Rite Aid’s Website Now Accepts Apple Pay in Safari on Mac, iPhone, and iPad

Rite Aid today announced that it now accepts Apple Pay as a payment method on its desktop and mobile website.


iPhone, iPad, and Mac users accessing RiteAid.com through the Safari web browser will now see a "Buy with Apple Pay" option at checkout alongside existing credit card and PayPal payment options.

Rite Aid said it is the first pharmacy retailer to accept Apple Pay as a form of payment on the web, with nearly 12,000 items available in its online store.

Apple Pay on the web is a convenient and secure option for online payments, eliminating the need to repeatedly fill out account, shipping, and billing information for a more seamless checkout experience.

Checking out with Apple Pay on the web requires a Mac, iPhone, or iPad with Touch ID and Safari for macOS Sierra or iOS 10 or later.

Rite Aid began accepting Apple Pay at 4,600 of its retail stores across the United States in August 2015, nearly one year after the drug store chain initially disabled support for the mobile payments service nationwide.

At the time, Rite-Aid was a member of the Merchant Customer Exchange, a consortium of retailers that planned to launch their own mobile payments service called CurrentC, which was postponed indefinitely last year.

Related Roundup: Apple Pay

Discuss this article in our forums

How to Use the New Safari Web Browser Settings in macOS High Sierra

With the public release of macOS High Sierra, Apple introduced some additional features to its native Safari web browser. Here we'll cover just what they are and how you can customize them to make your web browsing experience a more enjoyable one.

Individual Website Settings


One of the most welcome new changes in Safari 11 is the ability to customize a range of settings for individual websites. Once these options are set up for a site, Safari applies them automatically so you don't have to bother with them again. Here's how.

  1. Navigate to a site you frequently visit.

  2. Right-click on the URL or website name that appears in the address bar, and select "Settings for This Website...". Alternatively, click Safari in the menu bar and you'll see the same option under Preferences.

  3. Select your preferences from the drop-down pane that appears below the address bar to control how the website behaves, either by checking the boxes or selecting a setting from the available options.
Safari's built-in Reader mode strips online articles of extraneous web page furniture to make them more readable. Reader is usually enabled by clicking an icon that sometimes appears in the far left of the address bar, but you can check "Use Reader when available" to switch to this by default.

The box next to "Enable content blockers" lets you set whether to activate any ad-blocking extensions you may have installed, while the Page Zoom setting lets you adjust the size that website fonts and images display, allowing you to make them easier to read and navigate.


With the Auto-Play setting, you can prevent websites from playing video the moment you visit a page, which should make browsing a lot less infuriating. The options are Allow All Auto-Play, Stop Media with Sound, and Never Auto-Play.

The last three options in the preferences pane let you choose whether to allow or deny the site access to your Mac's camera and microphone, and whether to enable location detection. If your preference is likely to change from time to time for these, set them to "Ask", and Safari will query you whenever access is requested by the site.

Safari Website Preferences Tab


Helpfully, Apple has added a new tab to Safari preferences for you to keep track of your individual website settings. You can access it at any time by clicking "Preferences..." In the Safari menu bar and selecting the Websites tab.


Here you'll find lists of websites that are currently open as well as ones you've customized in the past, categorized by individual settings, where you easily can adjust them. You'll also see an additional setting in the General column listing your preference for websites you've visited that have prompted you about receiving Notifications.

Intelligent Tracking Prevention


Another new feature Apple has added in the latest Safari is Intelligent Tracking Prevention (ITP). Apple's own testing has found that popular websites can harbor more than 70 cross-site tracking and third-party cookie trackers that all silently collect data on users while making the browsing experience increasingly sluggish.


To solve this, ITP uses local machine learning to identify cookie types and partition them or purge the cross-site scripting data of suspect ad trackers, without affecting the functioning of helpful cookies like those containing localized data or login details, for example. The feature should increase user privacy as well as boost overall browsing speed. You don't need to do anything to enjoy the benefits of ITP – it's on by default.

Related Roundup: macOS High Sierra
Tag: Safari

Discuss this article in our forums

Apple Collecting Browsing Data in Safari Using Differential Privacy in macOS High Sierra

With the release of macOS High Sierra, Apple is now collecting data from the Safari browser using differential privacy technology, reports TechCrunch. Apple is aiming to gain information about browsing habits to help identify problematic websites that use excessive power or too much memory.
This form of data collection is the first of its kind for Safari, aimed at identifying sites that use excessive power and crash the browser by monopolizing too much memory. Apple is also documenting the popularity of these problematic domains, in order to prioritize which sites it addresses first.
Apple first announced its adoption of differential privacy in 2016 alongside the debut of iOS 10. Differential privacy is a technique that allows Apple to collect user information while keeping user data entirely private. It uses hashing, subsampling, and noise injection to enable crowd-sourced learning without compromising user privacy.

