- Last Active
Apple Pay accepted at 1 out of 2 U.S. stores, says Apple VP Jennifer BaileyThere really isn't such a thing as an Apple Pay terminal. The signs are really just alerting you to the fact Apple Pay works there. All that is required is a payment terminal that accepts contactless payments. General advice, never tell a cashier Apple Pay. Just say Mastercard or whatever, then wait for the contactless symbol to come up. Some terminals just tell you to tap without the official symbol. Then tap your iPhone or Apple Watch.
I use Apple Pay for the vast majority of my payments in stores here in Canada. Retailers that don't have contactless terminals are in the very small minority. Those holdouts (Lowes, Home Depot, Wally-Mart), I tend to avoid as much as possible.
I live right at the border and shop in the US, every few weeks. Just got to use my Apple Watch with CapitalOne Visa at Aldis...no requirement for pin or signature. My impression is that 50% is a REAL stretch!!
macOS Catalina 10.15.1 is now available with opt-in Siri review, support for AirPods Pro
Twitter's text-based two-factor authentication becomes a paid-only featureranson said:This is an interesting choice with somewhat dubious reasoning: pay us $8 for the continuing privilege of using the least secure MFA mechanism.
Most likely, the SMS's were too costly for Elon's liking, while Authenticator apps are both more secure and effectively free for Twitter to support. So from a financial perspective, it makes a lot of sense. From a security posture, forcing users off of SMS and over to an Authenticator app is a good long-term decision.
However, the outright disabling of nonconforming users' existing SMS MFA on March 20 is a terrible idea, as it will expose what is likely millions and millions of accounts to being compromised, should their passwords have been previously harvested. This will particularly impact users who rarely access Twitter anymore, if at all. A better approach here would be to retain the SMS MFA on those users indefinitely, but require them to explicitly disable MFA or switch to an Authenticator app the next time they access Twitter after 3/20. You should never just turn someone's MFA off without their explicit approval.