Apple News, Author at

What Are Passkeys? A User-Friendly Authentication Weapon in the Battle Against Phishing

As technology evolves, so does the need for more secure and user-friendly authentication methods. Passkeys, based on industry standards for account authentication, offer a simple and secure way to sign in to apps and websites across platforms without the need for passwords.

We’ll explore what passkeys are, how they work, and why they’re an excellent alternative to traditional passwords.

Streamlined Sign-In Experience

Passkeys provide a quick and easy one-step account creation and sign-in process using Face ID or Touch ID. There’s no need to create or manage passwords, making the sign-in experience hassle-free. With passkeys synced through iCloud Keychain, they’re available across all Apple devices, and you can even use your iPhone to sign in to apps and websites on non-Apple devices.

Next-Generation Account Security

Passkeys are based on FIDO Alliance and W3C standards, replacing passwords with cryptographic key pairs that significantly enhance security:

– Strong Credentials: Passkeys are inherently strong and never guessable, reused, or weak.

– Safe from Server Leaks: Servers only store public keys, making them less attractive targets for hackers.

– Safe from Phishing: Passkeys are intrinsically linked to the app or website they were created for, preventing users from being tricked into signing in to fraudulent apps or websites.

Furthermore, passkeys stored in iCloud Keychain are end-to-end encrypted, ensuring a strong, private relationship between users and your app or website.

Seamless Integration with Passwords

Signing in with passkeys uses AutoFill and Face ID or Touch ID for biometric verification, allowing for a seamless transition to passkeys. Users can continue using passkeys alongside passwords without any adjustments to the sign-in page based on credential type. The new Authentication Services API enables developers to add passkeys and create familiar sign-in flows for users.

A User-Friendly Solution for Enhanced Security

Passkeys have emerged as a powerful tool in the fight against phishing attacks, offering a user-friendly authentication method that prioritizes security. By replacing traditional passwords with cryptographic key pairs, passkeys provide a secure and simplified sign-in experience that keeps users’ information safe from potential threats.
In addition to being easy to use, passkeys are intrinsically linked to the app or website they were created for, which means users cannot be tricked into signing in to fraudulent apps or websites. This unique feature makes passkeys an effective defense against phishing attacks, ensuring a safer online experience for users across various platforms.

Services Supporting Passkeys

A growing number of popular services are embracing the use of passkeys for secure and user-friendly authentication. Here’s a list of some notable services that currently support passkeys:

– Google
– PayPal
– Cloudflare
– Shopify
– Kayak
– Yahoo! Japan
– NTT DOCOMO
– CVS Health
– Hyatt
– Instacart
– Robinhood
– Mercari

As more services adopt passkeys, users can enjoy a seamless and secure sign-in experience across various platforms without the need for traditional passwords.

Warning: Difficulties Reported with Apple and Goldman Sachs Savings Accounts

In a recent report by The Wall Street Journal, Apple’s savings account, a partnership with Goldman Sachs, has been facing some issues since its launch in April. Customers have reported difficulties withdrawing their money, with some experiencing delays of several weeks. Additionally, the bank’s instructions have been inconsistent, leading to further confusion for account holders.

Nathan Thacker, an Apple account holder from Atlanta, struggled to transfer $1,700 from his Apple account to JPMorgan Chase since May 15. Despite repeated calls to Goldman’s customer service department, he was told to wait a few more days each time. Thacker’s money finally arrived in his Chase account after The Wall Street Journal contacted Goldman about his and other customers’ experiences.

Other customers have also reported issues with transferring money from their new Apple accounts. They claim that customer service representatives at Goldman, which holds the deposits, have provided differing responses about the appropriate course of action. In some cases, customers’ money appeared to have vanished, not showing up in either their Apple account or the account they were attempting to transfer it to.

Goldman Sachs has responded to these concerns, stating that they cannot comment on specific customers but emphasizing their obligation to protect customers’ deposits. The bank said in a statement, “The customer response to the new savings account for Apple Card users has been excellent and beyond our expectations. While the vast majority of customers see no delays in transferring their funds, in a limited number of cases, a user may experience a delayed transfer due to processes in place designed to help protect their accounts.”

Industry insiders suggest that transfers involving a large share of the overall balance in new accounts, like Apple’s, can trigger anti-money laundering alerts or other security concerns that require additional review. These delays usually last around five days. Transferring large amounts of money from a newly opened savings account into an account different from the original source can also raise red flags. With these concerns in mind, potential customers should carefully consider their options before opening a savings account with Apple and Goldman Sachs.

If you decide to open an account, you have been warned.

iOS Triangulation: A New Cyberattack Threatening iOS Users

Kaspersky’s CEO recently revealed a new cyberattack against iOS devices called Triangulation. The attack has already infected several dozen iPhones, including those of Kaspersky employees.

The Triangulation Attack

Triangulation is a cyberattack that targets iOS devices, specifically iPhones. It begins with an iMessage containing a malicious attachment. Once the attachment is received, it exploits a number of vulnerabilities in the iOS system to install spyware on the device, all without requiring any user action.

The spyware then proceeds to transmit private information to remote servers. This includes:

a) Microphone recordings,

b)Photos from instant messengers,

c) Geolocation data,

d) Information about various other activities.

The extent of the data breach and the potential impact on users’ privacy is significant.

