Advertisements

Monday, 11 February 2019

Apple hit with lawsuit over two-factor authentication on iPhone / Mac taking too much time

A class action suit has been filed against Apple accusing of the company's two-factor authentication taking too much time out of a user's day when it is needed, and since it can't be rolled back to a less safe login method after 14 days. The suit, filed by Jay Brodsky in California alleges that Apple doesn't have user consent to enable two-factor authentication. Furthermore, once enabled, two-factor authentication "imposes extraneous logging in a procedure that requires a user to both remember password; and have access to a trusted device or trusted phone number" when a device is enabled. The lawsuit claims that a software update has enabled two-factor authentication on or around September 2015. However, neither macOS El Capitan nor iOS 9 released in the time frame had mandated two-factor authentication nor implemented it without an explicit and multiple-step opt-in procedure requiring the user to consent. But is required to leverage on some of Apple's services, like Home Sharing and HomeKit Hubs. Brodsky alleges that the email that Apple sends after two-factor authentication is enabled is insufficient to warn the user that the setting is irrevocable. According to the suit, when two-factor authentication is demanded, the process that follows takes between two and five minutes. The process ...