Indian developer gets ₹75 lakh for reporting flaw in 'Sign in with Apple' | Editorji
  1. home
  2. > tech
  3. > Indian researcher finds security flaw with 'Sign in with Apple'
replay trump newslist
up NEXT IN 5 SECONDS sports newslist
tap to unmute
00:00/00:00
NaN/0

Indian researcher finds security flaw with 'Sign in with Apple'

Jun 01, 2020 11:48 IST

An Indian security researcher, Bhavuk Jain, has reportedly found a serious security flaw with Apple's 'Sign in with Apple' login service that was introduced with iOS 13 last year. 'Sign in with Apple' lets users protect their privacy by registering for apps and services with randomised email IDs, and in turn forwards mails from them to a user's actual email that remains protected. The flaw reportedly allowed a hacker to forge a token linked to any email ID and verify it as valid using Apple's public key, if the app or service didn't have its own security measures, potentially giving the attacker full control of the user account. Apple has reportedly fixed the flaw found in April, and awarded the researcher a $100,000 bug bounty.

Tech