Apple has locked my Apple ID, and I have no recourse. A plea for help

Otherwise? Yeah. Gift / prepaid credit cards are a horrible scam, because they tend to have a percentage or, worse, flat fee to activate. $4 extra on a $50 card as a gift means you just paid 8 percent just to GET the card.

I really wish this was more acceptable. Even I have this block in giving just plain cash as a gift.

To add context, your reddit post also mentioned: >, I purchased eleven Apple Gift cards from [...], and apple.com, and added the amounts to my Apple account.

I'm not saying the following applies to you but one can buy Apple Gift Cards using their Apple ID. After adding gift cards to the ecommerce shopping bag on Apple.com, it offers the option : "Check out with your Apple Account"

So Apple would know the exact AppleID at the time-of-sale instead of waiting until redemption. If for some reason Apple's fraud detection system doesn't like the transaction (e.g. unusual ip address from Mexico instead of USA, or too many high-value cards in a certain time period, or other black-box opaque heuristic) ... then the buyer puts their Apple account at risk.

Fraud prevention heuristics are insanely aggresive these days...

Last week, I bought a Netflix subscription and 5 days later, Netflix cancelled the membership for no apparent reason. I got on a customer support chat with Netflix and the agent said it was cancelled because of the credit-card #. It didn't pass their fraud prevention system and to try using another card. At least Netflix automatically refunded the entire amount back to me -- whereas Apple keeps the gift card balance for itself after locking accounts.

In another incident, I used a Chase credit-card at a physical Apple store to buy 2 iPhones on 2 separate receipts. The first iPhone sale was a success. The 2nd iPhone transaction just 1 minute later was denied and Chase locked the entire account. I had to call Chase customer service and recite the make & model of a car I had 20 years ago to prove my identity for them to re-activate the credit card!

I just pay Apple with my credit card when I want to buy something. Is this some kind of weird credit card rewards churning thing? Are you unbanked? I don’t understand why you’d voluntarily add unnecessary extra steps.

A credit card offers far more protections to consumers than a gift card.

Given the amount of false positives, Apple should have an appeal process for innocent users to regain access to their accounts. It would be nice if this applied to all big tech companies, losing an email address can make other accounts difficult or impossible to access.

At least in Europe, PayPal is a regulated bank which means you can hand the case over to the authorities and they can and will help you out.

Commenters here talk about PayPal account closures as if everyone who uses the service will eventually lose their money. Now we're talking about gift cards as if everyone using gift cards will have their account locked.

These stories, while frustrating and sad, are rare occurrences. The majority of people who use these services will not have any experience like these stories you read.

To be honest, I think the average person is probably better at estimating their risk of using these services than a lot of these HN commenters.

The most money I have ever had on my PayPal account was 100 bucks from a reversed transaction (like, double booking of a hotel room or wrong item sent), otherwise it's just a gateway. It would be annoying if my PayPal account was locked, because I use it a lot to order pizza online and a few small purchases. I could just use my credit card or something else but it's more clicks. And I know a lot of people who do it like this. The only thing lost is convenience. No past purchases, no digital identities.

Maybe you meant the merchants who really amass thousands but I suppose they are a small minority of active users.

That said, if buying and redeeming gift cards are such an indicator of fraud that people are legitimately afraid of getting their accounts permanently locked, why doesn't Apple just stop selling them?

99.999% chance they happily redeem them and go about their lives.

These stories, while frustrating, are clearly edge cases. Yes I know you can find more if you search social media, but I don’t think a lot of these HN commenters realize the volume of gift cards Apple sells and redeems without problem every day.

Does the iPhone require an Apple ID? I don't even log into my Google account with my Android device. If the phone requires an Apple ID, then obviously I'm not buying one.

That includes the original poster! "could have been because I purchased gift cards from the US (online) and added them to my account while I was in Mexico, or I was using a VPN while adding gift cards"

One of the other people was someone who "purchased $2k in apple gift cards from target during Black Friday deals... There was a limit of 1 but if you went in store and were friendly to the cashier a lot of people (myself included) had luck getting them to ring them up as separate transactions".

Pretty sure if the latter person had given those out as separate cards to other people it would have been fine but going from "limit of 1" to "all redeemed by same account" is unsurprising when it triggers a fraud flag.

The big problem in this story as in the past one is the apparent lack of sensible escalation.

I've heard horror stories from Google devs that it's even worse - such a situation follows you for life even if you try to setup new accounts.

And in fact, a prohibition is never a solution, it is a reduction in solution options

And this advice takes into account exactly zero aspects of the particular problems a given person may have to solve, besides “problems with Apple”, in a world where most people have “problems with X” for each of the few large ecosystems.

