News, 08.12.2022, 10:00 AM
Apple introduced Advanced Data Protection for iCloud, a new feature that uses end-to-end encryption to protect sensitive iCloud data, including backups, photos, notes and more.
Apple now offers two options for encrypting iCloud data. Standard data protection is the default, iCloud data is encrypted, and the encryption keys are in Apple’s data centers so that Apple can help the user recover the data, and only certain data is encrypted. Apple can decrypt your data on your behalf whenever you need it, for example, when you sign in on a new device, when you want to restore data from a backup, or to restore data when you’ve forgotten your password. As long as you can sign in with your Apple ID, you can access your backups, photos, documents, notes, and other data.
Advanced Data Protection is optional, and designed to protect “most iCloud data even in the event of a data breach in the cloud” so that encrypted data in the cloud can only be decrypted on trusted user devices.
Those who choose to use this option will first be prompted to select an alternate recovery method (password or device passcode, recovery contact, or personal recovery key) required if they lose access to their Apple account. This is necessary because Apple will not have the keys to decrypt the data.
Data protected by end-to-end encryption of those that enable advanced data protection includes device backups and messages, iCloud Drive, photos, notes, reminders, Safari bookmarks, voice memos, and more.
iCloud Mail, contacts, and calendar data will not be encrypted because they are needed to communicate with other email, contact, and calendar systems.
“Starting in iOS 16.2, iPadOS 16.2, and macOS 13.1, you can choose to enable Advanced Data Protection to protect the vast majority of your iCloud data, even in the event of a data breach in the cloud,” Apple explained on its support website.
Users can also turn off backup encryption at any time, and their devices will securely upload encryption keys to Apple servers and their accounts will automatically revert to standard data protection.
Advanced Data Protection is already available in the US for users who are part of Apple’s Beta Software Program and will be available for all users in the US later this month, and for users outside the US in early 2023.
Apple also introduced two more security features: iMessage Contact Key Verification and Security Keys for Apple ID.
The first allows iMessage users to verify the identity of people on the other end and alerts them if a hacker manages to add their device to a conversation. That’s especially important for people “who face extraordinary digital threats, such as journalists, human rights activists and members of governments,” Apple said.
Another feature allows Apple users to set up their Apple ID account to require a physical security key to complete the sign-in process. And this function is primarily intended for people who are public figures and whose accounts are often the target of attacks.
Cover photo: Kartikey Das Pexels