• Contact
  • Home
  • App
  • Business
    • Finance
  • News
    • Entertainment
      • Games
      • Social Media
    • Hindi News
    • Misc
    • Trending
  • Tech
    • Gadgets Update
    • How To
    • iPhone
  • Hindi

Subscribe to Updates

Get the latest creative news from FooBar about art, design and business.

What's Hot

Dealing with Competitors Posting Negative Reviews

December 12, 2024

Exploring the Evolution of Auto Tint Technology: A Glimpse into the Future of Vehicle Enhancement

June 10, 2024

Top 25 Flowers to Send to Your Girlfriend and Celebrate Her Birthday in India

June 7, 2024
Facebook Twitter Instagram
Facebook Twitter Instagram
SUBSCRIBE
  • Contact
  • Home
  • App
  • Business
    • Finance
  • News
    • Entertainment
      • Games
      • Social Media
    • Hindi News
    • Misc
    • Trending
  • Tech
    • Gadgets Update
    • How To
    • iPhone
  • Hindi
Home»App»Apple Company Pays Indian Developer Rs. 75 Lakh
App

Apple Company Pays Indian Developer Rs. 75 Lakh

setnewsboxBy setnewsboxJune 6, 2020No Comments3 Mins Read
Share
Facebook Twitter Reddit Telegram Pinterest Email
[siteorigin_widget class=”WP_Widget_Media_Image”][/siteorigin_widget]
Contents hide
Apple Company Pays Indian Developer Rs. 75 Lakh for Finding a Bug in ‘Sign in With Apple’ Process
What is Sign in with Apple?
Sign in with Apple bug

Apple Company Pays Indian Developer Rs. 75 Lakh for Finding a Bug in ‘Sign in With Apple’ Process

 

 

Apple Company are reportedly paid an Indian developer $100,000 (roughly Rs. 75.3 lakh) for finding a critical bug in the ‘Sign in with Apple’ process on its devices. The 27-year-old developer named Bhavuk Jain are discovered a Zero Day bug in the ‘Sign in with Apple’ process that could have allowed hackers to gain access to the user’s account where they were trying to sign in. These Cupertino-based company acknowledged this bug and stated that it had investigated and patched it, adding that this flaw was not exploited.

 

 

What is Sign in with Apple?

 

Bhavuk Jain disclosed this flaw in Apple’s ‘Sign in with Apple’ process that he found in April, on May 30 through a blog post. They ‘Sign in with Apple’ feature are introduced in June last year. This feature allows Apple account holders to sing in to third part apps without having to share their email address. This is done by generating a JSON Web Token (JWT) containing information required by the third-party application to confirm the identity of the user. In While this process was implemented to preserve user privacy, the Zero Day bug found by Jain exposes the user accounts to attacks.

 

 

Sign in with Apple bug

 

According to the blog post by Bhavuk Jain, they was found that while signing in with Apple, users are required to log-in to their Apple account, which is the first step. In the second step, however, they was found that there was no validation to check if the same user is requesting a JWT to login to a third party app. They are explained by Jain, could allow a hacker takeover the user’s account by faking a JWT.

 

 

They was found I could request JWTs for any Email ID from Apple and when the signature of these tokens was verified using Apple’s public key, they showed as valid. Its means an attacker could forge a JWT by linking any Email ID to it and gaining access to the victim’s account,” Jain said. These developer went on to state that the impact of this flaw is “quite critical” and that it could allow a full account takeover. This turn, would give hackers access to a lot of personal user data that might include log in credentials, passwords, account details, and other such private information.

 

 

In While not many apps support this sign in process, it is available for Dropbox, Giphy, Spotify, & Airbnb, among others. Additionally, several other apps have this feature but not as a mandate. However, it still puts users at risk and as per the blog post, Apple conducted its own investigation of its logs and stated that no account has been compromised due to this vulnerability. Jain was paid $100,000 (roughly Rs. 75.3 lakh) by Apple under its Apple Security Bounty program for discovering and reporting this vulnerability.

Share. Facebook Twitter Pinterest LinkedIn Telegram Reddit Email
Previous ArticleApple macOS Catalina 10.15.5 Update Debuts With Battery Health Management
Next Article YouTube Now Supports UPI Payments Method In India
setnewsbox
  • Website

I love writing on webpages because I can help people across the world through my articles, pictures, and videos I create to answer their automotive questions they can't find answers to anywhere else

Related Posts

Dealing with Competitors Posting Negative Reviews

December 12, 2024

Unleashing the Thrill: A Deep Dive into RAJAGACOR – Your Ultimate Online Gaming Destination

January 2, 2024

How Architectural Tinting Can Enhance Your Building’s Energy Efficiency

October 17, 2023

Empowering Your Business with Jira Templates and Bug Ticket Templates

October 11, 2023

Exploring Font Styles: Unveiling the Power of Serif and Sans Serif Fonts

June 19, 2023

Testing Angular Web Applications: Strategies and Tools

June 17, 2023
Demo
Stay In Touch
  • Facebook
  • Twitter
  • Pinterest
  • Instagram
  • YouTube
  • Vimeo
Don't Miss

Dealing with Competitors Posting Negative Reviews

By vinayDecember 12, 2024

When Competitors Play Dirty In the competitive world of business, not everyone plays fair. Sometimes,…

Exploring the Evolution of Auto Tint Technology: A Glimpse into the Future of Vehicle Enhancement

June 10, 2024

Top 25 Flowers to Send to Your Girlfriend and Celebrate Her Birthday in India

June 7, 2024

7 Tips to Catch Artic Char

March 7, 2024

Subscribe to Updates

Get the latest creative news from SmartMag about art & design.

About Us
About Us
Our Picks

7 Tips to Catch Artic Char

March 7, 2024

Unleashing the Thrill: A Deep Dive into RAJAGACOR – Your Ultimate Online Gaming Destination

January 2, 2024

How Architectural Tinting Can Enhance Your Building’s Energy Efficiency

October 17, 2023
Facebook Twitter
  • Home
  • TERMS AND CONDITIONS
  • Submit Guest Post | Write For Us
  • Cookie Policy
  • DISCLAIMER
  • Contact Us
© 2025 SET NEWS BOX. All Rights Reserved. | scoopifyowl@gmail.com

Type above and press Enter to search. Press Esc to cancel.