New Apple Watch With Touch ID and More Uncovered in Leaked Code

[WarmWinterHat]

The system Apple currently uses is SO insecure—my iPhone frequently unlocks my Watch when the Watch is just sitting on the desk.

I turned that feature off (actually never turned it on). Put in the passcode or it doesn't unlock, and always used a 8 digit code. Nothing insecure there.

 

[mk313]

Exactly what I was thinking. I tried to go this route a few years back and left my phone at home most of the time. It worked okay-ish but battery life on cellular needs a major upgrade (especially in rural areas where signal goes in and out)

One of the rumored upgrades this year is a different cellular chip that is designed specifically for devices that have lower data needs/ lower power requirements. If it's true, that could make a big difference going forward.

 

[nostaws]

Apple Watch + AirPods = if Apple wanted to test the AI helper/leave your phone at home route. I’d like to give it a try. I hate being addicted to my phone.

If all the promised Siri enhancements could be accessed via my watch? Awesome.

My original Ultra battery is still going strong.

Maybe this is a step towards Apple allowing Watch to be a stand-alone device (no iPhone requirement)?

 

[MilaM]

This would be a great enhancement and QOL improvement in my opinion. I tend to take off the watch several times per day for different tasks around the house. Putting in the code every time or reaching for my iPhone, which I don't carry around with me all the time, is very cumbersome. I hope they introduce this on the regular watch and not only on the Ultra.

 

[adrianlondon]

but why? why should that even be a thing. I NEVER want to enter my password. that should be the point of biometrics

The password is used to decrypt the secure store where the biometric data is kept. I summarise, but one can google "secure enclave" for the details.

 

[subjonas]

I'm saying you pretty much always have to still enter a password and it sucks. my Mac has Touch ID. why should I ever have to type my password? yet I do at least once a day if not more. my vision pro I have to type a password every time I turn it on, my watch every time I put it on etc.

Oh I see what you mean. There are logistic and security reasons for sometimes requiring a password. It’s a fall back for when biometrics fail or isn’t practical in a situation (wearing gloves, wet fingers, swollen face lol, etc), and for giving someone else access to your device eg. over the phone. Also so that you can’t be physically forced to authenticate your device.
I assume the password is required after a device has been turned off because Apple assumes you only shut it off once in awhile, in which case it wants you to use your password to keep you from forgetting it. It will also randomly ask for your passcode once in awhile, even without turning off the device, for I assume the same reason.

 

[Return Zero]

OK but how does this help? You put the watch on. It asks for a passcode. You enter it once, and then you're authenticated for the whole day. What does touch ID add here? Avoiding entering the passcode once in a day?

Theoretically you're right, but the wrist/skin detection isn't as secure as real biometric methods... plus, if someone does swipe your watch and manage to spoof the detection, if you have an iPhone, you can wipe all the functionality from the watch using the phone immediately. In the use case of not having a paired phone nearby, you wouldn't be able to do that, and you'd be wishing you had real biometric security.

 

[jarman92]

but why? why should that even be a thing. I NEVER want to enter my password. that should be the point of biometrics

Security. A password is more secure than biometrics, and Apple requires one at times when security is most likely to be an issue, e.g. after a restart or > 24 hrs after last use.

 

[jarman92]

Have never had that happening and I’ve been using AW since S0

I guarantee it happens to you frequently and you just don't notice.

 

[jarman92]

I turned that feature off (actually never turned it on). Put in the passcode or it doesn't unlock, and always used a 8 digit code. Nothing insecure there.

You're right, but then the positive of having Touch ID on the Watch is convenience.

 

[RaoulCapano]

Doing any typing on the Watch is bad UX and should only be seen as an if-necessary fall back, not a daily task. Plus many people take off/put on their watch multiple times a day—to play contact sports, etc. And you never want to expose your passcode if possible (especially if it’s the same passcode as your phone, which is the case for a lot of people).

Right, so just put the watch back on and look at your phone. Boom, you're in, no typing required.

