Apple has recently introduced a new version of the iOS operating system, which includes several new features such as shared playlists in Apple Music and a new Unity wallpaper in honor of Black History Month. However, the most interesting addition in iOS 17.3 is the device theft protection feature.
This feature is the result of an investigation conducted by Joanna Stern and Nicole Nguyen for the Wall Street Journal. It was discovered that thieves were stealing money and gaining access to sensitive data stored on iPhones and their associated iCloud accounts, where they should be secure.
The reason why the passcode plays such a crucial role is its ability to unlock the phone and change certain settings. Even when Face ID (or Touch ID) is enabled, the passcode can still be used as a backup method to unlock the phone and make changes to the settings.
iPhone thieves have been taking advantage of this by looking for opportunities during nights spent in bars to strike up conversations with strangers and obtain their passcodes.
For example, a thief told Joanna Stern that he would try to convince his victims that he wanted to add them on Snapchat. Since it is often easier to enter contact information directly on someone else’s phone than to say it out loud, the thief would claim that he could enter his username directly.
When the person handed him their phone, the thief would lock it and say that the iPhone was locked. He would then simply ask for the passcode and remember it for later use.
After stealing a phone, the passcode can be used to unlock the device and change the Apple ID password in the phone’s settings. This allows the thief to disable the “Find My iPhone” feature, preventing the owner from remotely wiping their device.
Many iPhone users also store banking app passwords in iCloud Keychain and credit card information in Safari’s autofill. Thieves can also access encrypted notes in the Notes app to check for stored social security numbers.
They can also use Apple Pay. Again, the passcode can be used if Face ID fails – thieves can even register their own face in Face ID if they know the device’s passcode.
Apple is introducing a theft protection mechanism in iOS 17.3. When enabled, certain actions will require biometric authentication using Face ID or Touch ID, such as accessing stored passwords and credit cards.
In addition to requiring Face ID or Touch ID authentication, changing the Apple ID password, passcode, and disabling device theft protection also require security-related delays. After the first attempt to perform these actions, the iPhone informs the user that they must wait at least an hour to make the critical change.
This way, if someone steals your device, you have the ability to remotely erase your iPhone using another device to ensure that your data remains secure. However, there is one exception. If you are in a trusted location, such as your home or workplace, there is no need to wait an hour to make the critical change.
This is not a perfect solution, but Apple is trying to strike a balance between security and convenience. You can go to Settings > Face ID & Passcode > Device Theft Protection to enable this new security feature.
FAQ
The source of the article is from the blog newyorkpostgazette.com