Protect iPhone from phishing with physical device authentication, iOS 16.3 “security key”
The latest OS “iOS 16.3” for iPhone was released on January 23, 2023, and the version number changed from 16.2 to 16.3. Updates that update after the second comma, such as “iOS 16.1.1”, often fix bugs, but updates after the first comma often add new features.
With iOS 16.3, you can now use a mechanism to strongly protect your Apple ID from phishing and other attacks using a physical device called a “security key.” This time, let’s briefly introduce what a security key is and how to use it.
Use physical devices instead of verification codes for two-factor authentication
Apple ID authentication has long supported “two-factor authentication” (two-factor authentication) that authenticates the person with a “password” and a 6-digit “confirmation code” sent to a trusted device.
Security keys are now available as an alternative to verification codes. A security key is a small physical device in the shape of a USB memory. iOS 16.3, “iPadOS 16.3” and “macOS Ventura 13.2” are supported.
An attacker trying to take over an Apple ID would have to physically obtain the security key, making it harder to impersonate. It is expected to enhance the security of Apple ID.
Apple ID uses a FIDO-certified security key, and in addition to short-range wireless communication using NFC, authentication is performed by physical connection to terminals such as USB Type-C, Lightning, and USB Type-A. It is necessary to prepare according to the terminal to be used.
FIDO-certified devices can be used as Apple ID security keys. On the support page of Apple (Apple), “YubiKey 5C NFC” that can use USB Type-C and NFC, “YubiKey 5Ci” that supports USB Type-C and Lightning terminal, “FEITIAN” that supports USB Type-A and NFC ePass K9 NFC USB-A” is introduced.
