Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Mobile & Wireless

Apple Testing New Stolen Device Protection Feature for iPhones

Apple is testing a new security feature that should limit what iPhone thieves can do with a stolen phone, even if they have the passcode.

iPhone exploit

Apple on Tuesday announced that it’s testing a new security feature that should prevent iPhone thieves from gaining complete control over the victim’s device and online accounts, even if the phone’s passcode has been compromised.

The Wall Street Journal reported earlier this year that many iPhone owners around the United States complained about having significant amounts of money transferred out of their accounts after their phone had been stolen. 

An investigation showed that the thieves, who typically targeted bargoers, were often part of a crime ring that stole phones, but not before one member of the group observed or recorded the victim entering the passcode to unlock the iPhone that would soon get stolen.

Knowing the passcode of the stolen phone enabled the thieves to take control of the victim’s Apple ID and access financial accounts from which they could transfer money to accounts they controled.

With the release of iOS 17.3 beta, Apple is testing a new Stolen Device Protection feature that adds an additional layer of security in case an iPhone gets stolen and the thief has somehow also obtained the owner’s passcode. 

When the feature is enabled, access to saved passwords is protected by Face ID verification. In addition, when someone attempts to erase the phone, use saved payment methods, apply for Apple Card, disable Find My, or use passwords or passkeys a security delay is triggered, which involves a biometric authentication check immediately and again after one hour.

This delay is not activated when the iPhone is at familiar locations, such as the user’s home or workplace.

The Stolen Device Protection feature can be tested by iOS 17.3 beta users by enabling it from the Face ID & Passcode screen in Settings.

Advertisement. Scroll to continue reading.

Related: Apple Sets Trap to Catch iMessage Impersonators

Related: Apple’s Rapid Security Response Patches Causing Website Access Issues

Related: Apple Preparing iPhone 14 Pro Phones for 2024 Security Research Device Program

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...

Mobile & Wireless

Samsung smartphone users warned about CVE-2023-21492, an ASLR bypass vulnerability exploited in the wild, likely by a spyware vendor.

Malware & Threats

Apple’s cat-and-mouse struggles with zero-day exploits on its flagship iOS platform is showing no signs of slowing down.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Critical security flaws expose Samsung’s Exynos modems to “Internet-to-baseband remote code execution” attacks with no user interaction. Project Zero says an attacker only needs...

Fraud & Identity Theft

A team of researchers has demonstrated a new attack method that affects iPhone owners who use Apple Pay and Visa payment cards. The vulnerabilities...

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Mobile & Wireless

Asus patched nine WiFi router security defects, including a highly critical 2018 vulnerability that exposes users to code execution attacks.