Apple introduces new security features for iCloud, Messaging
Full end-to-end encryption coming to iCloud
Apple has unveiled a set of protection features to help users secure their data.
The company says it will now provide full end-to-end encryption for almost all of the data its users save in its iCloud storage system, meaning it will be more difficult for hackers, spies and law enforcement agencies to access private user information.
Users must opt into the new feature, known as Advanced Data Protection, to activate it on their devices.
The new solution secures 23 data categories, including iCloud device backups, photographs, and notes, compared to the 14 categories that were previously protected. Users' calendars, contacts and iCloud Mail are still not encrypted, which Apple says is done to support global systems.
As part of Advanced Data Protection, Apple says it will no longer store the encryption keys in iCloud; instead the device will hold the encryption key, or the code needed to access the encrypted data. If a user who chooses to use this protection loses access to their account, they will be responsible for using their key to restore that access.
US customers will be able to get Advanced Data Protection for iCloud by the end of the year, while Apple will start to roll it out globally in early 2023.
The move will undoubtedly please privacy activists, who have long criticised Apple's unencrypted iCloud backups as a weak link in security.
The change also means that if Apple's servers were ever compromised, the user data exposed would be limited.
However, it may annoy law enforcement, which has used Apple's policy of not encrypting backups as a tool to get information in investigations.
According to the Wall Street Journal, the FBI criticised Apple's new feature on Wednesday, claiming that it would hinder the agency's capacity to defend Americans from criminal conduct.
Law enforcement agencies across the globe tend to oppose encryption, because it enables suspects to go dark and prevents law enforcement from accessing potential evidence they could obtain under lower levels of protection.
More security updates coming for iMessage and iCloud
Apple also unveiled two more security improvements that are focused on avoiding account and device misuse.
Individuals who face extraordinary risks (such as journalists, activists, and government officials) can use new iMessage Contact Key Verification feature, to be sure that participants in their chat are real.
If a state-sponsored hacker or other intruder is successful in adding a rogue device to your account, you'll automatically be notified.
When the functionality is activated users can even compare verification codes in-person, during encrypted conversations, and over FaceTime.
Apple also intends to implement a physical security key mechanism for iCloud account sign-ins on all new devices. It serves as a hardware-based token for two-factor authentication.
Users who want to employ this extra degree of protection must plug a physical security key into their phone's charging port to prove their identity when signing into their iCloud account on a new device.
However, users who decide to use this feature to secure their iCloud accounts will be responsible for keeping both the primary and backup security keys.
Apple will roll out both the security key and iMessage protections worldwide in 2023.