Apple unveiled the Sign in with Apple option back in June 2019 and the feature was received with somewhat positive attention. There’s a good reason for that positive response; it allows for a more secure authentication system as opposed to the social logins. Furthermore, this also enabled users to sign up with third-party apps and services without having to share their Apple ID email. However, an Indian security researcher in New Delhi recently discovered a critical flaw in the Sign in with the Apple system. This flaw would enable an attacker to take over an account simply by relying on an email ID.
Apple, in return, has rewarded the security researcher generously. The tech giant paid the hacker $100,000 from Apple security bounty pot and this goes to show just how crucial this shocking discovery to Apple was. The good thing that came from all of this is that Apple has already taken care of the issue on its server-end and only after this was carried out did Bhavuk Jain – the genius who found the flaw – published his disclosure online on May 30.
The potential flaw was only linked with the third-party apps that relied on Sign in with Apple without implementing any other security measures. It was a potential hazard owing to two reasons. It could have enabled a complete takeover of the user accounts of the third-party apps even if the user didn’t have a valid Apple ID. Furthermore, Apple was not able to catch this flaw during the development stages.
Jain figured out that he could request authentication tokes for any email ID from Apple and those tokens would then be verified by making use of Apple’s public key. This means that an attacker could potentially gain access to the victim’s account. Jain also explained that an internal investigation was conducted by Apple that determined that no compromises had been made thus allowing it to fix the flaw before it caused any damage.