Contrary to its original somewhat secretive stance on iOS security, in recent months Apple has been providing a steady stream of inside information relative to company efforts regarding security measures installed on their mobile devices. By now, you’ve probably heard about the iOS security white paper, in which Apple security gurus detailed much of the technology and some of the thought processes which have guided its policy on keeping the mobile platform secure.

All this comes at a time when the efforts of hackers to compromise cell phone security are steadily rising, and smart phone security faces more and greater challenges than at any time in the past. Here are a few of the ways Apple is attempting to secure its mobile platform against the concerted efforts of those determined to breach it.

iMessage data 

It turns out that Apple’s claim of protecting iMessage data by end-to-end encryption is right on the money – messaging really is 100% protected by encryption. The Apple strategy relies on the use of two very long numbers, secured cryptographically, each of which is used to decrypt information encrypted with the other.

By activating iMessage on your Apple device, a pair of keys are generated by iOS, with the public key being sent to Apple and the private key being stored in local memory. When you have an incoming message, the public key belonging to your device is used to encrypt a separate copy of that incoming message, and the message itself is encrypted by Apple and then forwarded to your device.

On your device, the private key is then used to decrypt the incoming message, and all you see is the original message sent by the user. Since your private key is never transmitted over the Internet, your messages can never be read anywhere other than on your device. Voilà – message security!

Secure charging

While some people have complained about the fact that Apple requires its own specific Lightning cables to be used to charge up its mobile devices, there is actually a nice security benefit at the heart of this arrangement. Each of these charging cables includes a special authentication chip made by Apple, and used by the iOS to verify that the charging cable was made by an authorized manufacturer, and is therefore compliant with all Apple manufacturing standards.

The chip does more than verify that the cable manufacturer is authorized however – it contains a digital certificate known only to Apple which guarantees that the cable cannot have been made by a data hijacker interested in siphoning off data from your phone, or injecting something nasty into it.

This approach has been so successful that it has been extended to include practically all accessories which aspire to Apple compatibility. Any such product must have that same chip included to communicate with the iOS, and properly identify itself as an authorized manufacturer, otherwise it probably won’t work on the Apple device.

This ensures that any vendor making Apple-compatible devices must participate in the Made for iPhone program, so it can receive the chips directly from Apple and include them in the manufacture of their own products. But this kind of exclusivity also guarantees that no unauthorized parties are able to inject malware into your smart phones or other Apple devices.

Siri security

Siri is Apple’s digital assistant, and fulfilling that role is something of a balancing act, with supplying maximum effectiveness for users, while also maintaining privacy and a high level of security. As you might guess, many of the most complex operations involving Siri actually take place on Apple servers rather than in local memory on your cell phone.

This requires that some amount of personal data be sent to Apple along with the request for information, so that an exchange can work smoothly. The information sent to Apple’s servers is constrained by a technology known as progressive disclosure, which limits the amount of information, such that only information necessary to provide an accurate response needs to be sent to Apple.

For instance, if you’re looking to find the closest gas station, Apple servers may request only a more accurate location and nothing else. All information which was supplied for the purpose of refining Apple’s response back to the requester, is then deleted after 10 minutes. In this way, no personal data is ever maintained on Apple servers for any duration, yet Siri is fully capable of providing requested information, with the full cooperation of remote Apple servers.

Ultra secure memory

The iPhone’s CPU, which has been dubbed the A7, includes a very special coprocessor known as the ‘secure enclave‘, which provides iOS with an area of memory that is ultra-secure. During the manufacturing process, the secure enclave is assigned a unique digital identifier, which not even Apple knows. This means that no information can be taken from this secure memory area without your explicit permission, even if your phone were to be stolen or hacked by a master.

This enclave even has its own mini-operating system, and boots up separately from the rest of the device, at which time it verifies that the software running it is officially authorized by Apple. All communications between the enclave and other components of your phone occur within a securely encrypted area of memory, which is protected by a different re-encryption key every single time the device is rebooted.

