Since iOS 7 is here and Apple is doing its best to make your iPhone much more secure-able, not only your iPhone but also your MacBook. A good example is a new security feature called iCloud Keychain which allows you to sync all of your user names and passwords across all of your approved iOS and OS X devices. That way when you update or add a new user name and password to one of your devices, all the rest of your devices get the same update.
It’s also another example of Apple’s growing reliance on iCloud. But with great power comes great responsibility so privacy-minded users may ask themselves how exactly iCloud manages this growing mountain of personal information while keeping it safe and secure…
a new article showing how iCloud keeps your data safe.
It’s been updated alongside the Mavericks release earlier this week with the latest technical information pertaining to the security of Apple’s ever-growing cloud services.
The company distills iCloud security down into this easily digestible chart.
iCloud secures your data by encrypting it when it is sent over the Internet, storing it in an encrypted format when kept on server (review the table below for detail), and using secure tokens for authentication. This means that your data is protected from unauthorized access both while it is being transmitted to your devices and when it is stored in the cloud. iCloud uses a minimum of 128-bit AES encryption—the same level of security employed by major financial institutions—and never provides encryption keys to any third parties.
On iCloud Sessions
When you access iCloud’s web apps at iCloud.com through a web browser, your sessions are SSL-encrypted, including traffic between your devices and iCloud Mail and Notes. Any data in iCloud web apps accessed through either the web interface or stock iOS/OS X apps is encrypted on server as indicated in this table.
Find My iPhone
- You must turn on Find My iPhone, iPad, and iPod touch in iOS Settings before your device can be located.
- You must turn on Find My Mac in OS X System Preferences before your Mac can be located.
- Location data is sent from your device only when you request its location—it is not transmitted or recorded at any other time.
- Last known device location data is stored on Apple's servers in an encrypted format for 24 hours and then permanently deleted.
- Lost Mode data is stored on the device that is in Lost Mode and retrieved on-demand by you only.
- You are automatically signed out of the Find My iPhone app (on device or on the web) after 15 minutes of inactivity.
- Remote Lock allows you lock a device's screen to prevent others from accessing your data.
- Remote Wipe lets you permanently and securely erase your data from a device.
Find My iPhone and Find My Friends use a minimum of 128-bit AES encryption.
Last known location data is stored on Apple’s servers in an encrypted format for only 2 hours for Find My Friends and 24 hours for Find My iPhone, and then permanently deleted.
On iCloud Keychain
For those concerned about passwords and credit card information being kept on iCloud servers, Apple is using 256-bit AES encryption and “elliptic curve asymmetric cryptography and key wrapping” to secure your private data. These industry-standard encryption techniques are being used both in transit and in the cloud.
As for credit cards, iCloud Keychain stores the numbers and expiration dates, but not the security codes which you’ll have to type in manually in web forms. Moreover, iCloud Keychain items are not part of your iCloud Backup for the sake of heightened security.
And should you want to avoid iCloud Keychain backing up your data in iCloud altogether, skip the step for creating an iCloud Security Code when setting up iCloud Keychain. This will ensure your keychain data is stored locally and only synced across your approved devices. Keep in mind Apple won’t be able to recover your iCloud Keychain if you don’t create an iCloud Security Code.
So what do you think guys ? Apple is making a huge effort to make iPhone the most secureable device.