iPhone XS and XS Max in silver, space gray, and gold.
Apple Shares Updated iOS Security Guide With Info on Face ID, Apple Pay Cash and More
Apple this afternoon published an updated version of its iOS Security white paper for iOS 11 [PDF], with information that covers features introduced in iOS 11.1 and iOS 11.2, like Face ID and Apple Pay Cash.
Much of the information in the document on Face ID has been previously shared by Apple in a dedicated Face ID white paper and accompanying support document that was released in September following the iPhone X's announcement, but the Face ID section is worth a re-read for those who are interested in Face ID security.
The document also covers several other topics, such as Shared Notes, CloudKit, Siri Suggestions, and more, with a full list of updates below:
Updated for iOS 11.2
- Apple Pay Cash
Updated for iOS 11.1
- Security Certifications and Programs
- Touch ID/Face ID
- Shared Notes
- CloudKit end-to-end encryption
- TLS
- Apple Pay, Paying with Apple Pay on the web
- Siri Suggestions
- Shared iPad
The document explains in detail how Apple features work and how they're protected. With Apple Pay Cash, for example, Apple says transaction data is stored for troubleshooting and fraud protection, while all money transfers are done securely using the Secure Element as with other Apple Pay transactions.
There are many small but significant details in the paper about all of the topics listed above, and for anyone who is interested in the security of their iPhones and iPads, it's worth checking out in detail.
Prior to today's update, the last update to the iOS security document was in July of 2017 following the release of iOS 10.3.
Much of the information in the document on Face ID has been previously shared by Apple in a dedicated Face ID white paper and accompanying support document that was released in September following the iPhone X's announcement, but the Face ID section is worth a re-read for those who are interested in Face ID security.
The document also covers several other topics, such as Shared Notes, CloudKit, Siri Suggestions, and more, with a full list of updates below:
Updated for iOS 11.2
- Apple Pay Cash
Updated for iOS 11.1
- Security Certifications and Programs
- Touch ID/Face ID
- Shared Notes
- CloudKit end-to-end encryption
- TLS
- Apple Pay, Paying with Apple Pay on the web
- Siri Suggestions
- Shared iPad
The document explains in detail how Apple features work and how they're protected. With Apple Pay Cash, for example, Apple says transaction data is stored for troubleshooting and fraud protection, while all money transfers are done securely using the Secure Element as with other Apple Pay transactions.
There are many small but significant details in the paper about all of the topics listed above, and for anyone who is interested in the security of their iPhones and iPads, it's worth checking out in detail.
Prior to today's update, the last update to the iOS security document was in July of 2017 following the release of iOS 10.3.
[ 28 comments ]
Top Rated Comments
(View all)
9 months ago
Thread will be filled with unrelated complaints about macOS security.
And it was the next post after yours.
9 months ago
The dumb buyers will trust anyone with their face data.... some random chinese company where your face data will be shared around online.
Huh, didn’t realize Apple was some random Chinese company that shares your data online.
9 months ago
WHOA. Huge deal here that everyone seems to be overlooking. Page 73 in regards to the Apple Bounty for vulnerability researchers (like me) now no longer only applies to Apple partners. This opening up of the system is a big change from when Apple first announced this at DEFCON.
9 months ago
Hardly anyone will read the entire pdf but almost everyone will have strong opinions on Apples ability to innovate, secure, and write software.
9 months ago
The dumb buyers will trust anyone with their face data.... some random chinese company where your face data will be shared around online.
9 months ago
Let me guess, your phone is a Huawei ('https://intelligence.house.gov/sites/intelligence.house.gov/files/documents/huawei-zte%20investigative%20report%20(final).pdf'), right? :rolleyes:
[doublepost=1515761243][/doublepost]
It's a good thing, right?
9 months ago
It must be true! No need to open source it, have it audited, or PROVE anything! They published a PDF, so it must be true!
9 months ago
It’s not. I didn’t say that. Geez.
[doublepost=1515820143][/doublepost]
I was saying Apple is the only one I’d trust with Secure Enclave and not cloud storage.
[ Read All Comments ]
With several of our recent giveaways focusing on Apple's new iPhone models that are launching today in the US and several other countries, today's giveaway goes back to the Mac. Rain Design...
Belkin today introduced its BOOSTUP Wireless Charging Dock for wirelessly charging an iPhone and Apple Watch at the same time. There is also a USB-A port for charging a third device like an iPad via...
Best Buy's one-day sale today is discounting a collection of Apple Watch Series 3 models (GPS + Cellular) that have been officially refurbished by Geek Squad. Prices for the aluminum models are...
Apple has launched a new iPhone XS and iPhone XS Max "experience" micro-site that puts its ".apple" top-level domain to use, as discovered on Reddit.
As noted by 9to5Mac's...
Microsoft has revealed that Skype is coming to Alexa devices. The partnership between Microsoft and Amazon means that owners of devices in Amazon's Echo range will soon be able to make outgoing...
In iOS 12, Apple added a new Effects camera in Messages that's similar to the live camera features in Snapchat and Instagram, allowing you to take a photo in the Messages app and then edit it...
Apple has given a straight-to-series order for drama series "Defending Jacob," which will star Chris Evans, known for his roles in "Captain America" and "The Avengers,"...
In iOS 12, Apple has introduced new password-related features that are designed to make it easier for iPhone and iPad users to create strong, secure, and unique passwords for app and website logins....
