Hello Apple, this is a $1.99 purchase !

[aicul]

I'm writing this in the Yosemite forum in the absence of finding a forum on the APP store.

It's all about the user experience whilst purchasing.

So after installing Yosemite on my previously perfectly working iMac I decided to purchase a $1.99 APP.

Over 24 hours later I made the purchase !

Here is the line of events;

1. Found the APP I wanted
2. Pressed the price button
3. Pressed the same button AGAIN to "Buy"
4. A pop up asked for iCloud login
5. I enter the password and login
6. Strangely it suddenly states that I never purchased on this iMac (not true) and wants to identify me with question answers.
7. I don't remember the answer (mainly because the questions are fixed and don't refer to things I remember). I try to recall what I could have entered and confirm
8. Its a failed entry, so I try again
9. Obviously I end up locking my account.
10. So I connect to iCloud on Safari and go to manage ID. Here it says I need to wait a while for the account to get unlocked.
11. I go to apple support site and schedule a call for next morning.
12. I wait... until evening
13. Locked out period expires. I go back to iCloud/Manage ID and go to "Questions and Passwords". The account is unlocked but I still have to enter the "correct" answers. I try once.
14. Still a fail, so I opt to wait for the scheduled support call
15. I wait... until the next day
16. I get the call, explain the case
17. I login again into iCloud/Manage ID/Questions and Passwords and get a "temporary pin" which I communicate to the support staff (who I must say was competent)
18. The support staff resets the questions
19. I re-enter 3 answers to questions that don't make any sense to me
20. Go back to the APP store
21. Click $1.99
22. Click Buy
23. Login to iCloud
24. Enter the answers to questions
25. I get asked to "Confirm the desire to purchase"
26. I confirm
27. I get asked to confirm Billing information. Hey, its life or death, Apple does not have a "Title" (Mr, Mrs, Dr. etc.) for me
28. I enter "Mr" (unfortunately they don't propose "close to nervous breakdown") and confirm,
29. Again I get asked to "Confirm desire to purchase"
30. I confirm

FINALLY, the $1.99 purchase is made.

Honestly, I can understand the underlying reasoning of apple in all of this but;

• 30 steps ?? It's just overkill and it is the result of Apple trying too many things at once; first purchase on a device, update customer record, and the purchase itself
• As my account is linked to a $20 scratch card, a bunch of questions/concerns are much reduced (no Title ? - come-on !)
• Updating customer records is a great thing, but ask them separately or when the effort is worth it
• I note that once you have a password, reseting questions only requires that you are patient and smiling on the phone (so security questions are not a strong security feature)
• Indeed I should remember my login credentials, but for that Apple needs to make those akin to my memory capabilities; why can a user not write his own question and write his own answer ?

 

[simonsi]

why can a user not write his own question and write his own answer ?

Simple - ignore the actual question and give a consistent answer that you can remember. Apple doesn't verify that your answer is correct, only that you give the same answer as when you setup the Q's originally.

So for any question, give the same complex answer, e.g. "The Planet Venus"

You can remember it, it can't be looked up or discovered by anyone trying to fake your answers in the way that your first school/car/maiden name can be....

 

[ElectronGuru]

Hello Apple, this is a $1.99 purchase !

I've started treating password attempts like starting a car. Once you get past two without success, it's time to pause and rethink your approach so you don't end up locking yourself out (draining the battery). In this case, I'd also activate two factor authentication. The more they have reason to trust you, the fewer hoops they may subject you to.

 

[KlytusLord]

I use my password manager to generate complex password to the canned security questions and I record all of that information. Most of the security questions they ask can be found out anyway, so I prefer to have a combination of Question: what was your high school mascot? answer: kkt67rT_65#$llo98q

It actually makes life easier, since beyond what I personally consider a security weakness, there is also the problem of "did I include the article when I first answered this question? did I make it plural or singular? "crap, I went to two high schools, which mascot did I pick two years ago when setting up this account?!" etc.

I don't blame Apple for this. I think security questions are a silly approach industry-wide. Without even having close friendships with some, I could answer several for people I work with; things like "where did you get married" "name of your first dog" and other such nonsense like that.

 

[theSeb]

. Most of the security questions they ask can be found out anyway, so I prefer to have a combination of Question: what was your high school mascot? answer: kkt67rT_65#$llo98q

*info saved for later*

joking

 

[aicul]

So for any question, give the same complex answer,

Actually this does not work.


Thanks all for the input, but in the end what concerns me is that

• the setup that is supposed to protect me becomes so combersome that I have to make it fail to survive. Which generates a dilemma if I am to use this for private things such as family photos
• Apple is not full-filling its promise to me to make things simple, because not only does it make them absurd, but it decides to unilaterally impose a bunch of things at the same time - even if there is no logic (my example customer file update for tilte).

I'm somewhat concerned here