Yes the AW NFC is about as safe as it can get, and as I have a cellular Apple Watch I don't take my phone out of my house.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Stolen iPhone - Criminals have full control and Apple cannot help!
- Thread starter danclara
- Start date
- Sort by reaction score
The problem with point #3 is that if you have Apple Card or used Apple Wallet for anything, you get locked out of it if you have a simple restriction with "Password Change" Don't Allow
I have already seen several videos on how to 'supposedly' protect yourself, but they all fail to mention that you are SOL when it comes to Apple Wallet. The Apple Pay appears to be still available (on phone only) but it also completely gone from Apple Watch. Apple really needs to get their crap together for the upcoming iOS and address these issues.
I seem to only get the Restrictions Enabled warning for the Wallet app if I disallow access to that app under Content & Privacy Restrictions / Allowed Apps.
However, I am now unable to invoke the payment card list on my Apple Watch (double-click the side button), even after turning all Screen Time restrictions off. The Apple Watch app still lists them under Wallet settings but for whatever reason I can't use them. Seems like a bug.
Edit:
I'm not sure which one it was and I don't have time to troubleshoot more right now, but one of these fixed card access on Apple Watch for me:
1. Time passed (maybe some setting change was synced with a delay)
2. Apple Watch was restarted (did this twice while trying to figure the problem out)
3. Turned Screen Time passcode off (I had already separately turned all restrictions off, so nothing should have been restricted)
It's unfortunate if it was number 3.
Last edited:
This has been answered several times in this very thread. I won't repeat it, because I don't want to start the same debate over again, but you'll find it if you read the whole thread.
In short, it isn't the access to the phone itself that's being blamed on Apple, but what happens afterwards.
Mike, thanks for setting me straight and providing this bit of extra knowledge.
I still plan to keep the extra screen time passcode in place even if it just slows down the thief, or prevents some less knowledgeable thief, as you say, from getting in. Every little bit helps.
It's funny, though, that Apple sets up the 10 attempt limit in Screen Time, but makes it easy to bypass without having to even attempt once!
I still plan to keep the extra screen time passcode in place even if it just slows down the thief, or prevents some less knowledgeable thief, as you say, from getting in. Every little bit helps.
It's funny, though, that Apple sets up the 10 attempt limit in Screen Time, but makes it easy to bypass without having to even attempt once!
Yeah. If one has the device passcode they have the keys to the kingdom. No different than possession a key fob making the car trivial to steal.
And while the possession of a device passcode by phishing or assault is a devastating occurrence we are living in times where your digital life is under pressure. Thankfully the percentage seems to be very small compared to the active user base.
This has made me more aware of safeguarding my device passcode.
Apple have really failed the OP in this instance, hope things are being sorted now and an overhaul of the process is underway.
What process would you think needs to be sorted with apple having billions of customers and prioritizing the needs of one against others who may be calling in for various sorted reasons?
If a thief grabs your key fob and steals your car would you blame Ford for allowing it to happen?
The process of resetting the Apple Id password.
The PIN should be used exclusively for granting access to the phone itself, nothing more.
That's not the same thing. A stolen key fob allows the thief to use the car just like a stolen PIN allows the thief to use the phone. Fair enough. But the thief being able to reset the Apple Id password doesn't fit your analogy. That's like the Ford key fob being used by the thief to access your bank accounts.
The op said “apple has failed”, I’m interested to know where they have failed for two billion iPhone users. Yes it’s a difficult thing as other things that can happen in your life. But I’m guessing there is some balance between usability and security that’s inherent in the current system even if some don’t like it.
What apples response will be if any remains to be seen.
No but I’d blame Apple for not blocking my stolen iPhone when I’ve proved I am the owner and my data is being robbed and my family getting threatening messages because they’ve changed my password. The level of customer service in this instance sounds shocking. Apple should have reset the ID at the very least.
Apple blocking phones as a policy imo opens up the floodgates for fraud - which is why I’m guessing apple didn’t do it. Or maybe there is more to this story - I don’t know.
And OPs story as bad as it is - hopefully will save someone the same grief by being more cautious.
