Apple is planning to significantly expand its data-encryption practices, as the company continues to build new privacy protections for millions of iPhone users. The expanded end-to-end encryption system, an optional feature called Advanced Data Protection, would keep most data secure that is stored in iCloud, an Apple service used by many of its users to store photos, back up their iPhones or save specific device data such as Notes and Messages.
Users can verify they are communicating only with whom they intend with iMessage Contact Key Verification, With Security Keys for Apple ID, users have the choice to require a physical security key to sign in to their Apple ID account. And with Advanced Data Protection for iCloud, which uses end-to-end encryption to provide Apple’s highest level of cloud data security, users have the choice to further protect important iCloud data, including iCloud Backup, Photos, Notes, and more.
With iMessage Contact Key Verification, users can choose to further verify that they are messaging only with the people they intend. Conversations between users who have enabled iMessage Contact Key Verification receive automatic alerts if an exceptionally advanced adversary were ever to succeed breaching cloud servers and inserting their own device to eavesdrop on these encrypted communications. And for even higher security, iMessage Contact Key Verification users can compare a Contact Verification Code in person, on FaceTime, or through another secure call.
“At Apple, we are unwavering in our commitment to provide our users with the best data security in the world. We constantly identify and mitigate emerging threats to their personal data on device and in the cloud. Our security teams work tirelessly to keep users’ data safe, and with iMessage Contact Key Verification, Security Keys, and Advanced Data Protection for iCloud, users will have three powerful new tools to further protect their most sensitive data and communications.”Craig Federighi, Apple’s senior vice president of Software Engineering.
To enhance Security Keys protection, users will have the choice to make use of third-party hardware security keys. For users who opt in, Security Keys strengthens Apple’s two-factor authentication by requiring a hardware security key as one of the two factors.
For users who opt in, Advanced Data Protection keeps most iCloud data protected even in the case of a data breach in the cloud. To set up Advanced Data Protection, users will have to enable at least one data-recovery method. This could be a recovery key or the user could assign a friend or family member as a recovery contact.
As Apple has locked down its systems, governments worldwide have become increasingly interested in the data stored on phones and cloud computers. That interest has led to friction between Apple and law-enforcement agencies, along with a growing market for iPhone hacking tools. Advanced Protection will reduce the amount of iCloud information that Apple can provide to law-enforcement agencies, who frequently request iPhone data from Apple as part of their investigations.
Apple had already offered end-to-end encryption for some of its services, but the protection will now extend to 23 services, including iPhone backups and Photos. The only major iCloud data categories that are not covered are Mail, Contacts and Calendar which don’t qualify for Advanced Protection because they use older technology protocols, Mr. Federighi said.
The new encryption system, to be tested first by Beta users, will start rolling out to worldwide in early 2023.