Differential privacy is already in use on Mac and iOS devices for emoji use, search predictions, predictive text, and other small features that use machine learning for improvement.


Because of this, Apple does not have a specific message about the new Safari data collection when macOS High Sierra is installed, and it is lumped in with the general Mac analytics data notice that is presented when setting up a new Mac. From Apple's Privacy notice regarding analytics:
If you agree to send Mac Analytics information to Apple, it may include the following:
- Details about app or system crashes, freezes or kernel panics.
- Information about events on your Mac (for example whether a certain function such as waking your Mac was successful or not).
- Usage information (for example, data about how you use Apple and third-party software, hardware, and services).

Analytics data contains your computer's hardware and software specifications, including information about devices connected to your Mac and the versions of the operating system and apps you're using on your Mac. Personal data is either not logged at all in the reports generated by your Mac, is subject to privacy preserving techniques such as differential privacy, or is removed from any reports before they're sent to Apple.
While users are given the option to turn off analytics when setting up a Mac, there's also a Security and Privacy setting that can be accessed to turn it off any time. To get to the feature, click on the Apple at the top of the menu bar, and choose "System Preferences." From there, open up Security and Privacy, select the "Privacy" tab and then choose Analytics to choose whether or not to share data with Apple.


Discuss this article in our forums

Safari in iOS 11: Enabling Cross-Site Tracking Prevention to Protect Your Privacy

Safari in iOS 11 introduces a new tracking prevention feature that's meant to protect your privacy and make it harder for companies to track your browsing habits across multiple websites.

Disabling Cross-Site Tracking isn't going to cut down on the number of ads that you see, but it will make it harder for advertisers to gather data about what you've been browsing to deliver targeted ads. Here's how to enable it:

  1. Open the Settings app.

  2. Scroll down to Safari and tap it.

  3. Scroll down to "Prevent Cross-Site Tracking."

  4. Toggle it on so it's green.


This section of the Settings app also includes other Safari settings that are worth turning on if you haven't done so already, including "Ask Websites Not to Track Me," "Block Pop-ups," and "Fraudulent Website Warning." You can also restrict website access to cookies, the camera and microphone, and Apple Pay.

Related Roundup: iOS 11
Tag: Safari

Discuss this article in our forums

Safari 11 Released for macOS Sierra and OS X El Capitan

Apple today released Safari 11.0 for macOS Sierra and OS X El Capitan. The update adds new media-related features, plus improvements to privacy, compatibility, and security.

Notably, in Safari 11, the web browser blocks videos with audio from automatically playing on most websites. Other new features are outlined in our macOS High Sierra roundup.
  • Stops media with audio from automatically playing on most websites
  • Adds the ability to configure Reader, content blockers, page zoom, and auto-play settings on a per-website basis, or for all websites
  • Improves AutoFill accuracy from Contacts cards
  • Includes updated media controls for HTML video and audio
  • Enhances performance and efficiency
Safari 11 was first introduced in macOS High Sierra, which will be publicly released on September 25.

Safari 11 is available as a free update within the Mac App Store.

Related Roundup: macOS Sierra
Tag: Safari

Discuss this article in our forums

Apple Responds to Safari 11 Criticism From Advertising Groups: ‘People Have a Right to Privacy’

Six trade and marketing organizations this morning published an open letter to Apple asking the company to "rethink" plans to launch new versions of Safari in iOS and macOS that block cross-site tracking, and this afternoon, Apple offered up a response, which was shared by The Loop.

According to Apple, ad tracking companies are essentially able to recreate a person's web browsing history using cross site tracking techniques sans permission, something it's aiming to stop.

"Apple believes that people have a right to privacy - Safari was the first browser to block third party cookies by default and Intelligent Tracking Prevention is a more advanced method for protecting user privacy," Apple said in a statement provided to The Loop.

"Ad tracking technology has become so pervasive that it is possible for ad tracking companies to recreate the majority of a person's web browsing history. This information is collected without permission and is used for ad re-targeting, which is how ads follow people around the Internet. The new Intelligent Tracking Prevention feature detects and eliminates cookies and other data used for this cross-site tracking, which means it helps keep a person's browsing private. The feature does not block ads or interfere with legitimate tracking on the sites that people actually click on and visit. Cookies for sites that you interact with function as designed, and ads placed by web publishers will appear normally."
In the open letter, signed by the Data and Marketing Association and the Network Advertising Initiative, among others, the collective "digital advertising community" said it is "deeply concerned" because the update "overrides and replaces existing user-controlled cookie preferences" before going on to suggest that customers prefer targeted ads.

