Apple just released the next version of its mobile operating system, iOS 8, to the world for all devices from the iPhone 4S and newer. iOS 8 introduces many new bells and whistles including mobile payments on the iPhone 6 and 6 Plus, health data, and many other features. While it will take a little while to get used to and notice everything new, we wanted to let you know of the improvements in privacy and security being made in this new mobile OS.

With a big push into wearable computing and health information on your devices, the need for improved privacy and security may be at an all-time high. The three main areas of concern we look at to see how well Apple is keeping up their privacy and security standards would be Apple Pay, device settings, and general data protection.
 

Apple Pay

Apple Pay may be the biggest news outside of the Apple Watch to be released in quite a while for Apple. Not only are they now enabling every new smart phone user to pay at over 220,000 brick and mortar stores with their phone, but they hope to do so in a much more secure manner

With Apple Pay, you are enabling your phone to act as a payment service that connects to your credit card or bank account. Apple Pay actually takes this a step further and never stores your credit card information on the devices or servers, but rather generates one-time tokens that connect to your account each time you pay. This means that you’re never actually providing your real credit card details at the point of purchase, helping protect you from fraud.

Device Settings

Device settings have been mostly minor updates from one version of iOS to the next, and although the changes may seem small they can help put the privacy control back in consumer’s hands. In iOS 8, there are three updates that users should be aware of in the settings: default search engine, location data, and your contact list.

Apple is introducing a new option for default searches to satisfy the privacy conscious crowd, using DuckDuckGo. DuckDuckGo is a privacy oriented search engine that doesn’t collect information on your search terms or build a profile to target advertisements at you. In fact, the search engine doesn’t even keep track of what websites you visit through your searches. This enables the DuckDuckGo to provide the most private search in a consumer friendly manner. The one downside to DuckDuckGo is that your searches will not be tailored to you; so finding what you want may take a little bit longer.

Location data has always been one of two options prior to iOS 8, either always on or always off. With the introduction of iOS 8 however, there is now a new option to allow apps to only access your location while the app is running. This could prevent rogue apps from collecting and storing data about your location at any time of the day. This setting is configurable through the Location tab in the Privacy section of the settings app, although it does require apps to accept this as an option.

Finally, your contact list contains some of the most personal and private data you might have on your phone. There have been many examples of apps uploading and saving your contacts to their servers, and this was in part due to an all-or-nothing model for accessing contacts.

Contact information is necessary for sharing with friends, finding people to connect with, and other useful tools on your device, but it’s definitely not always needed in its entirety. For this reason Apple is now introducing better developer controls so that apps can request only certain parts of your contact list, such as just email addresses, or even search and get a single contact at a time. This benefits the user as they won’t need to hand over all of their data to every app, but rather only give away the information that is needed.
 

Data Protection

iOS 8 brings a large push towards health data and wearable computing to your devices. While these are great new tools, they also generate a lot of sensitive, personal information about you. To help keep this data safe, Apple is creating a protected, centralized location that requires specific access before apps can read the data. This allows you to control who you share it with.

Outside of data that devices are tracking on us, Apple also taken steps to prevent third parties from tracking you based on your device. One of the most common ways companies would put together a profile on users was to associate behaviors, such as apps used or websites visited, to a MAC address which is a unique string that each device has. This address acted as the key that put all the pieces of data together. Starting in iOS 8, your MAC address will become randomized whenever you are connecting to new Wi-Fi spots or apps are requesting your information. This should help make sure you stay more anonymous in the online ad tracking world.

Apple has made a great start protecting your data from hackers, trackers, and government agencies, but we need to remember that much of the control is in our own hands. It is highly recommended to set a unique password for each service you use, enable 2-factor authentication when you can, and pick obscure and hard to discover security questions to back up your account. One of the biggest vulnerabilities to our privacy is ourselves.

Check out our twitter account at @AVGFree or follow us on Facebook at facebook.com/AVG to stay up to date with all the latest privacy and security news around Apple and other popular companies. If there is anything in particular you want to see more of, leave us a comment below or at one of our social media accounts.

Image courtesy of iosmedya.com