Apple has just released the latest version of its operating system, iOS 17.3, and it comes with a new feature that aims to protect users’ data from thieves. The feature, called stolen device protection, is disabled by default but iPhone users are encouraged to turn it on after updating to iOS 17.3.
The introduction of this feature comes after an investigation by Joanna Stern and Nicole Nguyen for the Wall Street Journal revealed that thieves have been stealing money and accessing sensitive data stored on stolen iPhones and iCloud accounts. The key piece of information that these thieves exploit is the passcode, which can be used to unlock a phone and change settings even when Face ID or Touch ID is enabled.
The thieves have been taking advantage of situations where they can easily obtain the passcode from unsuspecting victims. For example, one thief mentioned that he would approach people in bars late at night and ask to add them on Snapchat. Instead of asking for their username, he would ask to type it directly into their phone. Once he had the phone in his possession, he would lock it and ask for the passcode, which he would then remember for later use.
Once a phone is stolen and the passcode is known, the thief can unlock the device and change the Apple ID password in the phone settings. This allows them to disable Find My iPhone, making it impossible for the victim to remotely wipe their device. Additionally, thieves can access stored passwords, credit card details, and encrypted notes containing sensitive information.
To address this issue, Apple has introduced stolen device protection in iOS 17.3. When enabled, certain actions will require Face ID or Touch ID authentication, such as accessing stored passwords and credit cards. Changing the Apple ID password, passcode, and turning off stolen device protection also require a security delay. When attempting these actions for the first time, users are informed that they must wait at least an hour before making critical changes.
This security delay gives users the opportunity to remotely wipe their iPhone using another device if it has been stolen, ensuring that their data remains secure. However, if the user is in a familiar location such as their home or workplace, they do not need to wait an hour to make critical changes.
While this new feature is not perfect, Apple is striving to strike a balance between security and convenience. Users can easily enable stolen device protection by going to Settings > Face ID & Passcode > Stolen Device Protection.
By introducing this feature, Apple aims to provide iPhone users with an additional layer of protection against theft and unauthorized access to their personal data. It serves as a reminder to always be cautious when sharing your passcode and to enable security features that can help safeguard your device and sensitive information.