"Apple's unilateral and heavy-handed approach is bad for consumer choice and bad for the ad-supported online content and services consumers love," reads the letter. "Blocking cookies in this manner will drive a wedge between brands and their customers, and it will make advertising more generic and less timely and useful."

In both macOS High Sierra and iOS 11, the Safari web browser is gaining new privacy features to prevent companies from tracking customer web browsing habits across websites. "The success of the web as a platform relies on user trust," Apple says on the WebKit blog. "Many users feel that trust is broken when they are being tracked and privacy-sensitive data about their web activity is acquired for purposes that they never agreed to."

In iOS 11, the toggle to turn off cross-site tracking is available by going to Settings --> Safari --> Prevent Cross-Site Tracking. With macOS High Sierra, the feature can be accessed by going to the Preferences section of the Safari app, choosing Privacy, and then checking "Prevent Cross-Site Tracking."

iOS 11 will be released to the public next Tuesday, September 19, while macOS High Sierra will be released on the following Monday, September 25.

Tag: Safari

Discuss this article in our forums

Advertising Groups Ask Apple to ‘Rethink’ New Cookie Tracking Standards in Safari 11

In the upcoming version of Safari 11 on macOS High Sierra, Apple will implement a new "Intelligent Tracking Prevention" feature that builds upon Safari's default blocking of third-party cookies. ITP will greatly limit advertiser reach by placing new safeguards into Safari that use machine learning to suppress cross-site tracking and purge ad retargeting data after 24 hours.

In response, six trade and marketing organizations have written an open letter to Apple asking for the Cupertino company to "rethink" its plan to launch Safari with these new "arbitrary" cookie standards (via AdWeek).

The organizations argue that the Internet's infrastructure depends on consistent standards for cookies, saying that Apple's new ruleset could "sabotage the economic model for the Internet."

On the consumer side of things, the organizations stated that the blocking of cookies in Apple's manner will result in ads that are "more generic" for users, while also being "less timely and useful." The signed organizations include: American Association of Advertising Agencies, American Advertising Federation, Association of National Advertisers, Data & Marketing Association, Interactive Advertising Bureau, and Network Advertising Initiative.
We are deeply concerned about the Safari 11 browser update that Apple plans to release, as it overrides and replaces existing user-controlled cookie preferences with Apple’s own set of opaque and arbitrary standards for cookie handling.

Apple’s unilateral and heavy-handed approach is bad for consumer choice and bad for the ad-supported online content and services consumers love. Blocking cookies in this manner will drive a wedge between brands and their customers, and it will make advertising more generic and less timely and useful. Put simply, machine-driven cookie choices do not represent user choice; they represent browser-manufacturer choice. As organizations devoted to innovation and growth in the consumer economy, we will actively oppose any actions like this by companies that harm consumers by distorting the digital advertising ecosystem and undermining its operations.
On Apple's WebKit site, the company explains that Intelligent Tracking Prevention is meant to ensure user trust is kept during the web browsing experience on Safari, because "the success of the web as a platform relies on user trust." Also coming in Safari on High Sierra is an autoplay blocking feature, which will prevent videos from automatically playing when you open up a web page. This morning, Google announced a similar feature is coming to Chrome in January 2018.

The new Safari will launch when macOS High Sierra becomes available for download on Monday, September 25.

Tag: Safari

Discuss this article in our forums

New Safari Web Browser Features Coming in macOS High Sierra

During last week's keynote at the Worldwide Developers Conference, Apple announced a number of additional features coming to Safari web browser as part of its new macOS High Sierra operating system, due to release in the fall.

Apple claims that in its current form Safari is the fastest web browser in macOS when compared with Chrome and Firefox, but it is promising even more speed and better power efficiency in High Sierra.

One of the most welcome new features that was announced at WWDC is Autoplay blocking. This prevents websites from playing video the moment you visit a page, which should make browsing a lot less infuriating. As of the High Sierra developer beta, the feature is enabled by default for all sites, but can be specified on a per site basis by the user.


Another new Safari feature that Apple is introducing is called Intelligent Tracking Prevention. (This appears in iOS 11 under the Safari setting "Try to Prevent Cross-Site Tracking".) Safari was one of the first browsers to include mechanisms that try to prevent cross-site tracking – blocking of third-party cookies is a default Safari behavior – but elaborate API methods have been employed to overtake those efforts in the intervening years.

Apple's own testing has found that popular websites can harbor more than 70 cross-site tracking and third-party cookie trackers that all silently collect data on users while making the browsing experience increasingly sluggish.


To solve this, Apple's new feature uses local machine learning to identify cookie types and partition them or purge the cross-site scripting data of suspect ad trackers, without affecting the functioning of helpful cookies like those containing localized data or login details, for example. The feature should increase user privacy as well as boost overall browsing speed.

