Apple Previews New iMessage and Apple ID Security Features Coming in 2023

[MacRumors]

In addition to expanding end-to-end encryption to many additional iCloud data categories on an optional basis, Apple today also announced two other new security features designed to protect against threats to user data in the cloud.

iMessage Contact Key Verification​

Apple says the new iMessage Contact Key Verification and Security Keys for Apple ID features will be available globally on the iPhone and other devices in 2023.

iMessage Contact Key Verification allows users who face "extraordinary digital threats," such as journalists, human rights activists, and government officials, to further verify that they are messaging only with the people they intend. In conversations between users who have enabled iMessage Contact Key Verification, users are alerted if a state-sponsored attacker or other malicious actor were ever to succeed breaching cloud servers and inserting their own device to eavesdrop on the conversation.

As an additional layer of security, iMessage Contact Key Verification users can compare a Contact Verification Code in person, on FaceTime, or through another secure call to further verify they are communicating only with whom they intend.

Security Keys for Apple ID ​

Second, Security Keys for Apple ID will give users the choice to use third-party physical security keys to further protect their account. For users who enable this feature, Security Keys strengthens Apple's two-factor authentication by requiring a hardware security key as one of the two factors instead of an authentication code.

"Our security teams work tirelessly to keep users' data safe, and with iMessage Contact Key Verification, Security Keys, and Advanced Data Protection for iCloud, users will have three powerful new tools to further protect their most sensitive data and communications," said Apple's software engineering chief Craig Federighi.

Article Link: Apple Previews New iMessage and Apple ID Security Features Coming in 2023

 

[BreakingKayfabe]

*Not available in Greater China

Edit: Apparently it is coming to China in 2023

 

[KingOfTas]

I really wish the journalists on this site were a tiny bit more critical of Apple, rather than just copy pasting press releases. Even if this is true and implemented it still serves Apple to provide customers with a false sense of privacy.

Apple does not care about your privacy. They are ramping up their ads on all their platforms. They are still storing the key to decrypt all your messages into the backup which often is backed up on Google Data Centres.

They still haven't sworn off the entire photo library scanning they attempted last year.

The longer Apple fails to innovate majorly (think, ipod, iPhone, Watch) the more they will become a standard Coca Cola who will try to appease shareholders over customers. Apple in the wrong hands traps a lot of people into the walled garden.

The only safe app today is Signal and has been for the last half decade.

 

[BootsWalking]

More virtue signaling from Apple after hobbling AirDrop in China. It's almost comical at this point.

 

[enterthemerdaverse]

More virtue signaling from Apple after hobbling AirDrop in China. It's almost comical at this point.

In a protest you should disable that and Bluetooth anyway or you become tracked easily. You become an object on the radar.

 

[mansplains]

I wondered what why Apple didn't support security keys / U2F. This will be handy for me.

 

[Unregistered 4U]

The only safe app today is Signal and has been for the last half decade.

If only Signal made a phone. Because, as long as it’s always running on top of someone else’s OS and hardware, it’s only as secure as the underlying framework. Signal seems to trust Apple enough to run their app on it’s hardware.

 

[samlikesmac]

I really wish the journalists on this site were a tiny bit more critical of Apple, rather than just copy pasting press releases. Even if this is true and implemented it still serves Apple to provide customers with a false sense of privacy.

Apple does not care about your privacy. They are ramping up their ads on all their platforms. They are still storing the key to decrypt all your messages into the backup which often is backed up on Google Data Centres.

They still haven't sworn off the entire photo library scanning they attempted last year.

The longer Apple fails to innovate majorly (think, ipod, iPhone, Watch) the more they will become a standard Coca Cola who will try to appease shareholders over customers. Apple in the wrong hands traps a lot of people into the walled garden.

The only safe app today is Signal and has been for the last half decade.

CSAM plans have been cancelled as of today.

 

[racerhomie]

God Bless Apple. Love Tim Cook !

 

[racerhomie]

*Not available in Greater China

is that known? Or are you just spitballing?

 

[racerhomie]

More virtue signaling from Apple after hobbling AirDrop in China. It's almost comical at this point.

It was being used to spread porn and graphic images and spam. It’s a new global feature. AirDrop was always set to contacts only by default

 

[BreakingKayfabe]

is that known? Or are you just spitballing?

I was spitballing because it was my immediate thought. I edited the post.

 

[racerhomie]

I was spitballing because it was my immediate thought. I edited the post.

