Apple today introduced several new security features focused on fending off threats to user data in the cloud, including end-to-end encryption for backups for iCloud users.
Along with end-to-end encryption for iCloud, Apple’s cloud storage and computing platform, the company announced iMessage Contact Key Verification, allowing users to verify they are communicating only with whom they intend.
AppleApple also announced hardware Security Keys for Apple ID, giving users the choice to require two-factor authentication to sign into their Apple ID account. (Hardware security keys use devices, such as USB thumb drives or near-field communication (NFC) dongles, to enable access to a service or application.)
Calling it Advanced Data Protection, Apple said it’s expanding iCloud encryption capabilities from 14 “sensitive data categories” protected by end-to-end encryption in 23 new categories; included in those categories of protected data will be backups, Contacts, Notes, Photos, Voice Memos and Wallet Passes. Previously, iCloud end-to-end encryption capabilities applied only to more sensitive data, such as passwords in iCloud Keychain and personal health data.
The only data categories still not covered by Advanced Data Protection is iCloud Mail, Contacts, and Calendar because they’re needed “to interoperate with the global email, contacts, and calendar systems,” Apple said in a statement.
Advanced Data Protection for iCloud is available in the US today for members of the Apple Beta Software Program and will be available to all US users by the end of the year. The feature will start rolling out to the rest of the world in early 2023, Apple said.
iMessage Contact Key Verification will be available globally in 2023, with Security Keys for Apple ID available globally in early 2023.
AppleThrough Security Keys, users can choose third-party hardware security keys create a two-factor authentication scheme.
The feature is designed for users who, often due to their public profile, face concerted threats to their online accounts, including celebrities, journalists, and members of government, Apple said.
“With iMessage Contact Key Verification, Security Keys, and Advanced Data Protection for iCloud, users will have three powerful new tools to further protect their most sensitive data and communications,” Craig Federighi, Apple’s senior vice president of Software Engineering, said.
Apple said the enhanced data security features for iCloud are needed “more than ever” because the number of data breaches more than tripled between 2013 and 2021, “exposing 1.1 billion personal records across the globe in 2021 alone.
“Increasingly, companies across the technology industry are addressing this growing threat by implementing end-to-end encryption in their offerings,” Apple said.
Apple, however, has been a slow follower in encryption. For example, more than a year ago, Facebook’s WhatsApp added full encryption for messenger and data backups.
