03-30-2019 03:08 PM
We were puzzling over a $22.30 charge from Verizon that cropped up this week. After a bit of searching it turns out we somehow purchased “The Mule,” but no one actually intentionally made the purchase.
Staring at the new “off” screen for FIOS, I realized that it’s now easy to purchase a movie without even having the television screen on.
Pressing the OK button with a particular movie displayed takes you to that movie’s On Demand page, with the “Purchase Movie” button selected.
Pressing OK again takes you to the format choice with HD selected.
Pressing OK again takes you to payment method with your billing account selected.
Pressing OK again makes the purchase.
There might be another step or two after this, but I would expect that pressing OK advances the process.
This means that someone repeatedly pressing OK can blindly purchase a movie. So, if something was resting on the remote and holding the OK button down, that’s enough to make a purchase.
There’s an option under parental controls that’s turned off by default to require a PIN number before making any purchases. I’m turning that on for all out set top boxes so that this doesn’t happen again, so that a purchase can’t be made just by holding down the OK button.
03-31-2019 12:28 AM
Correction and an update: Just holding the 'ok' button down doesn't do anything. The button registers when it's released.
However, wiggling the button around while it's pressed can break the connection enough that it registers as a button release. What can result is a rapid-fire series of 'OK' signals to the box.
I did a test and with only about 5 seconds of holding and wiggling the 'OK' button it went from screen saver to purchase and start playing, or would have if I hadn't had the purchase PIN turned on.
However unlikely this might be, my main point is that it is very definitely possible to complete a purchase through the new interface with very minimal to no user awareness. This was impossible with the prior interface.
You can protect yourself from it by turning on the Purchase PIN feature, which is off by default.