Privacy Is A Fundamental Human Right: Apple Renews Vow With Comprehensive Platform Security Update
Apple has updated the platform security guidelines that covers how the security mechanisms are implemented into all the software platforms and apps that you may use. This covers the entire ecosystem, the Apple iPhone, iPad, Mac computing devices, Apple Watch, Apple TV and more. The Apple Platform Security covers everything from hardware security and biometrics, system security, encryption and data protection, app security, services security, secure device management and network security which defines how your data remains encrypted and safe during network transmission. The popular apps that you use, including iMessage, FaceTime, iCloud and Car keys are covered, as are app security mechanisms for iOS, iPadOS and macOS, the Touch ID and Face ID security features and how Apple protects a user’s personal data.
The updated Apple Platform Security takes forward Apple’s focus on security and data privacy as the very core foundation of the apps and services that it builds for the iPhone and other devices. The guidelines that are part of the update cover iOS 14.3, iPadOS 14.3, macOS 11.1, tvOS 14.3, and watchOS 7.2 operating systems. “Apple believes privacy is a fundamental human right and has numerous built-in controls and options that allow users to decide how and when apps use their information, as well as what information is being used,” they say, in the documentation.
The robust security that Apple embeds in the iPhones, iPads etc., builds right from the hardware level, and not just dependent on security layers. It’s called the Security Enclave, something we have on all recent iPhones, iPads, the Apple Watch, HomePod and Apple TV. There’s a dedicated security chip in some cases, such as the Apple T2 chip in the Mac computing devices. It is the Security Enclave that is the foundation for generating and securing the keys required for encryption as well as evaluate and authenticate the biometric data for Touch ID and Face ID.
A very important element for iOS and iPadOS apps is Sandboxing, which simply means that third-party apps that you may install on your iPhone and iPad are restricted from accessing not just system files apart from the services provides by iOS and iPadOS, but they also are restricted from accessing files stored by other apps. This prevents unauthorized data collection, snooping and the potential to make changes to files for other apps.
Apple also details how your iCloud data is secured. And that’s crucial, because your iCloud account has your credentials and passwords, calendars, contacts, documents, photos and app backups, for instance. Apple says that file is broken into chunks and encrypted by iCloud using AES128 and a key derived from each chunk’s contents, with the keys using SHA256. The keys and the file’s metadata are stored by Apple in the user’s iCloud account.
At a time when data privacy of instant messaging apps, including WhatsApp, Signal and Telegram is the topic of debates globally, Apple tells us that iMessage security and encryption ensures end to end privacy for messages sent and received. The documentation says that when a user turns on iMessage on a device such as the iPhone or iPad, the device generates encryption and signing pairs of keys for use with the service. For encryption, there is an encryption RSA 1280-bit key as well as an encryption EC 256-bit key on the NIST P-256 curve. For signatures, Elliptic Curve Digital Signature Algorithm (ECDSA) 256-bit signing keys are used.
These are just some examples of how Apple is further fortifying the platforms, with the hardware and software combining to ensure user data privacy, encryption and security. The way the entire focus on privacy and security dictates how Apple products are built, it is a consistent follow through from the time Apple started implementing significant changes from iOS 13, iPadOS 13, macOS Catalina and the then update of the Safari web browser, and subsequently introduced Intelligent Tracking Prevention, no location history, Sign in With Apple and apps requiring clear consent for accessing the phone’s Bluetooth, for instance.