Apple debuts new feature to frustrate iPhone thieves – Help Net Security
Besides fixing an actively exploited zero-day vulnerability, the latest update for the iOS 17 branch offers a new feature to help you protect your accounts and sensitive information in case your iPhone gets stolen.
Stolen Device Protection
If enabled, the Stolen Device Protection feature makes it difficult for iPhone thieves to switch certain features on or off and perform certain actions if your iPhone is not at a familiar location such as your home or work place.
Fleeing crooks who may have stolen your iPhone after “shoulder surfing” your passcode (or having forced you to share it) will still be able to access your phone, but won’t be able to:
- Use passwords or passkeys saved in Keychain or payment methods saved in Safari
- Turn off Lost Mode or erase all content and settings
- Use your iPhone to set up a new device
- Apply for a new Apple Card, view an Apple Card virtual card number, or take certain Apple Cash and Savings actions in Wallet
That’s because the iPhone requires them to also successfully pass Face ID or Touch ID authentication.
Stolen Device Protection also enforces a security delay of one hour for making changes to critical security settings or the user’s Apple ID.
“If your iPhone is not in a familiar location, you must authenticate with Face ID or Touch ID, wait for the security delay to end, then authenticate with Face ID or Touch ID again to update [certain] settings,” Apple explained.
These include:
- Changing your Apple ID password, updating Apple ID account security settings, or signing out of your Apple ID
- Changing your iPhone passcode, adding or removing Face ID or Touch ID, resetting device settings, or turning off Find My and Stolen Device Protection
How to enable Stolen Device Protection on your iPhone
To switch on Stolen Device Protection, you have to have:
- iOS 17.3 installed
- Two-factor authentication enabled for your Apple ID
- A passcode, Face ID or Touch ID, the Find My service, and Significant Locations enabled on your iPhone
To enable the service, go to Settings > Face ID & Passcode > Enter your device passcode > Tap to turn Stolen Device Protection on.
Of course, the feature must be turned on before your device is lost or stolen and – Apple advises – should be turned off “before you sell, give away, or trade in your iPhone.”
It’s also good to emphasize that while this feature adds extra protection for some things “on” your iPhone, it doesn’t protect all of the information you keep on it. Thieved will still be able to access the contents of your various apps, for example, if access to those is not limited in some other way (e.g., protected with an additional password).
But the feature might give you enough time to perform preemptive actions such as changing your Apple ID password, removing your iPhone for your Apple account, and remotely erasing it.