Apple has enabled the testing of a new security feature with the first iOS 17.2 beta. For use with iMessage, Contact Key Verification gives users more certainty they’re messaging with the people they’re intending.
Update 10/27/23: Apple has revealed the technical details of how Contact Key Verifications works in a new Security Research blog.
Apple detailed the new iMessage Contact Key Verification feature in the release notes for iOS 17.2 beta 1. As it happens, there are three levels for how to verify contacts. Here’s the first:
With iMessage Contact Key Verification, users can choose to further verify that they are messaging only with the people they intend. Contact Key Verification uses Key Transparency to enable automatic verification that the iMessage key distribution service returns device keys that have been logged to a verifiable and auditable map. When a user enables Contact Key Verification, they will be notified about any validation errors directly in the Messages conversation transcript and Apple ID Settings.
However, for those in situations where stricter security is needed, iMessage Contact Key Verification can be used “in person, on FaceTime, or a through another secure call.”
Apple highlights users can also “choose to create or edit a contact and save a public key to turn on CKV with that person.”
To test out iMessage Contact Key Verification, you’ll need to have all devices connected to your iCloud account updated to the iOS 17.2 Beta, macOS 14.2 Beta, or watchOS 10.2 Beta or “sign out of iMessage on these devices in order to enable contact key verification.”
Then you can head to iPhone Settings > your name > Contact Key Verification (very bottom) > toggle it on.
While Apple has never seen an attack like this, Contact Key Verification is another security feature that will give peace of mind to those who may be highly targeted individuals.
Even though a very small percentage of iPhone users may need security of this level, the neat part is turning it on doesn’t reduce the functionality of your iPhone or iMessage – so it could end up being more widely used than something like Lockdown Mode.
FTC: We use income earning auto affiliate links. More.
Comments