9+ iOS 12 security improvements you should know about

Apple has shipped iOS 12, and it’s packed with new security improvements and settings every user should know about.

Apple, iOS12, iPhone, iPad, security, USB Protected Mode, Autofill, Hack, mobile
Reuters / Elijah Nouvelage

Apple has shipped iOS 12, and it’s packed with new security improvements and settings every user needs to know about.

Ad tracking

Apple has made it much harder for data harvesting companies to exfiltrate your data without you knowing.

Safari in iOS 11 blocked third-party cookies that tracked you across multiple websites and cookies older than 30 days in age.

iOS 12 also gives you the option to block social media sharing icons and comment boxes from tracking you. Apple has also made it much harder for fingerprinting technologies to track and identify you by gathering information about your device, such as capacity or installed apps.

Autofill Passwords

You can now disable the Autofill Passwords feature in Passwords and Accounts if you don’t want to make use of this. You can also ask Siri to show you passwords from your iCloud Keychain, though it will first ask you to prove your identity with your device passcode/Touch ID/Face ID.

Automatic Software Updates

While it is excellent security practice to install all available software updates (particularly security updates) when they ship, some enterprise IT security policy may demand a slight delay.

If there is no policy against it, every iOS users is better protected by ensuring Automatic Software Updates are enabled (set to Automatic) in Settings>General>Software Update.

I do think some enterprises would find it useful if Apple created a setting to install updates after a specified delay, as this would enable internal approval systems to take place before installation. However, for most users, automatic software updates is the way to go.

Express Cards with power reserve

Not precisely a security feature, but new to iOS 12 and rather useful: Apple has made it possible for iPhones to support Express Card transactions when the device runs out of energy.

What that means is when you use your iPhone’s Wallet to carry your transit card or student ID you may still be able to prove who you are even when your iPhone is out of power, which wasn't possible until now.

“Pressing the side button displays the low battery icon, as well as text indicating Express Cards are available to use. The NFC controller performs express card transactions under the same conditions as when iOS is running, except that transactions are indicated with only haptic notification. No visible notification is shown,” Apple states.

Supported iPhones automatically include this feature with a transit card designated as the Express Transit card or student ID cards with Express Mode turned on.

Face ID: Secondary appearance

iOS 12 lets users set up a secondary appearance for use with Face ID.

Apple says this is for people who may look dramatically different for some reason, (with and without a beard, for example), but many users are likely to use the secondary appearance feature to make it easier to share their iPhone X-series with others.

This may not be the most secure decision.

Apple warns that adding a secondary appearance decreases the probability that a random human can unlock your device from 1 out of 1 million to 1 out of 500,000.

(Interestingly, if you have five fingerprints registered with Touch ID, that probability rises to 1 out of 10,000, Apple says.)

Help keeping more secure passwords

Announced at WWDC 2018, iOS 12 provides password auditing tools that warn you when you use the same password twice and helps you change them.

You’ll find the tool in Settings>Passwords & Accounts>Website & App Passwords.

  • Enter your passcode to get inside this section, and you’ll see a list of sites and passwords there.
  • You will also see a small warning symbol appear beside any items in the list that use the same passwords.
  • Tap the listed item, and on the next page you’ll find the name of the service, your user name, and your current password.
  • Tap Change Password on Website, and iOS will take you to the site so you can change the password to something unique – it will even suggest new passwords to you.

SecurityCode Autofill

This new iOS 12 tool makes it much easier to use two-factor authentication (2FA) on your device. Until now, when you receive a text containing your one-time authentication code, you have had to take a look inside Messages for the code, copy and paste or memorize it and then manually enter it into the authentication window of the website, app, or service you want to use.

iOS 12’s Security Code Autofill makes this a little easier by automatically recognizing the code and making it possible to enter it inside the relevant window in one tap on the QuickType window.

The convenience should make users more likely to use 2FA, but security experts still warn us to double-check the code before use.

Siri Suggestions and Shortcuts

Siri is smart enough to suggest things you might want to do, including providing you with potentially useful Siri Shortcuts. It is important to understand that these suggestions are based on on-device machine learning, which means information about you, your employees, or their habits is not shared with Apple in any way that can identify the user.

Apple has said that Siri Shortcuts, which can be set to sync between all devices with the same Apple ID, are protected by anti-malware definitions to prevent people from adding malicious JavaScript to them.

Siri Shortcuts can be shared over iCloud. You can prevent this behavior by switching it off in Settings>Shortcuts (on the app list) and toggle to off (white).

USB Restricted Mode

This new security feature is designed to prevent third parties from accessing data on iOS devices using USB-based tools that bypass device security. When Apple’s USB Restricted Mode is enabled, no one can use these tools to access your data from one hour after the device was last unlocked by you.

USB Restricted Mode is managed in Settings>Touch ID & Passcode (or Face ID on X-series iPhones) and make sure that the USB Accessories setting is set to Off.

Apple has also made it much harder to change a device’s passcode when it is in Device Firmware Update (DFU) mode in iOS 12, though only on A12 processors.

More information

Apple has published an updated security white paper detailing all the different security protections inside iOS 12. It includes details pertaining to all the latest security enhancements, including Siri Suggestions, Siri Shortcuts, the Shortcuts app, Screen Time, Password AutoFill Student ID cards, and more. The document also confirms that Screen Time data is protected by end-to-end encryption.

Google+? If you use social media and happen to be a Google+ user, why not join AppleHolic's Kool Aid Corner community and get involved with the conversation as we pursue the spirit of the New Model Apple?

Got a story? Please drop me a line via Twitter and let me know. I'd like it if you chose to follow me on Twitter so I can let you know about new articles I publish and reports I find.

Enterprise mobility 2018: UEM is the next step
  
Shop Tech Products at Amazon