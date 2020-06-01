Bhavuk Jain, a techie hailing from Delhi, has bagged $100,000 (Rs. 75.50 lakh) bug bounty from Apple. Jain had flagged a critical security flaw in the Cupertino giant's 'Sign in with Apple' system, an issue that, he says, could have allowed hackers to take full control of accounts on third-party apps and services. Here is all you need to know about it.

Problem First, a quick recap of 'Sign in with Apple'

Back in June 2019, Apple debuted 'Sign in with Apple' as a 'more private' alternative for Facebook, Google's quick social login options. The feature authenticated users via their Apple ID email and also provided an option to create a dummy email. Naturally, people liked the idea of signing in via Apple and not giving away their data to Google and Facebook.

Issue So, what went wrong?

Months later in 2020, Jain found that if a third-party app did not have its own security measures, an attacker could forge the authentication token linked to any Apple ID email and verify it as 'valid' using the company's public key. This, he discovered, opened access to the target's account on the app in question, even in cases when a dummy email was used.

Fix Issue fixed through server-side changes

Following the discovery, Jain reported the issue to Apple and the company pushed a server-side update to patch it up. The researcher claims that the Cupertino giant conducted an internal investigation of the issue and determined that the flaw was not exploited to compromise any account on any app/website. After releasing the fix, Apple paid him the hefty bug bounty.

Issue Apple should have detected the flaw sooner