if you use the icloud, you can start 2023 by strengthening your account security. Apple unveiled the feature Advanced Data Protectionwhich expands the end-to-end encryption of the service for various categories of data such as photos and backups. To top it off, the company also announced support for physical keys in two-factor authentication (2FA).
End-to-end encryption is nothing new in iCloud. What such Advanced Data Protection does is expand the resource from the current 14 to 23 categories of data.
With this, almost everything on the service can be protected. In addition to photos and backups, the novelty applies to reminders, notes, Siri shortcuts, bookmarks in Safari, among others. Only emails, contacts and calendar are left out because they need to communicate with external systems.
According to Apple, Advanced Data Protection ensures that protected data is decrypted only on user devices. Thus, data in iCloud is protected even if the account is hacked. Not even the company itself will be able to decrypt them, after all, Apple will not have access to the encryption keys.
When does Advanced Data Protection arrive?
In the United States, Advanced Data Protection is now available to Apple Beta Software Program participants. There, the general public will have access to the resource until the end of the year. In the rest of the world, the novelty will be released in early 2023.
End-to-end encryption expansion works on iPhones, iPads and Macs starting with the following systems: iOS 16.2, iPadOS 16.2 and macOS 13.1.
At least in the initial phase, the feature will be optional and will be disabled by default. It will be up to the user to activate it. When this is done, access to the icloud.com will be deactivated. This access can be enabled, however. To do so, the browser and Apple will be able to temporarily access the cryptographic keys.
Support for physical security keys
In addition to expanding the end-to-end encryptionApple announced support for physical keys as a two-factor authentication on iCloud and other Apple ID-based services.
This means that these services will work with devices that support standards such as FIDO/U2F🇧🇷 Yubico keys are a good example.
Another security announcement is contact key verification in iMessage. This is a mechanism that the user can use to check if, in fact, he is communicating with a certain person (and not with someone impersonating him).
Both features will also be available from 2023.
https://tecnoblog.net/noticias/2022/12/08/apple-amplia-criptografia-do-icloud-e-anuncia-autenticacao-com-chave-fisica/