What is Stolen Device Protection for iPhone and how does it work?

Take that, iPhone thieves — Apple is about to make it even more difficult to use its smartphones when you have no right to do so. In the upcoming iOS 17.3, it is testing out a new security system called “Stolen Device Protection.”

Here’s a look at what this is, and what it does.

Apple’s beta notes explain: “Stolen Device Protection adds an additional layer of security in the unlikely case that someone has stolen your iPhone and also obtained your passcode.”

The company explains the features this way:

The idea is that Stolen Device Protection introduces another obstacle that makes it difficult for thieves to gain access to your data, erase it, or delete the device to factory fresh status for resale.

If someone has your device and attempts to make such a change, there will be a one-hour delay after which whoever has the device must successfully login again. That one-hour delay could be critical when using Find My to track device location.

Basically, Stolen Device Protection adds another layer of authentication that needs to be completed if someone has both your iPhone and its password.

This double verification process provides an additional authorization barrier to protect the device and the information it contains. To achieve this, Stolen Device Protection uses Location Data, specifically frequently visited places such as your home or office.

So, if a colleague or family member has access to your device and your passcode and attempts to pry inside your iPhone, they will be able to if they are in the same place you usually happen to be.

Recent reports say criminals have peered over a user’s shoulder while the victim enters their password before seizing the device. That’s just one of a multitude of ways criminals will attempt to seize or guess a user’s passcode.

Once a criminal has both the device and the passcode, they can then change the Apple ID password, turn off Find My protection, steal your account and credit card details and passwords, and sell your iPhone for a profit.

Apple knows all about iPhone crime and has a track record of anti-theft measures it’s put in place to protect devices. In October, it attended meetings at government level focused on device protection. We’ve also been warned that criminals accessing these phones end up opening people’s digital lives. Even if criminals aren’t chasing data, they can shift iPhones they are able to open up for good money or sell those they can’t return to factory setting for spare parts.

The big take away behind this protection is that no one should ever share their passcode with anyone, bar their most trusted contacts. However, we now have slightly more protection in the event we do share our passcode.

We don’t yet know whether Apple will extend its device management protections so  that Stolen Device Protection can be enabled remotely using MDM solutions. It seems plausible.

In any case, enterprise users should already use device management systems that enable them to remotely wipe and reset their mobile fleets. Not only does doing so provide additional security, but managed devices are inherently a little harder to reset to factory status, even if a criminal does get through the authorization process.

As iPhones become harder to steal, casual criminals will inevitably target other less well-protected devices, despite the higher selling price iPhones command. Apple’s decision to introduce this protection follows reporting from the Wall Street Journal earlier this year of incidents in which thieves spied on users to steal passcodes before taking the iPhone.

At that time, Apple said: “We sympathize with users who have had this experience, and we take all attacks on our users very seriously, no matter how rare. The thefts described are uncommon and require multiple physical steps — stealing a user’s device is not enough…. We will continue to advance the protections to help keep user accounts secure.”

We can now see the company meant that promise.

Once iOS 17.3 ships, Stolen Device Protection will not be enabled by default. The protection can be enabled in Settings>Face ID & Passcode>Stolen Device Protection.

Please follow me on Mastodon, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe.

http://www.computerworld.com/category/security/index.rss

Leave a Reply