Elsewhere in Safari, users will be able to specify a number of other web page settings on a per-site basis. For example, it will be possible to set a zoom level for a particular web page, as well as enable/disable notifications and content blockers, and set camera/microphone and location service privileges for a site so that they remain active the next time you visit.


In addition, Apple has added a new Reader Mode option that lets users automatically enter the stripped down easy-reading mode whenever they visit a website, enabling them to enjoy content without ads, navigation and other distractions as a default setting.

The new Safari will be available in the Public Beta of macOS High Sierra, which is expected to drop later this month. Eager users can also get a taste of the new features in the latest release of the Safari Technology Preview.

Related Roundup: macOS High Sierra
Tag: Safari

Discuss this article in our forums

Scrolling Changes Coming to Mobile Safari in Future Update

Apple is planning to make some changes to scrolling behavior in mobile Safari in a future update, making for a more unified scrolling experience.

The news comes courtesy of a Hacker News thread discussing Apple's default scrolling behavior vs. the scrolling behavior of webpages that use Google AMP, a discussion inspired by a Daring Fireball post on the subject.

Google AMP (or Accelerated Mobile Pages), for those unfamiliar, is an online publishing format created by Google that's optimized for mobile web browsing and rapid page loading. It is used by multiple news sites, including CNN, ABC, and The Washington Post. On mobile Safari, AMP uses its own scrolling behavior, making AMP pages stand out from non-AMP pages.

In the Hacker News discussion, Malte Ubl, who created Google AMP, says the AMP team filed a bug report about the scrolling discrepancy, and as a result, Apple is going to implement a change that makes all webpages scroll like AMP pages.
With respect to scrolling: We (AMP team) filed a bug with Apple about that (we didn't implement scrolling ourselves, just use a div with overflow). We asked to make the scroll inertia for that case the same as the normal scrolling.

Apple's response was (surprisingly) to make the default scrolling like the overflow scrolling. So, with the next Safari release all pages will scroll like AMP pages.
Another Hacker News responder, "Om2," who appears to work on WebKit, explains that Safari webpage scrolling is inconsistent from all other scrolling, an intentional decision implemented several years ago. Following a review of scrolling rates, Apple has decided to implement a change to introduce a more consistent scrolling experience.
In current iOS Safari, webpage scrolling is inconsistent from all other scrolling on the system. This was an intentional decision made long ago. In addition, overflow areas are consistent with the rest of the system, and thus inconsistent with top-level webpage scrolling. This is semi-accidental. In reviewing scroll rates, we concluded that the original reason was no longer a good tradeoff. Thus this change, which removed all the inconsistencies: https://trac.webkit.org/changeset/211197/webkit

Having all scrolling be consistent feels good once you get used to it.
At the current time, the difference between scrolling on an AMP page and a standard webpage is noticeable, with the AMP pages scrolling faster and more smoothly. It's not entirely clear when the scrolling change will be implemented in mobile Safari, as the new scrolling behavior is not available in the current iOS 10.3.3 beta.

Related Roundup: iOS 10
Tag: Safari

Discuss this article in our forums

Researchers Uncover macOS and Safari Exploits at Pwn2Own 2017

The seventeenth annual CanSecWest security conference is underway in downtown Vancouver, British Columbia, where researchers are competing in the 10th anniversary Pwn2Own computer hacking contest for over $1 million in prizes.

Day one results have already been published over at the Zero Day Initiative website, with a couple of successful Mac-related exploits already appearing in the list of achievements. Independent hackers Samuel Groß and Niklas Baumstark landed a partial success and earned $28,000 after targeting Safari with an escalation to root on macOS, which allowed them to scroll a message on a MacBook Pro Touch Bar.


In a partial win, Samuel Groß (@5aelo) and Niklas Baumstark (@_niklasb) earn some style points by leaving a special message on the touch bar of the Mac. They used a use-after-free (UAF) in Safari combined with three logic bugs and a null pointer dereference to exploit Safari and elevate to root in macOS. They still managed to earn $28,000 USD and 9 Master of Pwn points.
Later in the day, Chaitin Security Research Lab also targeted Safari with an escalation to root on macOS, finding success using a total of six bugs in their exploit chain, including "an info disclosure in Safari, four type confusion bugs in the browser, and a UAF in WindowServer". The combined efforts earned the team $35,000.

The participating teams earned a total of $233,000 in prizes on day one, including a leading $105,000 earned by Tencent Security, according to published details. Other software successfully targeted by contestants include Adobe Reader, Ubuntu Desktop, and Microsoft Edge on Windows.

Apple representatives have attended the Pwn2Own contest in the past, and affected parties are made aware of all security vulnerabilities discovered during the contest in order to patch them. Pwn2Own day two began today at 8:30 a.m. Pacific and will involve additional exploit attempts against macOS and Safari.


Discuss this article in our forums