Re: Apple Pay?
>Am I the only one who can see just a tiny security flaw with scenario 2?
No you're not, which is why it doesn't work like that.
The phone still requires a PIN or fingerprint to make a payment. The watch will make a payment as long as it hasn't' been removed from the owner's wrist since being paired to the phone.