Freedom of choice would mean for N choices, being able to make, well, N indepointed choices. N may be a very large number given how many things people do.

For an ideal world of compatible modular technologies, N choices is easy.

But our technology world is highly non-modular, centralized at many levels, and full of incompatibilities and dependencies of various kinds and costs. Including important dependencies involving the choices of other people we interact with, or very specific tools or resources.

So no, “Don’t buy Apple” is not better advice, it is just bad random generic advice, without knowing a lot more about any particular situation.

Like what someone writes books about.

This is the first I’ve heard of Apple locking someone out of their account for no reason. Google does it all the time. So, yeah, can’t leave Apple over this.

To say nothing of the fact that well-adjusted humans need to communicate with friends and family, and many times that also practically requires being on these platforms as well.

Stay as far away from BigIT as you can. Linux or BSD are there for many good reasons. This is another one.

No option to contest the receipt....until the "would you recommend a friend visit amazon Go" survey popped up. I responded negatively, then the "why?" question had a "My receipt was incorrect" option.

Suddenly I was able to go through the "contest receipt" workflow.

100% completely automated.

(Fwiw, i never bought anything from Amazon again after receiving one fake item. If i want to gamble I'll pay Aliexpress prices)

That’s simply the actual cost of living in your jurisdiction.

I don’t think any large retailer or bank on Earth guarantees there will be a viable escalation pathway for all possible combination of scenarios either.

Maybe a very high end private bank but even that’s iffy.

I'm just always a little surprised to read things like "i couldn't live without Amazon," and i wonder if there are no other alternatives for two day shipping on other countries or what it is that keeps people stuck on Amazon instead of using other next-day deliveries

> This is the same failure mode of all security-through-obscurity. Secrecy means that bad guys are privy to defects in systems, while the people who those systems are supposed to defend are in the dark, and can have their defenses weaponized against them.

You misunderstand the nature of financial regulation. The laws on things like money laundering are intentionally vague, they say things like "Apple should take measures against it". And financial regulators will not come out and say (especially in writing) that you MUST do any particular thing (like ban customers entirely on suspicion).

What they WILL do is ask probing questions, frown a lot, and make suggestions. Which the company had better take seriously. Because the financial regulators have the ability to simply close down your business, and if you cross enough of the unclear lines they will do so.

Those are the steps the commenter suggests you take to use these services safely.

It’s not that these steps are reasonable.

1. You don’t need too much time to set this up.

2. All this doesn’t have to be in one sitting - with meds and coffee that keeps you awake through the sleeping hours

3. In fact it’s better if you do this over the weeks, months, years. For me it took years and I am still kind of doing it. Once in a while, here and there.

4. I am not very smart. If I was I’d have just ignored your comment.

The question is: will you roll over and die without a fight for your rights?

At least you have time you are spending on HN that could be devoted to learning to fight. The fewer people that fight, the faster your rights disappear.

A very usual scenario is that the scammer pretends to be a technician doing some remote support and for example pretends to provide some refund. Then they pretend that they've mistakenly sent out e.g. 10x the amount and they ask for the difference back, claiming that their job is on the line.

Crypto would work, but since they target old and tech-illiterate people, the easiest way is usually to ask the victim to go to a store, buy gift cards and read out the codes.

Google kitboga (a known scam baiter) for the videos.

Gift cards are often used for money laundering or scams, because they allow to transfer monetary value in small increments and without tracking: there's no link between the person who bought a gift card (anonymously with cash) and a person who used its code to put money onto an account.

AML = Anti Money Laundering

GCs are valuable to brands because they are marketing tools. Recipients are prompted to go to the merchant to spend money, and they usually spend about 40% more than the face value of the card.

Also, GCs are valuable to merchants for breakage. This is when a card (or partial balance) goes unused. Starbucks, as an imperfect example, recognizes about 10% of their total outstanding GC balance as revenue every year, due to breakage. This amounts to hundreds of millions of dollars.

If they had to reimburse you for the cost of all your lost files, then we'd see the real impact on finances.

Looking at the linked story, the trigger seems to have come from redeeming a gift card bought at a major retailer.

Even if the purchaser uses a legitimate store, the user can’t really know the full supply-chain history of a prepaid code, and that uncertainty alone creates room for unexpected flags.

For people who already have a credit card, gift cards are a fuzzy choice if the goal is simply to load balance onto an account.

Something somewhere in the chain probably tripped a rule — maybe fraud-related, maybe a processing anomaly — and from the outside it’s impossible for the user to see which.

I remember I went through some automated process which asked me for some account details, and after a few hours (fewer than one day, I remember as much) my account was unlocked. It was scary!

