Apple has introduced three new technologies that should benefit users of Apple ID, iMessage and iCloud on Apple devices. In the English press release the topic is "iMessage Contact Key Verification", "Security Keys for Apple ID" and "Advanced Data Protection for iCloud". This involves a contact confirmation for iMessage, physical security keys for using the Apple ID and the encryption of other data that can be stored in or shared via iCloud. I have summarized the details of all three innovations that are to be rolled out globally in 2023 below.
Chapter in this post:
New security features for cloud use at Apple
From next year, the three functions mentioned above should ensure even more that the data of Apple users is safe and protected from hackers or other attacks. In the linked press release, the iPhone manufacturer includes its new security functions in the existing data protection measures. For example, in the already existing end-to-end encryption of some iCloud data, such as passwords or health values. An example of a more extreme protection is the Blocking Mode / Lockdown Mode. In addition to the software, the hardware is also highlighted, such as the Security Enclave with its on-device encryption.
"At Apple, we work tirelessly to offer our users the best data security in the world. We constantly identify and mitigate new threats to your personal information on device and in the cloudsaid Craig Federighi, Apple's senior vice president of software engineering. "Our security teams work tirelessly to protect user data, and with iMessage Contact Key Verification, Security Keys, and Advanced Data Protection for iCloud, users have three powerful new tools at their disposal to protect their most sensitive data and conversations can protect further."
iMessage Contact Key Verification
Similar to the blocking mode mentioned above, verification of contacts and their devices is aimed at those people who face particular security concerns when communicating digitally with others – journalists, activists, government officials, etc. But also in situations in people from the private environment cannot be trusted or some must be trusted, it may be worth checking the respective contact.
The press release says about the functionality: Conversations between users who have activated the iMessage contact key check are automatically warned if particularly advanced attackers, e.g. B. state-supported attackers should succeed in penetrating cloud servers and injecting their own devices in order to eavesdrop on the encrypted communication. For added security, iMessage users can compare a contact verification code in person, over FaceTime, or via another secure call.
Security Keys for Apple ID
In addition to the two-factor authentication that Apple introduced for the Apple ID in 2015 and which, according to the company, is currently used by 95% of users, there will be another level of security in the future. This consists of security keys that represent a hardware extension of the existing software protection. Again, the target group consists of people who need special protection of their data - members of the government, activists, journalists and so on.
Those who choose this feature use the security keys to reinforce Apple's two-factor authentication by requiring a hardware security key as one of the two factors. The security key hardware is apparently not made by Apple itself, but is said to consist of third-party devices. Depending on the version, these can be connected to the device via Lightning (or USB-C) or used contactlessly via NFC. See the source linked above for more details.
Advanced Data Protection for iCloud
14 sensitive data categories are already encrypted in the iCloud. Anyone who activates the advanced data protection (Advanced Data Protection) uses the end-to-end encryption for a total of 23 data categories. These include backups, notes and photos. Major iCloud data not included in the 23 categories includes iCloud Mail, Contacts, and Calendar. The rationale is that these should be ready to be combined with global email, contacts and calendar systems should users wish to make use of them.
Information on the availability of the new security functions
The footnotes to the Apple press release linked above discuss the availability of the three new security features. Here is the timetable, which does not yet reveal exact dates for use outside the USA:
- iMessage Contact Key Verification will be available globally sometime in 2023.
- Security Keys for Apple ID will be available worldwide in early 2023.
- Advanced Data Protection for iCloud is available now in the US to Apple Beta Software Program members and will be available to all other US users by the end of the year. The feature will be made available globally in early 2023.
After graduating from high school, Johannes completed an apprenticeship as a business assistant specializing in foreign languages. But then he decided to research and write, which resulted in his independence. For several years he has been working for Sir Apfelot, among others. His articles include product introductions, news, manuals, video games, consoles, and more. He follows Apple keynotes live via stream.