A security researcher in Delhi, India, reported that Apple paid him $100,000 through its bug bounty program for finding a vulnerability in its Sign in with Apple feature that could have resulted in the takeover of users' third-party website and app accounts.

In a May 30 blog post, researcher Bhavuk Jain explains how he detected the bug that could have fully compromised third-party user accounts , regardless their whether or not users had a valid Apple ID. Apple has since reportedly corrected the flaw, although it has not publicly addressed the bounty payment. 

The computer company’s sign-in works similarly to 0Auth 2.0. According to Jain, there are two ways to authenticate a user: 1) a JWT (JSON Web Token) or 2) a code generated by the Apple server. The code then generates a JWT. 

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.