iOS 16 security and privacy features: everything you need to know
Every iOS update adds new privacy and security features, and iOS 16 is no exception. Apple has added tools to make it easier to apply security updates, new Face ID capabilities, photo security improvements, and more, with details on all the new privacy and security options described below.
The Settings app contains a new “Safety Check” feature designed to allow users to quickly reset all data and location access they have granted to other people. According to Apple, Safety Check is for people experiencing domestic or intimate partner violence.
You can access the Security Control by opening the Settings app and tapping on the Privacy & Security section. From there, scroll down to Safety Check. Safety Check has two options, including an emergency reset and a checklist of all your data sharing options.
Note that Safety Check has a “Quick Exit” button that takes you directly to the iPhone home screen in case you might get caught using it.
Emergency Reset is a one-click option that allows you to protect your iOS device in just a few clicks. When you use emergency reset, it immediately stops sharing everything with all people and apps.
This includes anything you might share with other people, such as location information, personal data, photo albums, etc.
Emergency reset also allows you to delete all emergency contacts and reset your Apple ID and password so that no one can log into your account.
For a less urgent situation, there’s a Manage Sharing & Access walkthrough that lets you see an overview of what you’re sharing so you can’t be secretly tracked or monitored using sharing. location, shared albums, or other iPhone features.
You can see exactly who you’re sharing data with and what data those people have access to, as well as which apps have access to your data. You can select people or apps and choose the “Stop Sharing” option to turn off sharing immediately.
You’ll also see a list of any third-party apps you’ve installed and the data they have access to, along with tools to disable that access. You can see the permissions an app has on an individual basis or by data such as Bluetooth, Location, Contacts, etc.
Manage Sharing will tell you exactly which devices your iCloud account is connected to, giving you the option to sign out, and allow you to reset your Apple ID and password as well as turn off Emergency Contacts.
Hidden and recently deleted photo albums locked
In the iOS 16 Photos app, hidden and recently deleted albums cannot be opened without biometric authentication via Face ID, Touch ID, or a password.
Landscape Face ID
On iPhone 13 models, Face ID works in landscape mode after installing iOS 16. This allows Face ID to unlock the iPhone whether it is held in portrait or landscape orientation.
Rapid Security Response
With iOS 16, Apple can push out security updates without having to update the entire operating system. in iOS 15, security updates are tied to iOS updates and require a full update, but iOS 16 will make it easier for Apple to distribute security updates and make them faster to download.
When you update to iOS 16, Apple sets your device to automatically install security updates, but the feature can be turned off under General > Software Update > Automatic Updates.
Get important security improvements on your devices even faster. These enhancements can be applied automatically between standard software updates.
Apps in iOS 16 require explicit user permission before accessing the clipboard to copy and paste content. Apps will need to ask to use copy and paste, similar to how apps need permission to access microphone, camera, location, and other sensitive data.
With iOS 16 and its sister updates, Apple is adding passkeys designed to replace traditional passwords when logging into a website or app. Apple says passkeys are more secure than passwords, protecting users from phishing, malware, and other attacks that re-attempt to access the account. Passkeys are not implemented in the iOS 16 beta, but will be introduced later this year.
Access keys work through a key system. One key is public and stored on the website server, while the second key is private and stored on the device. On the iPhone and other devices with biometric authentication, Face ID or Touch ID is used to authorize the passkey to authenticate the user to a website or app.
The website key and the Apple device key must match to enable a sign-in, and because the device key is private and only available to the user, it cannot be stolen, leaked, or phished.
Passkeys use iCloud Keychain, which requires two-factor authentication for extra protection. Passkeys sync across all of a user’s devices through the iCloud Keychain, which is end-to-end encrypted with its own cryptographic keys.
Synchronizing passkeys between devices provides redundancy in the event that an iPhone is lost, but if all of a person’s Apple devices are lost and the passkeys with them, Apple has created a iCloud keychain escrow to retrieve access key information. There is a multi-step authentication process to follow to recover an iCloud keychain with passkeys, or users can set up a person to act as their account recovery contact.
Passkeys sound complicated, but in practice it will be as simple as using Touch ID or Face ID to create a passkey to accompany a login.
Apple has worked with members of the FIDO Alliance, including Google and Microsoft, to ensure that the security keys can also be used with non-Apple devices and across all platforms. On non-Apple devices, Passkeys will work via QR codes that authenticate using the iPhone, but this will require support from other companies and needs to be adopted in the tech world.
iOS 16 adds lockdown mode, which provides an “extreme” level of security for activists, journalists, and others targeted by sophisticated cyberattacks. Lock Mode strictly limits or disables the functionality of many iPhone features as well as app and website locking.
Lockdown mode blocks most types of attachments in Messages, blocks FaceTime calls from non-contacts, limits web browsing features, prevents installation of configuration profiles, and more, with a full list available in our article on lockdown.
Lock mode is not intended for the average user and most people should not enable it given its restriction. The feature is disabled by default and can be enabled in the Privacy & Security section of the Settings app.
Have questions about the new security and privacy features in iOS 16, know of a feature we left out, or want to provide feedback on this guide? Email us here.
Security and privacy
With iOS 16, there are a number of security and privacy-focused updates that include Face ID landscape, security check, faster security updates, passkeys, and more.
We have a Dedicated security and privacy guide which highlights every new feature you need to know about.