Users can now protect their most sensitive data and communications with iMessage Contact Key Verification, Security Keys for Apple ID, and Advanced Data Protection for iCloud.
Apple recently announced three advanced security features aimed at protecting user data in the cloud. It marks the next step in the company’s ongoing effort to provide users with even more robust ways to protect their data. Users can use iMessage Contact Key Verification to ensure they are communicating only with the people they want to. Users can require a physical security key to sign in to their Apple ID account with Security Keys for Apple ID. Furthermore, Advanced Data Protection for iCloud uses end-to-end encryption to provide Apple’s highest level of cloud data security. Users can further protect important iCloud data such as iCloud Backup, Photos, Notes, and more.
As threats to user data become more sophisticated, these new features join a suite of other safeguards that make Apple products the safest on the market. It ranges from security built directly into our custom chips with best-in-class device encryption and data protections to features like Lockdown Mode which provides an extreme, optional level of protection for users such as journalists, human rights activists, and diplomats. Apple is committed to improving device and cloud security and adding new safeguards over time.
iMessage Contact Key Verification
With the introduction of iMessage, Apple pioneered the use of end-to-end encryption in consumer communication services. It makes sure that only the sender and recipients can read the messages. Since its inception, FaceTime has used encryption to keep conversations private and secure. Users who face extraordinary digital threats, such as
- Human Rights Activists
- and Government Officials
can now use iMessage Contact Key Verification to further verify that they are messaging only with the people they intend.
Although the vast majority of users will never be targeted by highly sophisticated cyberattacks. The feature adds an important layer of security for those who might be. Conversations between users who have enabled iMessage Contact Key Verification are automatically alerted if an exceptionally advanced adversary, such as a state-sponsored attacker, breaches cloud servers and inserts their own device to eavesdrop on these encrypted communications. Users of iMessage Contact Key Verification can also compare a Contact Verification Code. They can do so in person, on FaceTime, or over another secure call for added security.
In 2015, Apple introduced two-factor authentication for Apple ID. Today, it is the most widely used two-factor account security system in the world. More than 95 percent of active iCloud accounts use it. Users will now be able to use third-party hardware security keys to supplement this protection with Security Keys. This feature is intended for users who, due to their public profile, frequently face coordinated threats to their online accounts, such as celebrities, journalists, and government officials.
Security Keys strengthen Apple’s two-factor authentication by requiring a hardware security key as one of the two factors for users who opt-in. It prevents even the most sophisticated attacker from obtaining a user’s second factor in a phishing scam.
Advanced Data Protection for iCloud
For years, Apple’s Data Protection, the sophisticated file encryption system built into the iPhone, iPad, and Mac, has provided industry-leading data security on its devices. “Apple manufactures the most secure mobile devices available.” “We’re now building on that strong foundation,” said Ivan Krstic, Apple’s head of Security Engineering and Architecture.
By default, iCloud protects 14 sensitive data categories with end-to-end encryption, including passwords in iCloud Keychain and Health data. When Advanced Data Protection is enabled, the total number of data categories protected by end-to-end encryption increases to 23. It includes iCloud Backup, Notes, and Photos. Because of the need to interoperate with global email, contacts, and calendar systems. The only major iCloud data categories that are not covered are iCloud Mail, Contacts, and Calendar.
As per data breach research, “The Rising Threat to Consumer Data in the Cloud,” improved security for users’ data in the cloud is more urgent than ever. According to experts, the total number of data breaches more than tripled between 2013 and 2021. It exposed 1.1 billion personal records globally in just 2021. Companies across the technology industry are increasingly addressing this growing threat by incorporating end-to-end encryption into their offerings.