Originally published at: Turn On Stolen Device Protection in iOS 17.3 - TidBITS
Apple has made good on its promise to add Stolen Device Protection to iOS 17.3, allowing users concerned about iPhone passcode and snatch-and-run theft to require biometric authentication and sometimes a delay to carry out critical security and financial actions. We look at what it does and doesn’t protect, how to turn it on, and who can’t use it.
3 Likes
I haven’t installed 17.3 yet but I did check to see if my Significant Locations was enabled, and it was. I then saw that it had accumulated 84 locations in the last two months, with only the last one (one of our favorite restaurants where we had dinner two nights ago) showing on a map. I could find no way to see the 84 locations, thus no way for me to decide if I want each of those locations to qualify as a ‘familiar location’ where Stolen Device Protection (SDP) would allow changes.
Although I think SDP is an excellent idea, there’s a possibility that it might think a location would be ‘familiar’ but where in my judgement I would want SDP to block changes. As with everything else in life, there are trade-offs. SDP goes a long way toward fixing the problem with only this minor trade-off – much better than no protection at all which is what we had before SDP.
Apple doesn’t say how significant locations are determined by the iPhone, and apart from the most recent one, there’s no way to know what locations are included. My guess, though I don’t know this, is that the number of records doesn’t equate to the number of significant locations.
I’ve been paying a bit more attention since this feature shipped, and I did get a significant location for Cornell’s Barton Hall, where I go every Tuesday to direct track workouts, and have been to twice in the last two weekends to direct track meets. That seems fair—it’s a regular stop. My house is, of course, a significant location, and I’ll bet that the Ithaca College weight room, where I go twice a week for workouts, will also qualify.
My gut feeling is that the iPhone’s significant locations will match pretty well with what we would think of as significant locations. As to whether those locations are places you’d be comfortable allowing more important security changes, there’s no way to say.
I was a bit surprised that it was possible to see the most recent significant location with just the passcode. (Face ID is required to look at it, but you can fall back on the passcode.) That feels like a small vulnerability, since a thief could steal the passcode, steal the iPhone, and then go to the last location to avoid the need for biometric authentication. It’s a much higher bar, of course, and likely provides enough time to lock the iPhone remotely, but still…
Of course, if you never enter your passcode in public, you’re still largely safe from such attacks.
Is there any way to see the whole Significant Location list? It appears to show every location where you spent more than 15 minutes or so in the last few days. For example, when I checked yesterday, it showed a restaurant that I had never been to before the previous evening. When I checked today, it showed the grocery store I shopped at yesterday. From the descriptions of how shoulder surfing theft works, I would bet that in many cases, they occur in a place listed in Significant Locations.
So, I don’t think the Significant Locations list is the right thing to use for the Stolen Device Protection. Also, in general, I’d like the ability to edit the list rather than just trash it.
1 Like
It’s always been my understanding that Apple Pay does not require Internet connectivity. The phone does its part of the processing on-device (much like a contactless credit card) and the connection to the bank is via the merchant’s payment terminal.
I completely agree. If I’m a regular barfly (someone likely to be taken in my one of these criminals), then the phone may well identify my local pub as a significant location. Which undermines the entire point.
I would like to be able to manually select trusted locations (and of course, protect access to that list with the same security as your biometric IDs). For myself, this would be my home and maybe my parents’ home and my wife’s parents’ home and nowhere else, no matter how often I may go there. (I work from home full time, so no office for me).
But instead, my phone has 76 locations, of which I can only see one (my home). I have no way to review or remove individual locations. I had that ability in prior versions of iOS, but no longer.
Not any more. It used to be available, but Apple removed access for some reason known only to them. I think they got spooked when some people were reviewing the list and blogging about how Apple is tracking their whereabouts.
Which also means that you can’t edit the list. You can only clear it, which will remove actual significant locations, like home and work, making SDP really inconvenient until those locations get eventually put back on that list.
Hmm! @glennf added that in editing, so let’s see what he says.
I just had a thought, which is that despite what Apple claims, you can use Stolen Device Protection without Significant Locations enabled. In that case, as my testing implied, you always have to go through the extra authentication no matter where you are. That eliminates the vulnerability of a thief being able to go to the most recent significant location to sidestep the extra authentication.
I don’t have a sense of what other features would be hurt by the loss of Significant Locations.
That’s my mistake: you can’t get updates on transactions, of course, but using only stored information, a transaction can take place.
