Apple recently announced new security measures, including end-to-end encryption to protect all data – backups, contacts, notes, photos, and wallet passes. Hardware Security Keys were also introduced for better protection against fraud.
Apple recently announced they would begin providing new security key authentication options for their Apple ID accounts. These options are intended to increase security on user accounts and make sure no one else can break through access (provided the right credentials).
To combat password phishing attacks, which happen when people trick victims into giving them personal information such as login credentials so that malicious parties can masquerade as others, apple aims to put an end to these endeavors with this change. Beyond email phishing scams, other scenarios make sense including bank fraud alerts and web browsing protections from intruders looking for vulnerabilities. They have yet to provide full protection against all cybersecurity risks just yet but hope this addition will pave way for establishing some boundaries where many were once non-existent – at least until further safety measures are developed by internet providers worldwide.
Apple has announced hardware Security Keys for Apple ID, giving users the choice to require two-factor authentication to sign into their Apple ID account.
Calling it Advanced Data Protection, Apple said they are expanding iCloud encryption capabilities from 14 sensitive data categories protected by end-to-end encryption to 23 new categories; this means backup files and contacts have been added as well. Previously, iCloud end-to-end encryption capabilities applied only to more sensitive information – including passwords saved in iCloud Keychain and personal health records.
The only data categories still left unprotected are iCloud Mail, Contacts, and Calendar because they’re needed to interoperate with the global email, contacts, and calendar systems, Apple said in a statement. Advanced-Data Protection for iCloud is available right now to Beta Software Program members in the United States and will be made available to all US users by the end of this year. The feature will start rolling out to those living outside the US next January 23rd – it’ll take 3 years before it’s accessible worldwide. iMessage Contact Key Verification will roll out globally later this month while Security Keys for Apple ID become accessible globally soon after next month (January).
The feature is designed for people who often face threats because of their public profile, including celebrities, journalists, and government officials—Apple just announced it at WWDC today!
Apple has also introduced Messages Contact Key Verification (to make sure you know when you’re talking with someone) and Advanced Data Protection features (which encrypt everything stored locally on your device).
Apple said the heightened security features for iCloud are needed more than ever because the number of data breaches more than tripled between 2013 and 2021, exposing 1.1 billion personal records across the globe in 2021 alone.
Increasingly, Apple continued, companies across all industries are taking note to address this growing threat—encrypting their products such as messaging services and backup drives.
Apple may have fallen behind on encryption though – whereas Facebook’s WhatsApp already adopted an encrypted messaging service a year ago.
iCloud Security and Encryption
To safeguard your data when storing it in iCloud, you should use two-factor authentication to make sure no one can access your account without having been given permission first. Two-factor authentication is also required for many features that span Apple’s ecosystem – including end-to-end encryption. There are two options available when it comes to encrypting and protecting the data stored in iCloud:
Standard data protection is the default setting on your account – but this means some of your iCloud data isn’t encrypted at all. Our standard security provides enough protection if you don’t want anyone accessing anything they’re not supposed to see or share. Advanced-Data Protection for iCloud is an optional setting that offers our strongest level of cloud security – which means all relevant information will be encrypted via end-to-end encryption; as well as backups, photos, notes, and more that would otherwise just be sitting there exposed like a tender cut of meat asking to be taken home by someone who doesn’t deserve it.
Encrypted data which cannot be deciphered at any point
End-to-end encrypted data can only be decrypted on your trusted devices, where you are logged in with your Apple ID. No one else has access to this end-to-end encrypted data – including Apple – and these files remain secure even in the event of a hacker attack. If you happen to forget your password for logging into an account, then it will only be available for retrieval by that specific user through their device passcode or security question answers.
Data Protection Standard
Standard data security is the default setting for your account. The encryption keys from your trusted devices are secured within Apple Data Centers, so Apple can decrypt your data on your behalf anytime you require it – such as As long as you can successfully log in with your Apple ID, you can access all of your backups, photos, documents, and more. For additional privacy and safety measures, 14 Data Categories – including Health information and Password Manager – have been coded using End-to-End Encryption technology; which means only YOU know what they contain because Apple DOESN’T HAVE YOUR KEY TO DECRYPT THEM!
The table below includes a list of Data Categories that will ALWAYS be coded using End-to-End Encryption technology.
Innovations in data protection
Apple has begun rolling out its new Advanced Data Protection upgrade which provides stronger encryption for iCloud backup to protect people from data breaches that would otherwise happen. The difference between traditional cloud storage and Advanced Data Protection is simple but makes a huge impact on privacy and security: it encrypts the entirety of your user content including backed-up photos, notes, emails, calendars, passwords, etc.—without relying on Apple’s servers; hence making the entire process safer than ever before. This increase in security comes with some drawbacks though—users will have to sacrifice complete discretion if they want to take advantage of this new technology. More importantly, once enabled there is no turning back! Advanced-Data Protection only protects individuals who had created backups while previous versions were live because backups made with these updates won’t be encrypted without updating other devices first.
Encryption of some metadata
Some metadata and user information stored in iCloud remains under standard data protection, even when Advanced Data Protection is enabled.
For example, used to help Apple de-duplicate and optimize your iCloud storage—all without having access to the files or photos themselves. Representative examples can be found in the table below.
As we continue to strengthen security measures for all users, Apple will take every measure possible (including encrypting this type of metadata) so it can’t ever be accessed if Advanced Data Protection is enabled.
Collaborating and sharing
With typical data protections, iCloud content that you share with other people is not end-to-end encrypted. Advanced-Data Protection has been designed to maintain end-to-end encryption for shared items as long as all the collaborators have the Advanced Data Protection mode enabled. This level of protection is only available in some parts of iCloud Sharing Features—including iCloud Shared Photo Library and Photos Shared Albums feature–if it involves collaborating on files over an Internet connection. Otherwise when using features such as iCloud Drive shared folders and Shared Notes, they’re neither protected from a third party nor one another if they don’t authenticate themselves with fingerprint authentication. It could also compromise any form of classified material which might otherwise require strict confidentiality settings.
To share anything via traditional methods, like sending emails or direct messages to multiple recipients at once, account info will be gathered along with your file attachments making it unsecured during transit since it doesn’t use authentication technology (fingerprints).
iCloud provides online data
Access to your iCloud data is made possible through any internet browser. All of the personal information shared between you and your computer is protected via secured encryption during transfer; while when Advanced Data Protection mode is activated all sessions at the website would not work unless approved in advance. To bypass this limitation, a person has the option to disable protection by configuring their settings page if they desire full access to browsing information from devices that do not have a passcode lock currently enabled or turned off when asking for specific permissions explicitly allowed only by owners.
Third-Party Data Centers
Third-party app data stored in iCloud is always protected with top-of-the-line encryption technology. When you enable Advanced Data Protection, third-party app data stored in iCloud Backup and CloudKit encrypted fields and assets are end-to-end encrypted. When processing the app’s end-to-end encrypted data, cryptographic keys are accessed only by Apple software running on secure servers–even if it happens to do so at a third-party center where it stores its other products. All key access will take place solely within an Apple data center–never outside of its protective boundaries where intruders can potentially steal them from unguarded premises.
iCloud Security Overview
iCloud takes advantage of rigorous security practices while ensuring your data is kept private and untouched. They are one of the leaders in using secure technology, such as end-to-end encryption, which keeps your information completely safe.
3 comments