Apple’s new iOS 12 includes a security code auto-fill feature that according to a researcher makes customers more susceptible to banking fraud.
A report in BGR cited Andreas Gutmann, a researcher at OneSpan’s Cambridge Innovation Centre, saying that automatically entering the security code users get via an SMS makes them more vulnerable because human validation is a key step when using two-factor authentication. What’s more, the researcher contends the auto-fill feature is a big issue for authenticating transactions. With two-factor authentication in common with online banking apps Gutmann argued users are more exposed to banking fraud. The researcher, noted the report, said scammers would be able to trick a user into transferring money or could make them more susceptible to man in the middle, phishing, social engineering and other hacks.
Despite the potential security issue Apple has been pushing to get more users to use its Apple Pay digital payment service. In June Apple started giving customers 15 percent off purchases made in the Adidas iOS app when users buy the merchandise with Apple Pay. According to a report from Cult of Mac at the time, the promotion ran through June 28. The company continues to find ways to attract users to the service. In May, Apple ran a promotion offering customers free grocery delivery with Instacart when they made purchases via the digital payment service. Apple also announced at the time that Apple Pay was made available at Trader Joe’s, Giant Food, Smart & Final, SuperValu, Food Lion and Winn-Dixie. In addition, the company tested out an “Order Ahead” feature at Napa Valley’s BottleRock music festival. Users were able to open the festival’s app, select the closest concession stand, choose their drinks, then use Apple Pay with either their face or fingerprint and pick up the beverages at a dedicated window without the hassle of waiting in line.