How To: Apple Watch Vulnerability Lets Thieves Use Apple Pay Without Your PIN

How To: Apple Watch Vulnerability Lets Thieves Use Apple Pay Without Your PIN
No, your Apple Watch isn't totally hacker-proof, despite what some have claimed.The basic idea behind its security is that the Watch can detect when it is removed from a wrist, and automatically requires a passcode to be entered if removed (if one is set up, which is a requirement for using Apple Pay). So we set out to trick the sensor into thinking it's still on a wrist while removing it. Taking that a step further, we wanted to see if we could use this "exploit" to bring up Apple Pay and make purchases with someone else's card.We'll cut right to the chase—we got it to work without much effort. Here's how we did it, and what you can do to protect yourself if someone uses this technique on you.
How the Apple Watch Sensors Keep It UnlockedOn the back of the Apple Watch are four specifically designed rings which contain the 4 components of the heart rate sensor—2 green/infrared LEDs and 2 photodiode sensors.While measuring your heart rate, this sensor can tell if the watch is currently being worn. That way, if your Apple Watch is passcode-protected, you won't have to enter your passcode in every single time you want to use it (as long as it doesn't leave your wrist).Try it out yourself. When your passcode-protected Apple Watch is on your wrist, you don't need to enter your passcode every time you want to use it. Now take the Apple Watch off your wrist. After a second, it'll lock and prompt you to enter your passcode in order to gain access to it again.
The VulnerabilityWhile the wrist-detection is a useful feature, did you catch the part where I mentioned that there is a one-second delay before the Apple Watch locks itself?That one-second delay, before the Apple Watch activates its passcode-protection, cannot be patched. It's necessary to prevent the Watch from constantly re-locking itself during the split-second separations from your skin that occurs during regular use. After all, it would be pretty annoying if running, shaking your wrist, or rotating the Watch for comfort caused it to lock itself.But here's the catch: The Watch can't tell the difference between a wrist and a finger.Knowing that, we managed to use that one-second delay to exploit the sensor by simply touching the back of the Watch while taking it off someone's wrist. The watch remained unlocked while we held the back. In fact, it was easy enough to swap the Apple Watch from one wrist to another—all without the device locking. While we're not great at swiping wristwatches, there are several people who are.
What this means is simple: someone could potentially steal your Watch by simply grasping it by the back to gain access to the information stored on it. And since many people have no doubt put their credit cards on their Apple Watch, yes, this includes Apple Pay. The exploit is even easier with the pricier Leather Loop and Milanese Loop magnetic bands as they slip loose with minimal effort.

How to Take Off the Apple Watch Without Triggering the PasscodeTo test it out, we had Neil Gonzalez sync his iPhone with the Apple Watch, add a lock screen passcode, and set up his credit card for use with Apple Pay (we used a credit card because they don't require entering a PIN into the payment terminal like a debit-only card would).We started with Neil wearing the Apple Watch on his wrist, which didn't require him to enter his passcode. My goal here is to remove the Watch from his wrist and transfer it to mine while keeping it unlocked. I took the Apple Watch off his wrist with two hands, then quickly slid two fingers underneath the Watch case where the heart rate sensor is located, to maintain skin contact. Of course, all this had to be done within a second, before the Watch locked me out. Then I quickly placed the Apple Watch on my wrist, secured it, and voilà! I was able to access everything on his Apple Watch without having to enter a passcode, including his credit card which was "secured" through Apple Pay. For good measure, we even turned off Neil's iPhone, which disables pretty much everything on the Apple Watch—except for Apple Pay. But just to make sure we weren't missing some back-up security feature, we headed to Walgreens to put this exploit into action. With the Apple Watch on my wrist, I was able to bring up Apple Pay and make a purchase with Neil's credit card without any trouble. Yea, this was much easier than I thought (and would've hoped).
How to Protect Yourself from Watch ThievesObviously this method of stealing an Apple Watch, all while maintaining skin contact underneath it and running away, is highly unlikely unless you're hanging out with magicians, pickpockets, or commute on crowded trains. Still, it's definitely something to be aware of and protect yourself from.Set a Passcode While we did show how to exploit a passcode-protected Apple Watch, we still recommend you set one. Without a passcode, it's a guarantee that if your Watch is stolen, the thief will be able to access all of the information on it, including Apple Pay. Also, thieves can wipe your Apple Watch and restore it as their own, so make sure to set a passcode—and not one of those generic 1234 ones.Remove Apple Pay If your Apple Watch gets misplaced, the first thing you should do is remove your credit cards from Apple Pay directly from the Apple Watch application on your iPhone. That way, if someone has it, they at least won't be able to use your credit card to make purchases.Unfortunately for this method to work, the Apple Watch will have to be in range of your iPhone. Otherwise, you'll have to log into your iCloud account online, go to Settings -> My Devices, choose your Watch, then click on "Remove All" to wipe the slate clean. Your cards will still be visible on the Watch, but only the last 4 digits of the number. No other portion of that number is saved on the Watch, and each card is associated with a device-specific ID that Apple deactivates on their server.
A Few More Things to NoteWe played with this exploit for hours, trying to see other ways in which we could lift the Apple Watch without triggering the passcode. If you're really careful, you can actually unhinge the band and slowly lift the Apple Watch up, because it seems that the accelerometer also plays a part in locking the display.If you do it slowly enough while the Watch's display is active, you can keep it unlocked and place it on your wrist, but it didn't work consistently well enough for us to state it as anything more than an off-occurrence.We also noticed that sometimes the Apple Watch would stay completely unlocked, even after removing my fingers from the sensor. While this didn't happen every single time, it did happen twice, and you can check out more about that over at MacRumors.
Final ThoughtsAside from this "fingergate" exploit, the Apple Watch is actually a pretty secure device. It doesn't store too much information, and even then, it's difficult to access any of it if the iPhone that's paired to it is out of range or turned off—except of course for Apple Pay!This article serves more as a warning to show you what thieves could potentially do when stealing your Apple Watch. It's difficult to see this method working for everyday thieves, but it could be used against someone who's drunk and unaware, out at a bar or a club, or otherwise unconscious.I can't count how many times I've had someone try to lift my iPhone or wallet from me when out at a noisy and crowded bar, so what's going to stop them from trying it on my Watch?All it takes is someone to get a little too drunk, and out of the darkness comes a thief who can easily remove your Apple Watch, keep their fingers underneath the sensor, and use your credit card to buy everyone a drink at the bar.Follow Apple Hacks on Facebook and Twitter, or Gadget Hacks over on Facebook, Google+, and Twitter, for more Apple news, apps, and tips.



