Sign in Subscribe

Apple iOS 16 Security and Privacy Features

Abdus Saboor

5 min read
Apple iOS 16 Security and Privacy Features
New Security and Privacy Features in macOS Ventura, iOS 16, and iPadOS 16
iOS 16 will be available to all iPhone users (iPhone 8 and later) beginning this fall, a developer beta is available now.

Without applications, we would not be able to do much with our smartphones. Luckily, smartphones like iPhones can automatically update applications for you, or you can manually update one or all of them by yourself. Having said that, Apple has rolled out
  1. Lockdown Mode
  2. Rapid Security Response
  3. Pasteboard (copy and paste) permissions
  4. Safety Check
  5. Passkeys
  6. Protected Photo albums
1) Lockdown Mode
This is a protective mechanism for users who may be at risk of highly targeted cyberattacks from private companies developing state-sponsored malware/spyware.
This mode enables you to temporarily switch off certain core features of your iPhone that are frequently abused by spyware makers to break through and evade an iPhone’s security defenses. These features are:
  • Blocking most message attachment types (excluding images).
  • Disabling link previews in messages.
  • Turning off “just-in-time” (JIT) JavaScript elements unless you exclude a trusted website.
  • Blocking incoming invitations, service requests, and FaceTime calls from unknown contacts (unless you have previously initiated contact).
  • Limiting wired connections with computers and accessories.
  • Removing Shared Albums from Photos.
  • Preventing a device from being enrolled in mobile device management (MDM) as used by many company devices.
  • Preventing a device from installing configuration profiles, like those used to preview beta versions of iOS.
By blocking these features, your iPhone’s attack surface is vastly reduced, making it more difficult for someone to remotely plant spyware on your device.
The objective aims to protect the victims, like journalists, activists, human rights defenders, and even politicians whose phones are often targeted.
Image: Lockdown Mode
Image: Lockdown Mode
Enabling Lockdown Mode is easy, regardless of which device you are using.
  • Running iOS 16, head to the Settings
  • Privacy & Security menu
  • Then scroll down to the bottom of the screen and tap on the “Lockdown Mode”
  • Followed by the “Turn on Lockdown Mode” button
You will then get a pop-up window that notifies you of the restrictions you’re about to enforce. To continue, use the “Turn on Lockdown Mode” button then hit “Turn On & Restart” to confirm your decision.
2) Rapid Security Response
This new option lets your iPhone install security hotfixes as soon as Apple releases them.
You can currently choose to get security updates automatically, even if you do not allow other system updates to install without your intervention. This feature can allow a much quicker rollout of emergency and security updates, rather than waiting for the OS global updates to be issued, by processing the updates in the background. In this way, users can be protected immediately from actively exploited zero-day vulnerabilities.
Even though this is not an enterprise-only feature, Rapid Security Response could be one of the most important enterprise upgrades in this year’s roundup of software enhancements. 
Image: Rapid Security Response
Image: Rapid Security Response
When the software releases are public, IT administrators will have control over if their devices use Rapid Security Response, and if end users can block the removal of it.
  • allowRapidSecurityResponseInstallation
This control will disable Rapid Security Response. It appears that the feature will be enabled by default, so the IT administrators can use this command if they want to disable it. It is a good decision by Apple to enable this option by default, however, it is also a good idea for allowing granular control to let people have this changed. In certain environments, IT administrators will need control over each and every update.
  • allowRapidSecurityResponseRemoval 
This control will determine if end users can remove the Rapid Security Response option on iOS or macOS. For the same reason that some IT administrators might want granular control on removing it, others will want to force it on as it could limit zero-day threats being hit on your devices.
3) Pasteboard (copy and paste) permissions
Applications require your permission on an iPhone or iPad to access the information you have copied to the pasteboard. This means that the applications cannot see the text, image, or content you have copied that is ready to be pasted into another application by default.
Image: Pasteboard permissions
Image: Pasteboard permissions
This will prevent from automatically accessing sensitive information like a password copied from the password manager, or uploading that data without permission.
4) Safety Check
Instead of going through various sections in the settings with multiple steps, users will have a panic button of sorts to immediately disconnect their iPhones from all people, apps, and devices.
Image: Safety Check
Image: Safety Check
  • Running iOS 16, open the Settings app
  • Swipe down and tap Privacy & Security
  • Swipe to the bottom and choose Safety Check
  • Now you can use Emergency Reset or Manage Sharing & Access – Face ID/Touch ID or passcode is required
  • Emergency Reset will immediately reset access for all people and apps and help you review your account security
  • Manage Sharing & Access will let you customize which people and apps can access your information and let you review your account security
Apple recommends using the Emergency Reset Safety Check if you feel that your personal safety is at risk. No one will be notified that your sharing with them has stopped, but they may notice it.
5) Passkeys
Passkey is a new authentication method that replaces the traditional password. It was created in partnership between Apple, Google, and Microsoft based on the FIDO Standard.
Image: Passkeys
Image: Passkeys
What this means is that instead of remembering something you know (i.e., your password) to log in, or also something you have (i.e., your multi-factor authentication, for entering one-time passwords/codes), your device will authenticate. Instead of potentially insecure passwords, this system will create robust cryptographic keys that cannot be cracked.
Passkeys protect you from data breaches on websites because they are not stored on web servers, and from phishing, because they are specific to each website. They would not work on lookalike sites.
They will synchronize across your devices via iCloud, using end-to-end encryption, so that they are available on all your devices. If you need to log into that app or website via another platform, you can generate a QR Code of the unique key stored on your device to authorize a new one.
6) Protected Photo albums
While it would not be possible to lock the gallery and any other photo album on iPhone, it would be possible to hide photos in Apple’s Photos application.
The application creates an album entitled Hidden. In the future, both the Hidden album and the Recently Deleted album will be locked by default, which will only be accessible by entering your password, by using Touch ID, or Face ID to authenticate.
Image: Protected Photo albums
Image: Protected Photo albums

Sign up for more like this.

Enter your email
Subscribe