Apple iOS update


Apple’s new Stolen Device Protection feature adds privilege escalation to the iPhone by requiring a user’s biometric confirmation before allowing certain sensitive commands to be carried out. Features like this are important as increasing amounts of personal and business data are processed by mobile devices.

Without multiple layers of protection, thieves would be able to access a user’s entire digital life, from personal photos to bank accounts and emails, just with a PIN code, which is easily observed when the phone is used in public spaces.

Stolen Device Protection uses the well-established security principle of ‘trust but verify’ to add additional checks before performing sensitive functions on the device. The commands that require identity verification under the Stolen Device Protection feature include erasing the iPhone, utilising Apple Wallet and accessing and changing passwords, which prevents criminals from locking the user out of their accounts and stealing sensitive information from any number of apps.

When users update their devices to iOS 17.3, we strongly recommend they turn on Stolen Device Protection to reduce the attack surface area.