Apple launches major security updates around the world

Sign up to our free weekly IndyTech newsletter delivered straight to your inbox

Sign up to our free IndyTech newsletter

Please enter a valid email address

Please enter a valid email address

SIGN UP

I would like to be emailed about offers, events and updates from The Independent. Read our privacy policy

Apple has launched its recent major security updates to the whole world.

The three new tools are aimed at stopping users’ data being stolen while it is being stored in the cloud. They include ways of checking that the people in an iMessage conversation really are who they say they are, and the option to fully encrypt iCloud backups so that even Apple is unable to read them.

The new features were released to the US in early December. They are now rolling out globally, after testing.

Apple has long offered a range of protections on its devices, including security features that can lock up and even wipe an iPhone if someone is trying to access data. But the new tools come amid increasing concern that data is particularly at risk when it is being stored in the cloud, as with iPhone and iPad backups.

As such, Apple will now offer a new tool called “Advanced Data Protection”, which will secure iCloud backups with end-to-end encryption so that it can only be read by people’s own trusted devices. That means even Apple is unable to see the data that it is storing on behalf of users.

The feature is likely to be unpopular with governments and law enforcement, who have used Apple’s backups as a way of reading people’s personal data.

But Apple’s concern has also focused on users: when the feature is turned on, Apple will no longer be able to open up people’s backups, which means that if they forget their password there will be little the company can do. To try and stop that, it will require that users store emergency keys in case, or to nominate a backup contact who will be able to unlock their account on their behalf.

The feature will be optional, and must be opted into. The same is true of all the new security updates.

As well as the encryption of iCloud backups, Apple will now offer iMessage Contact Key Verification, which will alert people if an attacker breaches cloud servers and is able to listen in on conversations, and offers ways to check that has not happened. Apple said that the feature is aimed at “users who face extraordinary digital threats — such as journalists, human rights activists, and members of government”, and suggested only those who are at risk of such a rare and sophisticated attack are advised to turn it on.

Apple will also support security keys for two-factor authentication, which requires that a physical device is held near the phone before it can be unlocked. Again, Apple said that the feature “is designed for users who, often due to their public profile, face concerted threats to their online accounts, such as celebrities, journalists, and members of government”, and suggested that most are unlikely to switch it on.

The new updates will arrive in an upcoming iOS update and can be used from the Settings app.