Apple Shares Updated iOS Security Guide With Info on Face ID, Apple Pay Cash and More

Discussion in 'MacRumors.com News Discussion' started by MacRumors, Jan 11, 2018.

  1. MacRumors macrumors bot

    MacRumors

    Joined:
    Apr 12, 2001
    #1
    [​IMG]


    Apple this afternoon published an updated version of its iOS Security white paper for iOS 11 [PDF], with information that covers features introduced in iOS 11.1 and iOS 11.2, like Face ID and Apple Pay Cash.

    Much of the information in the document on Face ID has been previously shared by Apple in a dedicated Face ID white paper and accompanying support document that was released in September following the iPhone X's announcement, but the Face ID section is worth a re-read for those who are interested in Face ID security.

    [​IMG]

    The document also covers several other topics, such as Shared Notes, CloudKit, Siri Suggestions, and more, with a full list of updates below:

    Updated for iOS 11.2
    - Apple Pay Cash

    Updated for iOS 11.1
    - Security Certifications and Programs
    - Touch ID/Face ID
    - Shared Notes
    - CloudKit end-to-end encryption
    - TLS
    - Apple Pay, Paying with Apple Pay on the web
    - Siri Suggestions
    - Shared iPad

    The document explains in detail how Apple features work and how they're protected. With Apple Pay Cash, for example, Apple says transaction data is stored for troubleshooting and fraud protection, while all money transfers are done securely using the Secure Element as with other Apple Pay transactions.

    There are many small but significant details in the paper about all of the topics listed above, and for anyone who is interested in the security of their iPhones and iPads, it's worth checking out in detail.

    Prior to today's update, the last update to the iOS security document was in July of 2017 following the release of iOS 10.3.

    Article Link: Apple Shares Updated iOS Security Guide With Info on Face ID, Apple Pay Cash and More
     
  2. OldSchoolMacGuy macrumors 68040

    OldSchoolMacGuy

    Joined:
    Jul 10, 2008
    #2
    Thread will be filled with unrelated complaints about macOS security.
     
  3. rturner2 macrumors 6502

    Joined:
    Jul 18, 2009
    #3
    The dumb buyers will trust anyone with their face data.... some random chinese company where your face data will be shared around online.
     
  4. Chazzle macrumors 68000

    Chazzle

    Joined:
    Jul 17, 2015
    #4
    Huh, didn’t realize Apple was some random Chinese company that shares your data online.
     
  5. EdT macrumors 65816

    EdT

    Joined:
    Mar 11, 2007
    Location:
    Omaha, NE
    #5
    And it was the next post after yours.
     
  6. Baymowe335 macrumors 65816

    Joined:
    Oct 6, 2017
    #6
    Hardly anyone will read the entire pdf but almost everyone will have strong opinions on Apples ability to innovate, secure, and write software.
     
  7. Aussi3 macrumors 6502

    Aussi3

    Joined:
    Jun 3, 2012
    Location:
    Facesticks on the App store
    #7
    My face data points is safe with Apple! No one will making a mask anytime soon.
     
  8. SecuritySteve macrumors 6502

    SecuritySteve

    Joined:
    Jul 6, 2017
    Location:
    California
    #8
    WHOA. Huge deal here that everyone seems to be overlooking. Page 73 in regards to the Apple Bounty for vulnerability researchers (like me) now no longer only applies to Apple partners. This opening up of the system is a big change from when Apple first announced this at DEFCON.
     
  9. scrapesleon macrumors 6502

    scrapesleon

    Joined:
    Mar 30, 2017
    Location:
    Jamaica
    #9
    I wouldn’t be so sure but third party are playing with this technology now like Facebook
     
  10. miniyou64 macrumors 6502

    miniyou64

    Joined:
    Jul 8, 2008
    #10
    It must be true! No need to open source it, have it audited, or PROVE anything! They published a PDF, so it must be true!
     
  11. needfx macrumors 68040

    needfx

    Joined:
    Aug 10, 2010
    Location:
    macrumors apparently
  12. ChrisCW11 macrumors 6502a

    Joined:
    Jul 21, 2011
    #12
    Can we share back to Apple the "Customers" security guide with a requirement that passwords cannot be bypassed by just pure gumption?
     
  13. Solomani macrumors 68040

    Solomani

    Joined:
    Sep 25, 2012
    Location:
    Alberto, Canado
    #13
    Let me guess, your phone is a Huawei, right? :rolleyes:
    --- Post Merged, Jan 12, 2018 ---
    It's a good thing, right?
     
  14. deanthedev Suspended

    deanthedev

    Joined:
    Sep 29, 2017
    Location:
    Vancouver
    #14
    Ah yes, another logical fallacy. I don’t have the source code or any evidence whatsoever, but I’m SURE there’s something wrong.

    Or you could go to the other thread where the FBI claims how difficult it is to break into iPhones (so difficult they want a backdoor). Funny you never hear the FBI complaining about security being difficult with anyone else’s devices.
     
  15. RickInHouston macrumors 65816

    Joined:
    May 14, 2014
    #15
    Does the update make Safari snappier or the CPU slower?

    Couldn't resist!
     
  16. SecuritySteve macrumors 6502

    SecuritySteve

    Joined:
    Jul 6, 2017
    Location:
    California
    #16
    Yes, very good thing.
     
  17. Cordorb macrumors regular

    Joined:
    May 8, 2010
    #17
    If i read the PDF in my Ipad with night shift mode on will it still be a white paper ?
     
  18. miniyou64 macrumors 6502

    miniyou64

    Joined:
    Jul 8, 2008
    #18
    That would very specifically point the security being easier to break, not harder since they would want the people they are going after to use iPhones...
     
  19. DeepIn2U macrumors 601

    DeepIn2U

    Joined:
    May 30, 2002
    Location:
    Toronto, Ontario, Canada
    #19
    I think this is more about Apple beginning to be more transparent since yesterday's questions from a specific Senator in the USA was fielded regarding their battery/cpu throttling stance.
    --- Post Merged, Jan 12, 2018 ---
    Mobele obele. Belobeole ol, ookebokee blahbelobeda.
     
  20. deanthedev Suspended

    deanthedev

    Joined:
    Sep 29, 2017
    Location:
    Vancouver
    #20
    I suppose all that time in court trying to force Apple to build a back door was.....just for show?
     
  21. miniyou64 macrumors 6502

    miniyou64

    Joined:
    Jul 8, 2008
    #21
    Potentially
     
  22. deanthedev Suspended

    deanthedev

    Joined:
    Sep 29, 2017
    Location:
    Vancouver
    #22
    Ridiculous.

    Apparently it bothers you that iOS is so secure. Why someone would be upset iOS is secure is beyond me.
     
  23. miniyou64 macrumors 6502

    miniyou64

    Joined:
    Jul 8, 2008
    #23
    I'm glad you take a companies word for it. I don't however. I like proof, not marketing spin. And for the record people who are serious about security in the technology world agree with my point of view.
     
  24. deanthedev Suspended

    deanthedev

    Joined:
    Sep 29, 2017
    Location:
    Vancouver
    #24
    Please show me “proof” from any software company on the planet. I’ll be right here waiting......because you have none. You’re literally making stuff up as you go.
     
  25. miniyou64 macrumors 6502

    miniyou64

    Joined:
    Jul 8, 2008
    #25
    Have you heard of open source software?
     

Share This Page