Thank you. Now I get it. So you can still use the device passcode to circumnavigate the biometrics, but only in a ‘safe place’. Sounds like a major improvement.
Do we have any idea what kind of control we will have over these locations? Is this perhaps the same thing as Settings > Privacy & Security > Location Services > System Services > Significant Locations?
One tricky thing I’ve though of : as of now, if a thief has your device and knows your passcode, they are now able to access settings / privacy / location / system services / significant locations and see at least one of your significant locations using the passcode. I’m hoping Apple is smart enough to also only allow the viewing of this option with biometrics.
In fact, access to Significant Locations is already protected with Face ID—it authenticates again once you go in there—so all Apple will have to do is remove the fallback on the passcode that’s available if you fail Face ID three times.
Yes, I do. Home address shows as home on my card. Work address as work too. Nevertheless, only my work shows under Significant Locations. Now I certainly spend too much time at work, but it’s not like I’m never at home.
Same here. I see the three most recent locations out of 278. The first one is work where I’m at now. But he next two are places I was at the day before yesterday. Home, however, where I was this morning and yesterday does not show up. ??? Perhaps it’s hidden, who knows. This brings up a larger point: if these locations are now becoming important for security related purposes, does it make sense to only show a small subset?
It does only show a small subset. When I looked the other day it showed the court house I’ve been traveling to for the last couple of weeks (jury duty), and just the court house - not my home - but court is not showing now when I look now, despite the fact that I was there today - it shows home (which didn’t show up the other day) and the restaurant my wife and I went to last night (the first time I’ve been there in over two years.)
My concern about these locations: if the thief has your phone, how hard would it be to figure out where you work or live? Your address is probably on the “me” contact card and your work location could be equally obvious based on contacts, emails, map data, etc.
Once the thief has that info, how hard would it be for them to go to one of those locations and try and reset your phone? How precise are the locations? If your work is a big office building, anywhere near it might be good enough and your back yard or sidewalk might be close enough to be considered “home.”
Then the biometrics fail, the fallback to the passcode turns on, and we’re right back to where we started with this whole mess! (Only now we have thieves lurking near our homes and work.)
Places where the shoulder surfing threat may occur are probably on your significant locations list—for example, a cafe where I often lunch showed up on mine. As I previously wrote, there may be times when your home or workplace is near enough to a suspicious place that you wouldn’t want it listed (this is especially true if you live in a multi-story mixed-use building). Hopefully, there will be some user control of this (and, of course, that choice should be covered by the Stolen Device Protection protocol.
My chief concern is if biometric checking ceases to work. I’ve outlined before some hopefully rare conditions that might cause that, but I don’t want its failure to turn my device into a brick.
While this is being discussed only for phones, tablets, and laptops could be compromised similarly. So, SDP would probably extend to them eventually.
In notify when left behind, tap “New Location” to add your current location or enter an address and pick the size of the geofence. I have always used my current location. It remembers previously used locations so you can add those as well. Note that this is unrelated to the significant locations previously discussed.