Weird omission for Apple, then!
1 Like
Interesting. Apple doesn’t seem to document in technical support notes that Apple Pay works without an Internet connection. Other sites claim this and I’m sure it’s true. But how odd the company doesn’t mention it. I wonder if they reserve the right to change that.
Now, if you mark you phone as lost before a thief can use Apple Pay with a passcode, I wonder what happens if the phone is offline: in lost mode, “For applicable devices, payment cards and other services are suspended.” Does that mean Apple disables them over the credit/debit-card network, too?
I immediately activated SDP, but left Significant Locations off, since I find them obscure. I rarely, if ever, have to change the settings protected by SDP, and would in case take into account the hassle of the waiting period.
1 Like
Do we actually know what the exact connection is between Signifiicant Locations and SDP? Has Apple anywhere mentioned anything explicit in terms of excluded locations other than home? Is this just an example (and they perhaps refrain from offering others such as work*), or is perhaps hoem the only exempted location?
*) I tested work after home. Made sure my iPhone saw me at work and then tried shutting SDP off with FaceID obscured. That triggered the 1-hr delay leading me to wonder if work is actually an exempted location.
1 Like
I’ve seen no solid documentation of Significant Locations other than what we linked in the article, which is nearly content-free.
Nothing much seems to hit in the Apple Platform Security site.
This page says this:
Familiar locations typically include your home, work, and certain other locations where you regularly use your iPhone.
And that’s as much detail as I have seen.
I too find the “Significant Locations” ambiguity troubling. I looked at my settings after I saw this article, and it listed my most recent trip, to my dentist office—a place I visit exactly twice a year (and only once since I purchased my present phone).
I hope Apple (a) come clean about exactly what it is doing, and (b) allow users to specify the locations they wish to exempt from protection.
Oh, and give us the same protection on iPad and Mac.
Exactly. That is also the extent of my knowledge.
I think at this point we have to conclude there is no publicly disclosed relationship between Significant Locations and SDP’s “familiar” locations. The latter are detailed only in so far as generic “home” or “work”, while the former are specific however only offering limited user-facing display in the Privacy section.
Bar new information being publicized, I feel the two location categories are being unnecessarily conflated (perhaps because so little is known about the residing of the “familiar” locations - quite possibly entirely deliberate). For all we know at this point, these two location categories are entirely separate entities with no known or implied connection.
I concur.
Until now, “significant locations” was simply a set of places where it thinks you frequently visit. I believe it is/was used for the purpose of determining if a device separated from your person (e.g. an AirTag) should be alerted if it is left in such a location. The theory being that if you’re there a lot, then it may not be an accident when you leave something there.
But, of course, the implementation is not nearly as good as the theory. Since you have no way of configuring a set of locations (you’d probably be asked to drop pins on maps to do that or type in addresses), it tries to guess. But people frequently visit places where an object left behind should definitely be considered lost - like in grocery stores and bars.
Using it as a part of a security strategy seems completely nuts to me.
Significant Locations is not used in Find My Devices. If a device is left behind in a place other than Home or Work, Find My will ping you about it. When you respond to the ping, you can mark that place as an OK place for that device or all devices (I checked this out this week when I left my iPad behind at the hotel I was staying at). The list of OK places is listed in Find My and can be edited.
I think that Significant Locations have been used as a base for making suggestions about target locations in Apple Maps. By the way, Joanna Stern’s WSJ article about SDP again refers to using Significant Locations to determine a safe place. If you subscribe to Apple News+, you can read the article here.
2 Likes
According to MacRumors and several other Mac sites, the beta version of iOS 17.4 includes a option to require a SDP delay always or only when away from familiar locations.
Considering nothing to that extent has been noted elsewhere and Apple certainly hasn’t said as much either that, it stands to reason that Joanna Stern might simply have gotten this one wrong and she too is conflating the old Significant Locations with the new “familiar” locations.
With regards to this part:
“However, whenever you’re somewhere deemed unfamiliar, critical changes to your account or device require Face ID or Touch ID authentication, with no passcode alternative or fallback. The most important security actions also require a delay of an hour—shown with a countdown timer—before you perform a second biometric authentication. This delay reduces the chances of an attacker forcing you to authenticate with the threat of violence.”
What does that mean if, for example, you are at an Apple authorized repair shop to get something fixed and they want you to reset your phone or turn off passcode? You have to sit around an hour first before it gets turned off?
1 Like