The latest version of Apple’s mobile operating system, iOS 16, was revealed at WWDC22, sporting big changes to the lock screen and notifications, along with some rather impressive Neural Engine-driven features. But the headline-grabbing changes are just part of the story – as usual, Cupertino has produced a laundry list of tweaks too long to publish in one article.
Apple has made privacy and security a key selling point for the iPhone (have you not seen the ads?), and this year the company is pushing the boat out. This is becoming a major battleground for tech developers at a time when hacks and scams are becoming more and more commonplace. Here are the seven key features coming to iOS 16 that you should know about.
By far the biggest of these is a feature directly targeted at those who can’t remember their passwords (which is pretty much everyone, and anybody who says otherwise either has eidetic memory or is lying) and resort to either using something very simple or reusing the same password on multiple services. Passkeys bypass all of that by letting you log in using only Face ID or Touch ID, thereby eliminating the one of the biggest security vulnerabilities in the online world.
According to the authentication consortium FIDO Alliance, which counts Apple as one of its members, passwords are the root cause of over 80% of data breaches. Up to 51% of all passwords are reused, and efforts to force users into creating stronger versions have had the opposite effect – one in three online purchases get abandoned because a user forgot their password.
Many of us use two-factor verification or a password manager like Apple’s own iCloud Keychain to suggest and store passwords, but some users may find these difficult to set up. All this may soon be a thing of the past – Apple and fellow FIDO members Google and Microsoft have promised to implement a new on-device authentication system in the coming year, and Cupertino’s version, passkeys, will be built into iOS 16.
We haven’t been able to test out the system yet, but Apple showed off how it works in an interview with Tom’s Guide. Essentially, passkeys consist of cryptographic key pairs: a public key on the server side and a private key stored on your device.
This is safer than using a password or a one-time password (OTP) as you never actually present the private key – you merely authenticate yourself using biometric verification on your device. Basically, you can never be phished by a person or website disguised as a legitimate business. Passkeys also make web servers less of a target for attacks, as they only hold the public keys – the private key never leaves your device.
Passkeys also use the iCloud Keychain to sync between all your Apple devices, and because it’s end-to-end encrypted, even Apple cannot access this data. This also makes it easy to retrieve your keys if you lose your device – you need to do is sign in to your Apple ID onto your new iPhone, iPad or Mac.
Additionally, you’ll be able to share passkeys via AirDrop and even use them on non-Apple devices, such as streaming services on your smart TV. The latter can flash a QR code that can then be read using your device’s camera, after which your iPhone takes over. Aside from iOS 16, passkeys will also be implemented into iPad OS 16 and macOS Ventura.
Another big feature coming to iOS 16 is Safety Check, designed specifically to help people escape abusive domestic or intimate relationships. Password and location sharing is common among partners, but this can be abused by one party in ways not originally intended by the other.
This new functionality allows individuals to cut off other people’s access to their personal data, aiding them in getting to safety. In its keynote, Apple said it worked closely with US organisations such as the National Network to End Domestic Violence (NNEDV), National Center for Victims of Crime and the Women’s Services Network (WESNET) when developing Safety Check.
We played around with this feature on the iOS 16 Public Beta and it’s a three-step process. First, you get to review who you’re sharing your data with on Apple’s own apps – location (Find My), health data (Health), photos, notes, calendars and smart home access (Home). Safety Check then lets you see which third-party apps have access to your phone’s data – including your camera, microphone, photos and contacts – and gives you the ability to revoke said access.
Lastly, you are asked to secure your Apple ID account; here, you can review which device you’re signed into, add trusted phone numbers, change your password, add emergency contacts and update your iPhone’s passcode. One neat feature is an ever-present Quick Exit button that immediately kills the Settings app in case someone walks up behind you.
Let’s be honest, most of us not the kind of people governments want to spy on, no matter what personal data we have on our phones. But make no mistake – state-sponsored spying is a real thing, and Apple is helping its most vulnerable users with a new feature called Lockdown Mode. As the name suggests, it puts your iPhone (or your iPad or Mac) into high alert, blocking off unnecessary functions to protect against mercenary spyware.
Apple says it will continue to strengthen Lockdown Mode and add new protections over time. It’s also offering bounties of up to USD2 million (RM8.9 million) – claimed to be the highest in the industry – to find and qualify vulnerabilities in the system.
The company has previous experience in trying to stop state-sponsored spying, patching an exploit being used by the Pegasus spyware last year. It has also sued the maker of the software, NSO Group, pledging to channel any damages into advancing cybersurveillance research and advocacy.
Rapid Security Response
This one will be familiar to people who use Android phones, because Rapid Security Response has been lifted directly from Google’s playbook. This feature essentially decouples critical security patches from general iOS software updates, allowing Apple to push them out faster to guard users against cybersecurity attacks and vulnerabilities.
The wording in the Settings app (under General > Software Update > Automatic Updates) suggests that you’ll will be able to install security patches independently of iOS updates and may not be required to restart their iPhone to complete installation.
Rapid Security Response could also allow Apple to issue security patches to previous versions of iOS in the future (just like how iOS 14 was supported even after iOS 15 was released) – another move that would be copied from Google. Like passkeys, this feature will also make its way to macOS Ventura.
iPhones already lets you know when you’re pasting text where it was copied from, but Apple is going a step further with pasteboard (also known as clipboard) permissions, forcing apps to ask users to allow pasting. This will allow you to deny them the opportunity to read what’s on your clipboard, which could contain sensitive information.
Apparently, when you paste something from your clipboard, you’re supposed to get a prompt that an app wants to paste something from another, giving you the option to approve or deny the request, per 9to5Mac. This didn’t seem to work on our beta, however, no matter what we tried.
Pasteboard permissions follows the addition of clipboard alerts in iOS 14 in 2020, in response to the revelation that apps could silently read what you’ve copied without you noticing. This prompted companies like TikTok to stop their apps from accessing the clipboard, and even Maybank had to assure customers that its MAE and M2U apps weren’t reading copied data every time they were opened.
Hidden and recently-deleted photos now locked
Photos get hidden or deleted for a reason, and iOS 16 will ensure those images are kept away from prying eyes, even if the phone is unlocked. The Hidden and Recently Deleted albums in the Photos – previously open for all to see – will now be locked by default and require Face ID or Touch ID authentication to access.
Other features of iOS 16
Set to be released around September – presumably shortly before the iPhone 14 goes on sale – iOS 16 debuts several new features, most notably the ability to customise lock screen fonts and widgets. There’s also a new multilayered effect for the wallpaper that leverages the Neural Engine’s ability to separate the foreground from background, which also enables a subject of an image to be lifted and placed into other apps. Live Text, which allows users to select text in photos, has also been expanded to videos.
For the few of you that do use iMessage, you’ll soon be able to edit and recall messages (both features lifted from Telegram), recover recently-deleted messages, mark conversations as unread and use SharePlay to have a virtual movie-watching or music-listening party. The Mail app will also be updated, allowing you to schedule and recall emails, resurface past emails and set reminders to follow up.
Other new bits include notifications that roll up from the bottom of the lock screen, a Live Activities display for things like sports game scores and food delivery progress, and a more powerful Focus modes with support for multiple lock screens. You also get the Apple Pay Later and order tracking functions in the Wallet app, which gets newfound usability in Malaysia as Apple Pay is now supported in the country.
Elsewhere, iOS 16 adds shared tab groups in Safari, multi-stop routing (finally) and transit updates in Maps, an easier way to set up a new device for your children, simultaneous voice and text input in Dictation, the ability to send emojis via text in Siri, a new Fitness app, personalised spacial audio, and various new accessibility features.