Apple actually clearly states they hold the keys to the iCloud data in China. People could sue if they lied

 

[centauratlas]

I really wish the journalists on this site were a tiny bit more critical of Apple, rather than just copy pasting press releases. Even if this is true and implemented it still serves Apple to provide customers with a false sense of privacy.

Apple does not care about your privacy. They are ramping up their ads on all their platforms. They are still storing the key to decrypt all your messages into the backup which often is backed up on Google Data Centres.

They still haven't sworn off the entire photo library scanning they attempted last year.

The longer Apple fails to innovate majorly (think, ipod, iPhone, Watch) the more they will become a standard Coca Cola who will try to appease shareholders over customers. Apple in the wrong hands traps a lot of people into the walled garden.

The only safe app today is Signal and has been for the last half decade.

From my (albeit not yet deep dive), the backup is encrypted with on device keys if you enable this so that should answer your concern above. That is my concern also, but it appears from the info I've seen so far that they are locking that down.

Let's hope.

 

[DeepIn2U]

More virtue signaling from Apple after hobbling AirDrop in China. It's almost comical at this point.

AirDrop limitation to 15mins has nothing to do with virtue signaling, it's about being spammed.

Anyhow this security is a necessary and great feature (Security Keys) to iOS and a BIG reason why RCS is not being implmented. Take that Google.

 

[Kaikidan]

It would be nice if they also allowed mac login via yubico security keys besides biometry on the fancy keyboards or by proximity of the apple watch, more options are always good.

 

[BootsWalking]

AirDrop limitation to 15mins has nothing to do with virtue signaling, it's about being spammed.

Anyhow this security is a necessary and great feature (Security Keys) to iOS and a BIG reason why RCS is not being implmented. Take that Google.

Yeah, been like that forever but suddenly Chinese citizens started using it to avoid government censors and suddenly Apple wants to fix the "spam problem". You can't be serious.

 

[t0rqx]

Let me guess these features probably need you to upgrade to iPhone 15 cause current iPhones cannot run this.

 

[Xoushu]

I’m Chinese in shanghai.

Our device is missing a lot of functions.

Please let this function come to this place. PLEASE!

 

[gank41]

Well, this is unfortunate. I wonder if it’s because of the beta update? I bought this iPhone 14 Peo Max on launch day.

 

[rweston002]

Let me guess these features probably need you to upgrade to iPhone 15 cause current iPhones cannot run this.

I'd guess you were wrong. Let's see whose guess is correct... (happy iPhone 12 mini owner here, looking forward to some of these changes/features).

 

[pcmike]

Now if only we can get some of this security/privacy on Home Keys for HomeKit enabled smart locks. Currently, anyone added as a resident to the home gets a home key that they alone get to decide if express mode is enabled or not… not the actual lock/home owner. This means literally any resident (adult, kid, etc) can enable express mode on their home key and literally anyone who gains access to that phone can use it to unlock your front door without any authentication being done… and the owner of the lock has no say/no way to bar any resident from enabling express mode! Talk about a massive security risk at your front door! Come on Apple…

 

[iDarth_Betar]

I really wish the journalists on this site were a tiny bit more critical of Apple, rather than just copy pasting press releases. Even if this is true and implemented it still serves Apple to provide customers with a false sense of privacy.

Apple does not care about your privacy. They are ramping up their ads on all their platforms. They are still storing the key to decrypt all your messages into the backup which often is backed up on Google Data Centres.

They still haven't sworn off the entire photo library scanning they attempted last year.

The longer Apple fails to innovate majorly (think, ipod, iPhone, Watch) the more they will become a standard Coca Cola who will try to appease shareholders over customers. Apple in the wrong hands traps a lot of people into the walled garden.

The only safe app today is Signal and has been for the last half decade.

So you chime in roughly 2 times a year (over the last 7) to what, bash an article here and there without searching current articles first…?

Apple Abandons Controversial Plans to Detect Known CSAM in iCloud Photos

In addition to making end-to-end encryption available for iCloud Photos, Apple today announced that it has abandoned its controversial plans to...

www.macrumors.com

They don’t trap anyone. No one has yet to be found cuffed to a chair in TC’s basement, being forced to buy one, let alone more devices from Apple. Don’t like the ecosystem, don’t buy the products.

👊😎👍

 

[QuarterSwede]

Personally, I think this is fantastic for those in dangerous situations.

 

[alexe]

MacRumors should always add the link to the original announcement from Apple.

I know you want to keep people on your site, but it's annoying for users who want to read Apple's official announcements to have to Google it every time rather than click on a link in your article. Sources should always be linked directly.