Is there any evidence of vulnerabilities with Touch ID or of it ever being hacked?
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Barclays Finally Supports Apple Pay in United Kingdom
- Thread starter MacRumors
- Start date
- Sort by reaction score
And the bank would refund me. There is a limit on the number of times this can be used per day - 10 I think.
Apple Pay is great... However the £30 limit in MOST (before the fanboys attack) places makes it annoying I would use it everywhere if I could.
However I have been impressed with staff members knowing what it is in the UK recently. When it first was rolled out you were met with blank stares when you said you wanted to use Apple Pay they thought you were straight from Hogwarts with your magical phone.
However I have been impressed with staff members knowing what it is in the UK recently. When it first was rolled out you were met with blank stares when you said you wanted to use Apple Pay they thought you were straight from Hogwarts with your magical phone.
hence why i asked if you're a magician..
no other steps is an outright lie. when people say "apple pay is less convenient because i'd have to pull out my phone and use my fingerprint" they're neglecting to consider the fact they have to take out their card, and unless you're Dynamo you'd have to hold your phone (it won't levitate) and so it's hardly a great hardship to hold it with the thumb over the touch id. neither could particularly be said to be more convenient than the other on the whole.
in your case, i see you don't like to/can't use touch id. clearly for you, that makes cards more convenient but it's totally wrong to generalise based on that one experience (your own).
also, again, i know the above. i'm from the uk.
Probably because they were trying to push their own bPay, where you have to wear a christmas-cracker quality bracelet (which you had to pay for) to use it.
As for ease of use, I find it quicker for me to use my phone than get my card out. I appreciate the experience may be different in your circumstances.
Some Barclays cards such as yours are not supported. Check the Barclays Apple Pay FAQ for the cards that are and aren't supported.
Knowing UK banks, they'll be sat around thinking, "How can we charge extra for raising the limit?"
Weird how the Co-op don't do Apple Pay but accept it in store, Tesco Bank do Apple pay but don't accept it in store.
Yes they do. Any Tesco's at least within M25 does accept Apple Pay. Will expand across the country soon.
The only thing that bothers me about this is how secure is it? i'm with Barclays so I'm thinking about signing up as i have an iPhone 6 Plus and the Apple Watch. Is this more secure than pulling out my debit card, putting it into the card reader and typing in my pin at the checkout?
So many contrarian positions!
It would be interesting to try to understand why you refuse to use TouchID, and if there's a logic behind that, or just a gut feeling?
If it's for security reasons, then this is at odds with both of your other positions regarding fraud and merchants pulling profile information from transactions.
It would also seem to be tangentially at odds with security, for if the the card details (name, number, etc) are captured, then the account will have to be renumbered, and anything tied to that account (where details are on file for future transactions or autopay) will have to be updated.
Most card networks have adequate fraud recovery arrangements, through policies of "(near) zero liability" in the event of fraud. But as mentioned above, one would still have to clean up after the fraud.
Fact is, that a "defense in depth" strategy is extended by using ApplePay and TouchID (afaik, ApplePay authorization via passcode is not possible) by making it harder for potential miscreants to nab your info and leave you with a mess to clean up (the magnitude of which is amplified should it be a debit card which is comprimised, with funds needing to be returned to your account.)
Yes. Granted, it's a pain to do. But it still bothers me. I'm not singling out the iPhone here either - all fingerprint readers on phones are vulnerable to this.
http://boingboing.net/2016/03/06/hacking-a-phones-fingerprint.html
[doublepost=1459849034][/doublepost]
It's mainly because I have to wear plastic gloves due to health problems. It can't read my fingerprint through it.
They may well be technically, but to most people, the Co-op bank and the Co-op will be one and the same due to the name.
not particularly, given banks in the uk will refund fraud committed with your bank details where you weren't at fault.
the security aspect would come in not having to withdraw your wallet from your pocket or bag (allowing pickpockets to see where it is) or even being able to leave the card at home entirely.
What do you mean by "no other steps is an outright lie"?! I don't understand. I already explained I hold my card over the reader and that's it. If you are from the UK then you should know this.
I wasn't generalising. I'm only talking about my experience here.
Not doubting you, but my SWMBO works in Tesco, Barclays did some back-end work on the CC machines a few weeks ago and turned on the contactless payments, (either by accident or design) Tesco were quick to issue staff instructions to turn it off again immediately.
That is a misuse of the word 'hacking'. It's 'spoofing' by using a copy of a fingerprint. Hacking would suggest manually overriding/extracting fingerprints from the secure enclave, which has not been reported and is likely impossible as the iPhone doesn't have access to it. So to answer your point, Touch I.D has not been hacked.
That makes sense. The fingerprint scanner doesn't always work for me either, especially if
my fingers are damp (common in the UK
)/I've erased some of the details doing DIY etc.In general, though, a passcode is probably more vulnerable than a fingerprint (especially a short passcode).
To be honest, I'd also expect to know I'd lost the phone/watch before it had been used much, and would
have erased it remotely before much damage was done. As security risks go, this rates lower than losing my
wallet/house keys.
How is that different from taking out your phone? I always have my card tucked in my front pocket. I don't carry a wallet, just my 2 cards. Sorry, but it really is easier for me to use contactless pay.
We all have different experiences of how we access our payment methods. For you, plastic cards are quicker, that's fine, but it's not the case for everyone. For me, I pull my phone out of my pocket, (if it's not already in my hand, it usually is) hold it to the reader, wait for the ping and i'm done.
To use my card, I have to fish my wallet out of my jacket pocket, pop open the clasp, open an internal flap, select the card I need, spend a few attempts trying to grab the card with my nails, (It's a new wallet, really tight and grippy right now) pay for my goods, return the card to my wallet, return the wallet to my pocket.......
In a straight race against the clock, the phone wins every time, but that doesn't mean everyone else should have the same experience, it's what works best for me, what works best for others is absolutely fine too.
Much more secure! As your physical card details eg CV number are not stored anywhere on the phone it can't be compromised per se by the retailer (as an example) to then clone your card and use it fraudulently elsewhere.
As with ANY contactless transactions here in the UK periodically you will be asked to complete a Chip & PIN transaction to verify you are the card holder.
In terms of Tesco it seems they are rolling out NFC payments are smaller stores first. Might be different within the M25 but here in Derbyshire it's Metro/Express stores first.
I'm probably alone in this statement but I enjoy using Apple Pay. Did use contactless before it was announced but not as much as I have done with AP.
Agreed.
[doublepost=1459851356][/doublepost]
No, as I said before, it's mainly due to medical reasons. I have mentioned security fears too, but accept this might be misplaced.Tinfoil hat alert...
Not true. My debt card is not contactless and it added and works fine!