Yes it's good that a thief can't get into your watch and use Apple Pay to make purchases. But, having the ability to fully reset and use your watch as their own is a huge problem, and should be rectified. I'm honestly surprised that Apple hadn't thought of this and fixed it somehow.
How to set up and use Apple Pay on your Apple Watch


UPDATED 7:30 EDT Thursday with a statement from Apple. Quick-fingered thieves may be able to steal an Apple Watch right off your wrist and use your Apple Pay account to buy things, a YouTube video
Apple Flaw Lets Thieves Completely Reset Your Apple Watch


Without a passcode, it's a guarantee that if your Watch is stolen, the thief will be able to access all of the information on it, including Apple Pay. Also, thieves can wipe your Apple Watch and restore it as their own, so make sure to set a passcode—and not one of those generic 1234 ones. Remove Apple Pay
Apple Watch Flaw Lets Thieves Use Apple Pay - Tom's Guide

Apple Watch Vulnerability Lets Thieves Use Apple Pay Without


How to use Apple Pay on the Apple Watch procedure to verify your cards. My Bank of America debit card let me log into my account via their iPhone app, but my Capital One credit card required


Apple Pay is now widely available around the globe, letting you pay from the wrist using just your Apple Watch. The better news? It's mega easy to set up and use. It's one of the key benefits of
How to use Apple Pay on the Apple Watch | Macworld


A video published by a group of hackers has demonstrated how a stolen Apple Watch could be used by the thief to make payments using Apple Pay without them having to authenticate the transactions in any way — as long as they are quick. The timing vulnerability is made possible through Apple's use
Apple Watch Exploit: Steal a Passcode-Protected Watch & Use


This exploit comes after another one that we've recently found, one that lets quick-fingered thieves steal your Watch and access the Watch without needing your passcode. This lets them use Apple Pay to make purchases at nearby stores before you have a chance to remove the device from your Apple Pay settings in iCloud.
Potentially big Apple Watch vulnerability could let thieves


In this video, we'll be showing you how someone with enough skill could theoretically snatch your Apple Watch to make purchases using Apple Pay—no matter if your Watch is passcode-protected or not.
Thieves can bypass Apple Watch passcode to pair a stolen


Potentially big Apple Watch vulnerability could let thieves use Apple Pay on stolen watches using Apple Pay on a stolen Watch without having to input her fingers in order to keep PIN
An Apple Watch exploit lets thieves use Apple Pay without


An Apple Watch exploit lets thieves use Apple Pay without needing to enter PIN Posted by Evan Selleck on May 14, 2015 in Apple News The Apple Watch is a means to use Apple Pay , the company's mobile payments solution, without having to pull a phone out of a pocket.
Apple Watch vulnerability could let thieves use Apple Pay

0 comments:

Post a Comment