Kaspersky’s Response

Upon discovering the Triangulation attack, Kaspersky took swift action to neutralize the threat. The company’s business processes and user data remain unaffected, and operations are continuing as normal. Kaspersky is confident that it was not the main target of this cyberattack and anticipates further details on the worldwide proliferation of the spyware in the coming days.

Russia Accuses NSA of Attacks

In a statement that coincides with Kaspersky’s report, Russia’s FSB intelligence and security agency has accused Apple of deliberately providing the NSA with a backdoor to infect iPhones in Russia with spyware. The FSB claims to have discovered malware infections on thousands of Apple iPhones belonging to Russian government officials and staff from the embassies of Israel, China, and several NATO member nations in Russia. However, the FSB has not provided any proof to support these allegations.

The Russian state has previously recommended that all presidential administration employees and members switch from using Apple iPhones and, if possible, give up American-made technology entirely.

Kaspersky’s Findings and FSB’s Report

Kaspersky confirmed to BleepingComputer that the attack impacted its headquarters office in Moscow and employees in other countries. However, the company stated it is in no position to verify a link between its findings and the FSB’s report, as they do not have the technical details of the government’s investigation.

Despite this, Russia’s CERT released an alert linking the FSB’s statement to Kaspersky’s report on the Triangulation cyberattack.

One Week Until WWDC23 – Get Ready to Code New Worlds.

The excitement is building as we’re just one week away from Apple’s Worldwide Developers Conference (WWDC) 23, taking place from June 5th to 9th.

This annual event is a highly anticipated gathering of developers, tech enthusiasts, and Apple fans who come together to learn about the latest advancements in software and technology. This year, the event promises to inspire developers to “code new worlds” and push the boundaries of innovation.

Could this be a subtle hint for developers to prepare for a new Mixed Reality (MR) headset?

The intriguing theme of “code new worlds” has sparked speculation among the tech community. Some believe that it could be a subtle hint from Apple, suggesting the introduction of a new Mixed Reality (MR) headset at the event. If true, this would open up a whole new realm of possibilities for developers to create immersive and groundbreaking experiences, combining the best of both virtual and augmented reality.

While there is no official confirmation from Apple regarding the launch of an MR headset, the prospect of such a device has been a topic of discussion and rumors for quite some time. With WWDC23 just around the corner, anticipation is high, and developers are eager to see what new tools and technologies Apple will unveil to help them create these “new worlds.”

Will Apple catch up in the AI race or risk being left behind?

Another area of interest for developers and tech enthusiasts is Apple’s position in the rapidly evolving field of Artificial Intelligence (AI). While Apple has made significant strides in AI with its Siri voice assistant and machine learning capabilities on iOS devices, many feel that the company is lagging behind competitors like Microsoft and Google in the AI race.

As WWDC23 approaches, many are curious to see if Apple will announce any significant advancements in AI, allowing them to catch up with their competitors, or if they risk falling further behind. With the theme of “code new worlds,” it’s possible that Apple may surprise us with innovative AI-driven technologies that could change the game and keep them at the forefront of the tech industry.

Apple’s Dedication to AI: Hiring Generative AI Experts and Impact on OpenAI

In addition to the potential unveiling of an MR headset, Apple’s growing efforts in the field of Artificial Intelligence (AI) are worth noting. The company has recently started hiring at least a dozen new experts in generative AI, seeking machine learning specialists for various teams. This hiring spree indicates Apple’s commitment to advancing its AI capabilities and could have a significant impact on the announcements made during WWDC23.

But make no mistake, Apple is making money with AI, and its infamous 30% cut, known as the “Apple Tax,” is also making headlines in the AI space, costing OpenAI millions. OpenAI’s ChatGPT Plus subscription, priced at $20 per month for iOS users, is subject to this fee, with Apple taking $6 from each subscription. This move highlights the ongoing debate surrounding Apple’s revenue-sharing policies and their impact on innovation in the tech industry.

Will Apple’s WWDC23 satisfy the expectations of fans and investors?

Let’s keep our hopes high!

The Cheapest Way to Use Chat GPT-4 on MAC

OpenAI’s most famous and revolutionary product, ChatGPT Plus, comes with a price tag of $20 per month, granting you access to both GPT-4 and GPT-3.5, with this features:

-Available even when demand is high

-Faster response speed

-Priority access to new features

This subscription provides you with more than enough chats per month; however, there are certain restrictions for GPT-4 (GPT-4 currently has a cap of 25 messages every 3 hours).

Nonetheless, if you have an application that allows you to use your own API, you will pay as you go and not only will it be more cost-effective, but you will also be able to use GPT-4 with fewer limitations.

Pricing:

Show full article

Unlocking ChatGPT’s Potential on iOS through OpenAI API: Forget about Expensive Subscriptions!

If you’re interested in using ChatGPT-4 on your iPhone, you have several options:

Opting for a costly subscription (ChatGPT or iOS apps that provide access to ChatGPT-4)

Utilizing GPT-3.5, which is available for free, either via OpenAI´s website or through third-party apps (e.g., Poe.com)

Employing OpenAI’s API, which grants access to GPT-3.5 by default, but allows you to join the waiting list for GPT-4 (Good luck with that, as some people wait weeks or months, while a lucky few only wait days)

Show full article