The Weekly Breach Breakdown Podcast by ITRC - Passkey The Privacy - S3E24

Show Transcript

Pass-key the Privacy

Welcome to the Identity Theft Resource Center’s (ITRC) Weekly Breach Breakdown for September 9, 2022. Each week, we look at the most recent events and trends related to data security and privacy. This week, we talk about the new features in the latest iPhone and operating systems from Apple that will help protect your information, highlighted by Apple passkeys. We’re calling this episode “Pass-key the privacy.”

Apple Passkeys to be Implemented in iPhone 14

A few months ago, Apple announced it would introduce a new passwordless process for logging into online accounts later this year. Well, it’s later, and when the new iPhones start to deliver next week, they will include a feature called “passkey.” Eventually, as Apple operating systems are updated, all Macs, iPads and iPhones will be password-free or have the option to be.

How to Login Using an Apple Passkey

Using Apple passkeys will be similar to using a password, except passkeys are unique digital keys generated for each app or website you use. When you visit an app or a website for the first time, you’ll have the option to create a passkey instead of a password for the account. Your device will prompt you to choose Face ID, Touch ID or another authentication method to create the passkey.

Once you’ve created the Apple passkey, it’s stored in iCloud’s Keychain and synced across multiple devices. That means your passkeys will be available on your iPad and MacBook without any extra work. Passkeys will also work in Apple’s Safari web browser.

What Apple Passkeys Mean for Your Privacy and Security

No security system is bulletproof, and you can be sure the threat actors of the world are already working on ways to defeat this new system. However, Apple passkeys are a dramatic improvement over the current system of passwords.

Passkeys are strong, can’t be guessed by criminals, or reused. They are not stored on servers – they’re kept on the device itself – which means they are not a target for identity thieves looking to steal databases of passwords. Also, since you can’t easily trick someone into giving up a passkey, it will be much more difficult to launch phishing attacks.

The rollout of Apple passkeys is one of the largest implementations of password-free technology. It builds on years of work by the FIDO Alliance, an industry group made up of tech’s biggest companies, which the ITRC supports. Apple’s passkeys are its version of the standards created by the FIDO Alliance, which means the same passkey will eventually work with Google, Microsoft, Meta and Amazon’s systems and devices.

No SIM Cards in the iPhone 14

There’s one other security enhancement in the new iPhone 14. No more SIM cards. Apple is going all-in on a virtual SIM built into the phone. That means no more SIM swapping attacks or thieves immediately removing SIM cards to defeat the Find My Phone feature when your iPhone is stolen.

Contact the ITRC

If you think you have been the victim of a data breach or other identity crime, visit our website www.idtheftcenter.org. You can also speak with an expert advisor on the phone (888.400.5530), chat live on the web, or exchange emails during our normal business hours (Monday-Friday, 6 a.m.-5 p.m. PST). 

Be sure to listen to our sister podcast, the Fraudian Slip, to learn about the latest trends in identity crimes. Listen in two weeks when we discuss our 2022 Consumer Impact Report that looks at how consumers were affected by identity crimes last year. Also, in October, we’ll publish our report on how small businesses are impacted by identity crimes and cyberattacks.

We will return next week with another episode of the Weekly Breach Breakdown.