief can add their fingerprint to the phone and use their own fingerprint for transactions if passbook already had cards stored, correct?

    I think entering Passbook and fingerprint should use a more secure and longer string and make that mandatory and not allow 4 digit pass for those two areas specifically.

    People's 4 digit code is inherently weak placing more valuable info and permissions at risk.

    Think about it. If the enclave is really as secure as it states, then the thief would have no worry about including their fingerprint cause the authorities can't get in their right? I mean fingerprint data is never passed along in a transaction.
  2. CaptMarvel macrumors 65816


    Sep 20, 2014
    North Carolina
  3. wesk702 thread starter macrumors 68000


    Jul 7, 2007
    The hood
    Yeah, but most people don't and use the 4 digit pass. I just think those two areas should not allow simple passcodes.

    It's scary what could happen with someone knowing your 4 digit pass.

    Hypothetical hysterical scenario:
    Imagine if Pangu had a backdoor that was able to capture your keystrokes.
    Boom, your key is stolen. Not a big deal right cause they don't have your phone. Then what if these Chinese hackers that Tim is so worried about is able to use your icloud info and steal a backup of your phone from icloud. Then they create a clone of your device and add their fingerprint.
  4. Intell macrumors P6


    Jan 24, 2010
    Apple Pay requires use of the Touch ID. Most people who use Apple Pay would just unlock the device with Touch ID instead of a passcode.
  5. wesk702 thread starter macrumors 68000


    Jul 7, 2007
    The hood
    Yeah, but I'm sure there are scenarios where one would use the code like when the phone is restarted. I'm sure there can be others.
  6. scaredpoet, Oct 23, 2014
    Last edited: Oct 23, 2014

    scaredpoet macrumors 604


    Apr 6, 2007
    Most people wouldn't have to use a passcode at all once they have TouchID working. The only times I ever need my passcode is when first boot up my phone (and that really only happens when I do a software update the phone reboots). Other times, I just use my fingerprint, so no one ever sees me enter my passcode, nor am I bothered that it's a complex one.

    Aaaaaaand that's why shouldn't use them when you have TouchID. :)

    This is also an argument for Apple disabling Apple Pay if a jailbreak is detected.

    Fingerprints are not stored in the backup image on iCloud. Nor is any information about the cards you've enrolled in ApplePay. when you restore your phone, whether it's the same phone or a new one, you HAVE to re-register your fingers, and you HAVE to re-enroll your cards.
  7. wesk702 thread starter macrumors 68000


    Jul 7, 2007
    The hood
    I know the prints aren't. So if you restore your phone, you will have to manually add the cards in again? If so, that's better.
  8. scaredpoet macrumors 604


    Apr 6, 2007
    Yes, you have to add the cards again. They aren't synced anywhere, they are only stored in the secure element on the phone.
  9. nepalisherpa macrumors 68020


    Aug 15, 2011
    With iPhone 5 and phones before that, I used a 4-digit passcode for easier unlock. With iPhone 6+, I have a long/complicated password. I only need to enter this password once after a reboot.
  10. Sean7512 macrumors 6502a

    Jun 8, 2005
    I brought this up yesterday:

    I think it is a very good practice for all users of TouchID to use a complex password.
  11. Menel macrumors 603


    Aug 4, 2011
    The beauty of TouchID from the very start last year, is you could have a complex password with more convenience than the 4digit pin.

    First thing I did with TouchID was move to complex 11char password.

    You should as well. Yes, Apple should force this.
  12. njchris macrumors regular


    Sep 14, 2007
    You can wipe your phone with find my phone.

    Thief thwarted.
  13. caesarp macrumors 6502a

    Sep 30, 2012
    You are contemplating someone has your phone? If your phone is lost/stolen you can wipe it remotely or deactivate cards without wiping phone. No different than if someone stole your physical card.
  14. newellj macrumors 603

    Oct 15, 2014
    Boston, MA, US
    Right. Even signing out of your iCloud account will force reactivation of all your ApplePay cards. Certainly a restore is going to need reactivation.