What I remember puzzled me is that it was only two low-value cards. I would have understood the system being triggered by a lot of low value transactions, or a few large ones... but these were few and low value! Go figure.

Sorry I don't remember more details. All I know is it made me scared of gift cards.

Technically true but I tried using a mac without creating an Apple ID and gave up. You can't access the store without it so you are locked out of Mac apps that aren't installed by default, and all apps that only distribute through the store now.

A few years passed, and a couple of weeks ago my phone broke, so I wanted to use that one until I bought a new one. It turned out that Apple had permanently deactivated the iCloud account on that phone. I could make calls, but I couldn’t install or update any apps, even though I still controlled the email address that was used to create the Apple account. Not that 5S is very useful these days but still.

I was looking for the flashing hardware around here, but i should probably peek on AliExpress :)

In my Parliament MPs seem to represent primarily the interests of their donors, not those of their country, not even constituents. It still better than it used to be, the corr...., er lobbying is not as blatant, but its still obvious.

Seeing the MP? Yeah. Maybe if someone lives in the "unsafe seat" area and the MP is trying to get reelected:)

Justice is dead when nearly everybody just makes backroom deals with no admissions of guilt and nondisclosure of terms if they even defend themselves at all.

A person who is capable of defending themselves owes it to those who aren't as able; if even the most resourced people won't defend themselves, what chance to the rest of us have?

Not only does no one read it but it seems like they are intentionally designed to be difficult to read.

They are written by lawyers for lawyers, not for common people to read.

There should be laws to protect people, instead of blaming victims.

This leaves you with just about zero cloud storage solutions that you can use.

Yes, yes, you can rsync your files to your NAS. Now explain that to your non tech-savvy neighbors.

At that point, it doesn’t matter how many friends you have on the inside, unless you’ve got one that’s ignorant of the law or willing to risk the penalties.

This could happen to anyone. It can happen to people trusting Apple with their data, to people using Google, Microsoft, Amazon, or any other big cloud platform.

This deserves everybody's attention, and also a massive lawsuit to force these corporations to treat our data more responsibly.

If he doesn’t think like that, then why does he act like it?

Regulations exist because it’s impossible for any one person to handle everything that needs to be handled.

edit: about the same role as Greek or Roman gods.

Team builds service. Service depends on first party identity/authentication because it's easier.

... Fast forward 20 years, and no one at platform company even understands the dependency graph from a customer perspective anymore. Especially in the case of rare events like account locks.

Consequently, those customers face a sudden Kafkaesque maze of edge cases that don't line up, as the customer service processes people are funneled through are literally incapable of solving the problem.

Which means the entire "normal" customer support apparatus is unavailable to them. (The same apparatus companies aggressive shove all support through)

This is why there should be regulatory requirements for identity platforms mandating the ability to speak to a human who's empowered to fix your issue + an option for customer-choice decision arbitration + continuous random sample audits with penalties for falling below KPIs (timeliness, correctness, etc).

It should literally be illegal for a company to have their banning system 'oops' and then pretend they don't know you.

Because it's only going to get worse as more AI / probably correct methods infuse account security functions.

The sad news is when important people get locked out they can call dedicated support . This case was of someone who wasn’t celebrity enough to have that access

Our shared powerlessness should bring us in communion with others, but the technocracy/corpocracy wants to rip that apart and make us dependent on them for profit.

Good insight - that people dunk on the author as a cope to help the dunker feel less powerless

saying "get a lawyer" or "file a complaint" is constructive. saying " it's your fault for not backing up" or "that's what you get by using cloud" is just judgmental. Neither are practical solutions, regardless. Even with perfect backups it would have happened. And for 99% of social people, it's impossible not to cloud.

(Use a catch-all to have different email addresses for different sites, because when one gets hacked, then the damage is limited.)

Most accounts with third parties use domains I own that are not on Google in any way. Some still use a gmail address and I need to migrate those. But nothing essential.

Yes you can still mostly do Takeout, but it's garbage. (not incremental. Requires me to remember. duplicates files for every album (total incompetence). downloads regularly fail. Requires more room than I have on my mac to decompress so I have to put it on an external drive.)

I commit code. I pair program. I share screen. That sort of thing. Code is mostly set up to have reproducible results. If it is not working on the other machine, then that's a bug and we need to solve it. There is not much collaboration I need to be doing in my free time. What I did on the last job is not what I depend on, but what a business thought they depend on. That's their stuff. If it fails because of some cloud ban or outage, not my problem.

When I need to share files with friends, I send them the files. Or I use Copyparty. Or, if they are more technically minded, I use Syncthing. For not so technical friends, I don't have to share 10k photos at once. Maybe I will send them a few photos via a messenger. Or some files they need via a messenger or have them on Copyparty, if needed often or again in the future. There is no issue.