The only way the OP could have been more cautious is to not use their phone at all in public. That’s not entirely realistic but in London there are gangs who will follow you and either pickpocket you or rob you directly for your phone. In that’s situation you just hand it over and hope the security measures in iOS can protect you. Apple certainly need to improve it as nobody should be able to bypass a password with a passcode only. Apple should also be able to block a phone if you are able to approve you are the owner. Hopefully this will improve in future.
If these gangs threaten one with bodily harm and want the device passcode you are going to give it up. Faced with harm or giving up your identity I’ll give everything up. Money can be replaced. But if it comes down to it a burner phone might do the trick.
If it’s your life on the line you’ll give up anything.
I don’t know what proof apple needs, but it seems to open the door to fraud.
I wasn’t suggesting you don’t hand over your phone if you are being robbed, I even said this in the post you replied to:
That seems to be that case here; these devices and their use have evolved. The in place security measures have not.
No doubt this is traumatic. But after 692 posts with post 1 criticizing Apple, my point is I'm believing from Apple's perspective it's probably not as easy as all that to actually prove you are the legitimate current owner of a phone and then "block that phone". To us here in the ether it seems to be as easy as pie that we should be able to prove that to Apple and that apple should accept our proof.
I think what has evolved is the notoriety of the situation rather than the actual use case. It's always been the case protect your device passcode and don't put yourself in compromising situations where either your well-being is threatened or you are at risk for robbery or assault. There are many suggestions on how to lock down your iphone if someone rips it from your hand. I'm sure apple will do something to harden the security, and I'm also sure that people will lose access to their phones because they couldn't get past the second layer of defense. Either way it's bad for the customer and bad for apple.
The OP was able to contact his banks and cancel multiple cards and file a fraud claim, but Apple couldn’t authorise freezing his iCloud account and resetting the phone despite them proving they were the account holder with receipts and a passport. I know you hold Apple very highly, but this was a phone where the data on it was more valuable than a device that is insured. If banks can act where potentially tens of thousands of pounds are involved, a company selling a device surely can too.
Apple can help in this situation and it may have been down to a particular individual on a power trip, but measures can be put in place. When a member of staff leaves a company and hands over an iCloud and passcode locked iPhone, proof of purchase and contract is usually enough to have a phone reset, I’ve been through it with my own company. It’s a bit of a pain, but it os done.
Quite why an iCloud password can be changed by someone with just a passcode is quite unbelievable. Something as simple as forcing the user to input the old password as part of the change is a basic and widely used measure that I am shocked isn’t included with iCloud.
How does apple know the phone is his? Maybe he sold the phone a minute ago and walked into a nearby apple store and now wants to screw the buyer? With banks, one doesn't sell or give away their accounts as in property. And typically the account owner presumably has PII that is known only to them.
Yeah, but with corporate accounts there usually is an audit trail.
Well no. It's a balance between security and convenience. It's always like that. Some people can't remember their passcodes and adding a second layer of authentication that is not penetrable would cause people to lose their accounts for good.
Wait till a government issued iphone with sensitive and confidential information in it get's stolen in the same manner, then we will see Apple act because they most certainly will not take the chance of government bosses saying they will no longer use iphones due to Apple's inability to lock down the iphone when it is reported stolen.
If I walk into a bank to draw out over £2.5k, I can produce a bank card and a drivers license/passport which is enough to prove I am the account holder. Why is a passport and a proof of purchase receipt not enough for Apple to help with a device that could be worth as little as a few hundred pounds?
If he wants to screw a buyer over, why would they be selling their iPhone with it logged in to their iCloud? The OP wanted the account locked and reset, not for Apple to just blacklist the iPhone. If you buy a phone privately and someone were to lock the phone, your statutory rights are the same as if you buy from a retailer in regards to faulty goods.
While I can see your point, going back even 10years I would not have envisioned using my smartphone today in the scope that I do. The use case has evolved however the user security for the device has not evolved.
Daily use, over the shoulder, assault, robbery, etc... 10 years ago this could have happened and the damage that could be done was far less. Think back to what you used your iPhone for in 2013.
Everything has evolved except access security.
But it is still a balance between security and convenience — there will be “winners” and “losers”.