 

[Rychiar]

Security. A password is more secure than biometrics, and Apple requires one at times when security is most likely to be an issue, e.g. after a restart or > 24 hrs after last use.

well its pretty regularly 24 hours between when I use my home computer so it feels like im always entering it. and every time I put my Vision Pro away I turn it off so it feels like I have to enter it on the too which is especially super annoying when it has a perfectly good retinal scan. I don't see how a 4 digit passcode could ever be more secure

 

[RaoulCapano]

Your Watch shouldn’t need authentication for Apple Pay as long as it was authenticated earlier and you haven’t taken off the Watch.

I agree. I was just trying to find some (any) reason for adding TID to it.

 

[satchmo]

All I want is (when you’re in the workout app) to have precision instant start and stop using the side button.

 

[AlexESP]

How would it be helpful? I unlock the watch via my iPhone and only enter passcode for watchOS updates.
There is zero benefit having touched on the watch. Setup a longer than 4 digit passcode for added security

Please list out what is "so obvious", because I can't think of anything.

Great idea for the four months per year when my area when everyone will be wearing gloves, too. 🙄

First of all, even if it’s minor, not having to enter your passcode on a small screen, which is not ideal. But most importantly, not exposing your passcode in public if you need to take off your want and put it on again. Also, it makes Apple Pay safer.

 

[WarmWinterHat]

First of all, even if it’s minor, not having to enter your passcode on a small screen, which is not ideal. But most importantly, not exposing your passcode in public if you need to take off your want and put it on again. Also, it makes Apple Pay safer.

As long as the code is still an option, and it doesn't have to be used for Apple Pay. Paying-at-the-pump was the only time I used Apple Pay on my watch, and in winter when it's -10F, I'm sure as heck not taking my gloves off to authenticate it. I'll just use a card.

All that said, I gave up on the Apple Watch a few months back, so whatever..

 

[subjonas]

Right, so just put the watch back on and look at your phone. Boom, you're in, no typing required.

That works for you and me, except occasionally when the phone is out of reach. But also remember a lot of people like to use their Watch without their phone entirely.

 

[Mity]

You will get a thinner watch

One of the downsides of upgrading from the S9 to the S10 was that the S10 sits so low on my wrist, that the crown is actually more difficult to turn. I would've preferred the S10 to have the same thickness as the S9 but with a larger battery. But I love the jet black color of the S10. It blends in with the screen so nicely!

 

[RaoulCapano]

That works for you and me, except occasionally when the phone is out of reach. But also remember a lot of people like to use their Watch without their phone entirely.

Interesting, I don't know any AW users that don't have iPhones.

 

[turbineseaplane]

You will get a thinner watch

Less bezel!

Transparent case for maximum liquid glassiness!

 

[Michael0816]

For what? I enter my passcode when I put on my watch and then never again.
Also in what way is the following true?
"In fact, the security of processes such as Apple Pay could be considerably enhanced with on-device biometric authentication."
As soon as you remove the watch from the wrist, it automatically locks.

 

[jayducharme]

I don't understand. I thought the Watch authenticated by using the sensors underneath, reading your biometric data. So all along it's just been authenticating through the iPhone? That would explain why they needed an iPhone for the Watch to properly function.

 

[klasma]

I don't get it. I specifically remember them touting during the launch that since the Watch is on your skin, it's secure. Once you've unlocked it by entering the passcode or through your phone after you put it on in the morning, it's authenticated until you remove it. What problem does this solve?

It might be Touch ID on the underside to authenticate your skin, removing the need to unlock it manually.

 

[canpoyrazoglu]

Serious question: what is the use case of this for a device that almost everyone unlocks once a day and stays that way, which also gets unlocked when you unlock your nearby iPhone?

 

[sherwinzadeh]

I don't see how this would help. You enter your PIN just once when you first put on the watch. After that you never need it for Apple Pay or anything else. If you keep your watch on all day and you charge at night, as most I assume do, and if it follows the iPhone where you MUST enter your PIN every time you restart the phone, then it'll make absolutely no difference. I guess it'll only benefit people that take their watches on and off often?