
Pressing the Side Button to Confirm Payments on iPhone X - trevmckendrick
https://daringfireball.net/2017/12/side_button_to_confirm_payments_on_iphone_x
======
kylec

        The reason why Apple requires you to press the physical side button to confirm
        a purchase with Apple Pay or in the App Store is because pressing the side
        button can’t be faked by an app. If it was an on-screen button, a nefarious app
        could present a fake Apple Pay button. With any normal app, clicking the side
        button once will always lock the screen, and double-clicking will put you in
        Apple Pay mode. Only Apple’s own software can override the side button like this.
        Double clicking the side button to confirm a purchase effectively guarantees that
        it was a legitimate payment experience.
    

To what end? You don't enter a password or anything when using Apple Pay, so
the only thing this "nefarious" app could do is trick you into _thinking_ that
you paid for something you didn't. And wouldn't this sort of thing get caught
in app review and/or get the app yanked from the store when discovered? I
honestly can't figure out what the downside would be to having a "pay with
Apple Pay" button on the screen.

As an aside, I don't like having to press the side button for Apple Pay on my
iPhone X. I usually have to shift how I'm holding it to get the proper
leverage to double-press the button. Double pressing the home button was way
easier.

~~~
mehrdada
The way Gruber phrased his post makes me feel like he has been told some facts
about this and not merely speculating.

It could be the case that the physical button is trapped directly by the
secure enclave system and the goal is not to prevent an app from accidentally
fooling you in the UI, but to prevent _any_ iOS software to silently ask the
secure enclave to authenticate something without a physical confirmation
directly from the user.

------
melling
Gruber is a bit of a shill, but he’s usually entertaining and can be
informative. This should be on the front page. Are people flagging it?

~~~
Scaevolus
It's not very interesting, and starts with a rant about HN.

~~~
codecaffeine
_It’s apparent that a lot of HN readers do not like my work on the basis that
they see me as a shameless Apple shill, but it’s a shame the articles get
deleted because I like reading the comments. I feel like it keeps me on my
toes to read the comments from people who don’t like Daring Fireball._

I’m not sure I’d call that a rant. That’s probably one of his more honest
observations.

I was far more annoyed at his tirade when Apple chose people other than the
”Apple blogging elite” to get their first iPhone X review units.

------
thisacctforreal
Why not show a graphic of the iPhone X on an angle with its side button being
pushed?

Seems like a much better idea than introducing this new UX. You can show both
if you want to teach users the new UX.

------
e_
Gruber says Daring Fireball is always blacklisted from the HN homepage. Is
that really the case? If so, why?

Anyway, the worst thing about him is his double standards.

For example, when Samsung announced the Galaxy S III Mini, he said the specs
were “rather lame”, with “slower processor and a mere 800 × 480 pixel
display”: [https://daringfireball.net/linked/2012/10/10/4-inch-
samsung](https://daringfireball.net/linked/2012/10/10/4-inch-samsung).

A few days later, his review of the iPad Mini didn’t even mention the
processor — slower than the iPad’s. And he obviously was much more careful
with his words regarding the screen resolution (no “lame” is found in the
review):
[https://daringfireball.net/2012/10/ipad_mini](https://daringfireball.net/2012/10/ipad_mini)

Here are two distinct uses of the word “interesting”:

\- When talking about Gmail for Android:
[https://daringfireball.net/linked/2013/09/30/gmail-
ads](https://daringfireball.net/linked/2013/09/30/gmail-ads)

\- When talking about motion sickness and iOS 7:
[https://daringfireball.net/linked/2013/09/26/ios-7-motion-
si...](https://daringfireball.net/linked/2013/09/26/ios-7-motion-sickness)

And this…:
[https://daringfireball.net/2012/02/mountain_lion](https://daringfireball.net/2012/02/mountain_lion)

> _Handshakes, a few pleasantries, good hot coffee, and then, well, then I got
> an Apple press event for one._

Such a big mix of press release and extreme praise about getting a “press
event for one”. Talk about second-hand embarrassment.

