Apple Shares Updated iOS Security Guide With Info on Face ID, Apple Pay Cash and More

MacRumors

macrumors bot
Original poster
Apr 12, 2001
46,755
8,953



Apple this afternoon published an updated version of its iOS Security white paper for iOS 11 [PDF], with information that covers features introduced in iOS 11.1 and iOS 11.2, like Face ID and Apple Pay Cash.

Much of the information in the document on Face ID has been previously shared by Apple in a dedicated Face ID white paper and accompanying support document that was released in September following the iPhone X's announcement, but the Face ID section is worth a re-read for those who are interested in Face ID security.


The document also covers several other topics, such as Shared Notes, CloudKit, Siri Suggestions, and more, with a full list of updates below:

Updated for iOS 11.2
- Apple Pay Cash

Updated for iOS 11.1
- Security Certifications and Programs
- Touch ID/Face ID
- Shared Notes
- CloudKit end-to-end encryption
- TLS
- Apple Pay, Paying with Apple Pay on the web
- Siri Suggestions
- Shared iPad

The document explains in detail how Apple features work and how they're protected. With Apple Pay Cash, for example, Apple says transaction data is stored for troubleshooting and fraud protection, while all money transfers are done securely using the Secure Element as with other Apple Pay transactions.

There are many small but significant details in the paper about all of the topics listed above, and for anyone who is interested in the security of their iPhones and iPads, it's worth checking out in detail.

Prior to today's update, the last update to the iOS security document was in July of 2017 following the release of iOS 10.3.

Article Link: Apple Shares Updated iOS Security Guide With Info on Face ID, Apple Pay Cash and More
 

miniyou64

macrumors 6502a
Jul 8, 2008
568
1,989
It must be true! No need to open source it, have it audited, or PROVE anything! They published a PDF, so it must be true!
 
  • Like
Reactions: MistrSynistr

ChrisCW11

macrumors 65816
Jul 21, 2011
1,037
1,417
Can we share back to Apple the "Customers" security guide with a requirement that passwords cannot be bypassed by just pure gumption?
 

Solomani

macrumors 68040
Sep 25, 2012
3,787
6,491
Alberto, Canado
The dumb buyers will trust anyone with their face data.... some random chinese company where your face data will be shared around online.
Let me guess, your phone is a Huawei, right? :rolleyes:
[doublepost=1515761243][/doublepost]
WHOA. Huge deal here that everyone seems to be overlooking. Page 73 in regards to the Apple Bounty for vulnerability researchers (like me) now no longer only applies to Apple partners. This opening up of the system is a big change from when Apple first announced this at DEFCON.
It's a good thing, right?
 

deanthedev

Suspended
Sep 29, 2017
1,287
2,385
Vancouver
It must be true! No need to open source it, have it audited, or PROVE anything! They published a PDF, so it must be true!
Ah yes, another logical fallacy. I don’t have the source code or any evidence whatsoever, but I’m SURE there’s something wrong.

Or you could go to the other thread where the FBI claims how difficult it is to break into iPhones (so difficult they want a backdoor). Funny you never hear the FBI complaining about security being difficult with anyone else’s devices.
 

Cordorb

macrumors regular
May 8, 2010
211
50
If i read the PDF in my Ipad with night shift mode on will it still be a white paper ?
 

miniyou64

macrumors 6502a
Jul 8, 2008
568
1,989
Ah yes, another logical fallacy. I don’t have the source code or any evidence whatsoever, but I’m SURE there’s something wrong.

Or you could go to the other thread where the FBI claims how difficult it is to break into iPhones (so difficult they want a backdoor). Funny you never hear the FBI complaining about security being difficult with anyone else’s devices.
That would very specifically point the security being easier to break, not harder since they would want the people they are going after to use iPhones...
 

DeepIn2U

macrumors 603
May 30, 2002
6,260
1,745
Toronto, Ontario, Canada
Hardly anyone will read the entire pdf but almost everyone will have strong opinions on Apples ability to innovate, secure, and write software.
I think this is more about Apple beginning to be more transparent since yesterday's questions from a specific Senator in the USA was fielded regarding their battery/cpu throttling stance.
[doublepost=1515788069][/doublepost]
The dumb buyers will trust anyone with their face data.... some random chinese company where your face data will be shared around online.
Mobele obele. Belobeole ol, ookebokee blahbelobeda.
 

deanthedev

Suspended
Sep 29, 2017
1,287
2,385
Vancouver
That would very specifically point the security being easier to break, not harder since they would want the people they are going after to use iPhones...
I suppose all that time in court trying to force Apple to build a back door was.....just for show?
 

miniyou64

macrumors 6502a
Jul 8, 2008
568
1,989
Ridiculous.

Apparently it bothers you that iOS is so secure. Why someone would be upset iOS is secure is beyond me.
I'm glad you take a companies word for it. I don't however. I like proof, not marketing spin. And for the record people who are serious about security in the technology world agree with my point of view.
 

deanthedev

Suspended
Sep 29, 2017
1,287
2,385
Vancouver
I'm glad you take a companies word for it. I don't however. I like proof, not marketing spin. And for the record people who are serious about security in the technology world agree with my point of view.
Please show me “proof” from any software company on the planet. I’ll be right here waiting......because you have none. You’re literally making stuff up as you go.