> Do you have friends ?

Yes.

> A job ?

Had, and probably soon will have again, but I don't know what that has to do with what I depend on. If my job prescribes some cloud usage that is unnecessary, I guess I can try and show an alternative and begrudgingly accept that I have to use shitty tooling. But if somehow it is made impossible for me to use that, then it is their job to find an alternative. I am never the one prescribing it, and I myself don't depend on cloud.

> I’m not being rhetorical —- it’s very rare to have friends or a job and not have some ties to the cloud. Even my tiny HOA manages its record in the cloud

I surely have friends, who probably use some MS or Google cloud stuff. But that's their problem, not mine. I don't depend on that. And they don't share that much stuff with me, that there is sufficient incentive to start depending on it. And if they did, I would tell them, that I don't want to make a shitty account on MS or Google cloud storage thingies.

To register on some websites you may sometimes receive: “please use real email from gmail/outlook/etc”.

When you have a business meeting with a customer: “oh just install Jitsi on your mobile phone” is the best way to lose a sale.

Or no way to pay train tickets because you cannot install the app because your Apple / Play Store account is locked.

Theres no turnkey solution (of course not, it is prohibitively complex to architect one), but the bits and pieces are there, built on tried and tested software. For example, SMB and rsync and their clients, are practically enough to do backups.

That said, it does make your writing seem very odd. A little bit like the people, who apparently don't know what the shift key does, or how to trigger capital letters on their phones or something, and write only in lowercase letters.

Just because your phone does something silly, and it is not you doing it intentionally, that doesn't mean, that other people will not get a weird impression from you writing like that. In a way, you are letting your phone change the impression others are getting from your writing. And that impression is for many people that they wonder, whether you know the conventions of writing.

Now, like I said, you don't have to care about this. But if you want your texts to not come across like teenager written texts or low effort texts, it would be a good idea to fix your phone's silly settings, so that it doesn't do that to your writing.

I wonder what is his case.

> Any lawyer can file a complaint in small claims .

No, in many states _no_ lawyer can file a complaint (except his own) in small claims court.

Seeing how Microsoft is doing, they’re going to learn this lesson sooner or later.

Most people do not store anything valuable in the cloud anyway. The only problem is that they won't be able to login into Windows if MS bans the account, and they won't be able to install apps if Google bans their account along with phone serial number.

"It just works" was practically a mantra for Steve Jobs, now we turn around and blame users for thinking that it will work

In fact, it is far worse than paying with a credit card directly in terms of risk. At least, when something goes wrong (which rarely ever happens), the bank has your back. On the other hand, I have seen too many cases where people find their gift card codes invalid.

Sure, but if it's a corporation, who is going to represent the corporation besides a lawyer? In the US, some states explicitly do not allow a lawyer and require a different officer of the company represent them, but plenty do allow lawyers.

If Paris is taking Apple to the tribunal, there's no single human equivalent to Paris on Apple's side. This seems like the exact sort of situation where a lawyer is approved to represent somebody else.

https://ec.europa.eu/commission/presscorner/detail/en/ip_24_...

The reason is simple: photos require much more processing and focus on performance. In addition, photos take up much more space, so while my Nextcloud instance runs on an SSD, the photos reside on an HDD, mostly in sleep mode.

[1] https://www.photoprism.app

Also, to be clear, I’m saying to install One Drive and Google Photos on your iPhone.

My approach to this is based around having the least amount of things to manage.

In my scenario, I’m looking for the most simple out of the box systems to backing up that don’t require any self hosted solutions or NAS management and so on.

Just throw money at it!

Hence my suggestion to get a Mac, say a Mac Mini, with a decent sized drive and just sync everything to it.

Fully sync so it downloads the lot and need off loads.

The backup the internal drive with Backblaze.

I appreciate this advice isn’t for everyone, and it may not be the best solution.

But it’s a way to a least have some ultimate disaster recovery in place!

It may not be the cheapest, and cheapest doesn’t mean best. It may not be the best by some other measure of features, but it works and requires zero knowledge and additional hardware.

At least with some kind of backup, everything is not lost!

You don’t have to manage it or think about it. The services will sync for years without intervention until you upgrade your devices. For most people, that’s the important factor in having multi backups of their photos and documents!

Wasabi is much cheaper than AWS as well.

Finally the best solution for backing up your iCloud Photos is definitely Immich. Set it up on your own NAS or a VPS, back up to that, and then back up that server to an S3 storage using rsync or restic. I’ll note that I still backup to Backblaze because its so dang cheap.

I spent months trying to find the best setup a few months ago and this is by far the cheapest.

But still, this shouldn’t be required for normal people. They should get what they pay for.