Speaking to Wired, Apple has outlined the security process its new “Find My” feature uses to protect its users.
The “Find My” feature broadcasts Bluetooth signals of activated devices to other nearby Apple devices, allowing these devices locations to be continuously relayed to the cloud.
While many were worried about the security implications of this feature, Apple has outlined how it ensures the safety of its users.
“Now what’s amazing is that this whole interaction is end-to-end encrypted and anonymous,” said Apple executive Craig Federighi.
“It uses just tiny bits of data that piggyback on existing network traffic so there’s no need to worry about your battery life, your data usage, or your privacy.”
Apple broke down the complete process:
- When you install “Find My” – which must be done on at least two devices – it generates a private key which is shared to all of your devices.
- Each device generates an additional public key, which is what your device broadcasts out via Bluetooth.
- This public key changes itself periodically, making it more difficult for malicious parties to track your movements.
- When another device picks up your signal, it uploads the encrypted location and a hash of the device’s public key to the cloud.
- If you want to find your stolen device, your second Apple device, which contains both the private and public key, uploads its version of the public key to find the matching hash.
- Apple will return the encrypted location of the stolen device, and the second device can then use its private key to encrypt a last-known destination.