    Same here. Arguably, Apple should automatically disable simple passcodes if TouchID is enabled.
  15. JoeTomasone macrumors 6502

    Aug 8, 2014
    Actually, the cards are not stored anywhere. Only the token (Device Account Number) is stored in the Secure Element.
  16. Mufasa804 macrumors regular

    Mar 6, 2009
    Case closed.
  17. gsmornot macrumors 68030


    Sep 29, 2014
    Do you avoid ATM's and paying with debit too? In both of those cases you need to use a pin number.

    I feel so much better about paying with my phone than using or worse handing my card to someone. It sounds to me like you assume no thought was put into this idea.
  18. penajmz macrumors 68040


    Sep 11, 2008
    New York City
    I use a very long password to unlock my phone.
  19. Armen macrumors 604


    Apr 30, 2013
    A Few things:

    - The Passcode security system is still in place so that you can still access your phone in an event the touch ID sensor fails.

    - The best security for ApplePay is YOU. Just like YOU are your own wallet's security system.
  20. NoBoMac macrumors 68000

    Jul 1, 2014
    Add: if I recall my brief foray with Apple Pay the other day, one does not even have to unlock the phone. The credit card pops up on the lock screen, and you verify with touch-id.

    So the theoretical thief will not even see a 4-digit PIN. Unless they are following you around all day and shoulder surfing.

    (for the record: 12 character passcode, upper and lower case, special chars, digits)
  21. NT1440 macrumors G4


    May 18, 2008

    Why would someone go through that effort when they can just get your 4 digit debit PIN? :confused:
  22. sounak100 macrumors newbie

    Sep 10, 2014
    Applepay weakness

    Well I can see a scenario where a person has the latest iPhone but an older iPad lacking Touch ID. The person may have the same pin for both devices. Someone can take a peek at his pin when he is using his iPad.
  23. XboxMySocks macrumors 68020


    Oct 25, 2009
    No. It doesn't.
  24. JoeTomasone macrumors 6502

    Aug 8, 2014
    Well, if you are using TouchID, in theory you are very rarely entering your passcode. Apple states explicitly that TouchID is designed to:

    1. Reduce the amount of times you have to enter the passcode
    2. Encourage you to eliminate the delay before the passcode is required that many people enagaged because they hated entering passcodes
    3. Encourage you to use longer passcodes

    You'll notice that there is no delay that you can set before TouchID is active - it is always active as soon as the screen is turned off.

    So a potential thief won't have many opportunities to figure out your pin code, even if you stick with a 4-digit code. Further, they wouldn't need to enter a fingerprint; the passcode can always be used to authorize a payment; after 5 invalid fingerprint scans it is required.

    However, they also have to have your phone... Which, of course, you will be de-authorizing as soon as it is lost/stolen. You could either disable it in Find My iPhone or disable the card by calling the issuer the same as you would for a physical card. Further, Find My iPhone will target the criminal's location inside a store where it is likely that security cameras are capturing the attempted use of your phone for posterity. :)

    But seriously, how many people are EVER held up for their credit cards? Cash, yes - but single credit cards are useless unless you intend to kill the victim before they can make the call to the issuer.

    I can't really argue against this, but since there are protections in place (escalating lockouts and the option to secure wipe the phone on too many invalid passcode attempts), the risk is somewhat balanced against the potential for non-savvy users to forget their passcode. Savvy ones can always use long passcodes. I will say, however, that it would be nice if you got a dialog box explaining why you would want a longer passcode and offering to bring you to the right place in Settings to configure it.

    Fingerprints themselves are never actually stored in the Secure Enclave. To simplify, the points of your fingerprint are described in terms of data points, which are what is stored. They cannot (to my knowledge) be reverse engineered into a graphical fingerprint. Call it a one-way hash function. :)
  25. Fzang macrumors 65816


    Jun 15, 2013
    In some stores they don't even need that. Just swipe and scribble on the receipt, and off you go!

Share This Page