The reason for these ultra layers of security is that many of the most critical and sensitive information regarding your device are stored in this special area of memory. For instance, if you were to use Touch ID to unlock your iPhone with the use of your own fingerprints, all the digital information relative to this process is stored in the secure enclave.

iOS Security Apps 

A number of security apps are emerging for use on your Apple smartphone, and some of been around for a while. Here is a partial list of some of the better apps currently available:

  • GadgetTrak – if your iPhone is stolen GadgetTrak will allow you to take a photo of the thief, and it will display your device’s location at pre-set intervals, so that in addition to seeing past locations of your phone, you can also see its present location
  • Virus Barrier iOS is able to scan files (on-demand only) for Mac and Windows malware, so that email attachments and other files accessible from your iPhone can be safety-checked
  • Splash ID is an app which allows you to safely store your online passwords, credit card data, registration codes, and account numbers. It automatically generates very strong passwords, and data is protected by 256 bit encryption
  • iDiscrete protects files of a great many types, including documents, images, videos, and sound files, and when an unauthorized user attempts to access them, a fake loading screen is displayed
  • Webroot SecureWeb is a very handy app which provides an exceptional mobile browser that does URL-filtering to protect your phone from malicious websites. The app connects with its manufacturer’s database of known websites and companies for up-to-the-minute protection, so that all search results can then be designated as either safe or risky websites

iOS Security Settings 

The security settings that you should use on your iPhone will depend on which version you have of course, but for the sake of discussion, let’s assume that you have iOS 9, and talk about the security settings that you should change immediately after installing it on your device.

  • Locking the door – When you set up your iOS device, you can create a passcode that encrypts your entire iPhone plus storage, and this then becomes a device key which serves to protect your phone from others. To enable this, you navigate to Settings>Touch ID & Passcode, choose Turn Passcode On, and choose Passcode Options. From here, create a six-digit passcode which will be strong enough to deter even the most persistent hackers
  • Disable tracking – there are a great many apps that want to use your location information, even if they’re running in the background. By disabling tracking, all apps are forced to ask if you will allow location tracking for a given function, and then you at leaste have the opportunity to selectively choose
  • Prevent apps from uploading your personal data – a great many apps on your phone will ask you the first time if it’s okay to upload personal information, and if you say ‘yes’, that becomes the default for that app. To maintain personal privacy, you can go to Settings>Privacy, and for every app you can switch ‘on’ or ‘off’, depending on which apps you want to give access to
  • Use Do-Not-Track service when searching – all the major search engines track users while searching, but a new search engine called DuckDuckGo does not. To enable usage of this search engine, go to Settings>Safari>Search Engine, and select DuckDuckGo as your search engine of choice when using Safari, Siri and other apps
  • Enable fingerprint security with Touch ID – to enable fingerprints and thumbprints for securing your iPhone, go to Settings>Touch ID & Passcode, and register your fingerprint or thumbprint, after you have enabled the Phone Unlock setting
  • Enable Find my iPhone – if your phone becomes lost or stolen, this app will locate the device anywhere on the map, and you can also select Send Last Location, which sends your device’s location to Apple servers before it gets powered down. To enable this, go to Settings>iCloud>Find my iPhone, and just set it to ‘on’
  • Require a password with every app purchase – for your own safety, make sure that each app requires your password or fingerprint, in order to prevent multiple purchases being applied to your credit card after the initial authorization
  • Change your default Hotspot Password for Wi-Fi – even though iOS 9 is equipped with a strong personal Hotspot Password, it’s worth your while to change it, and establish an even stronger one which includes a combination of letters, numbers, and special characters
  • Prevent advertisers from tracking your location – it’s a good idea to block advertisement cookies and trackers to keep your location private. First of all go to Settings>Privacy>Advertising, and enable the option for Limit Ad Tracking. Tap the Reset Advertising Identifier option, and accept any prompts which follow. To prevent iPhone location-based tracking, you can go to Settings>Privacy>Location Services>System Services, and select those services which you want to disable. Some services track you for location-based advertisements and alerts, and you can prevent this with these system settings

Beefed-up iOS security 

Everyone benefits from all these security measures on the iOS, from the casual phone user, to the power user, to professionals who are on the phone all the time, for instance members of a digital ad agency. or a digital media company. Information that is important to a private user is doubly so to professionals, whose reputation depends on maintaining privacy and security of sensitive data entrusted to them. Whether you’re a teenager networking with friends, or a power player working for a digital marketing agency, Apple’s beefed-up iOS security is good news for you.

Leave a Reply

Your email address will not be published. Required fields are marked *