A report recently revealed a new trend where iPhone thieves watch you type in your PIN code so they can steal your device and lock you out of your Apple ID. That second part is the scariest piece of this type of attack. We’ve shown you how to change two key iPhone settings to prevent thieves from messing with your Apple ID if they get your device. But what if I told you that you can unlock your iPhone with a Siri voice command, and that iOS 17 will be able to secure that process?
iOS 17 will deliver a key feature that has nothing to do with iPhone security or unlocks. Apple already confirmed it a few days ago. It’s called Personal Voice, and it has a different purpose. But the technology behind it could let Apple deliver a secure voice unlock feature for times when Face ID fails to register your face.
Before I explain how Apple might enable iPhone unlock via Siri voice commands in iOS 17, I’ll remind you what the worst-case scenario is for iPhone thefts. The stars must align just right for someone to see your PIN, steal your iPhone, and lock you out of your Apple ID.
You might be in a crowded place, your Face ID doesn’t register, and you type in your PIN. Someone behind you memorizes that 4-digit or 6-digit code, and then they steal your handset when you’re not paying attention.
They can now unlock the phone. But they still need to deal with your Apple ID if they want to remove Find My protections. In the process, they can lock you out of your Apple ID completely.
As I told you before, always make sure you use Face ID. Even if it doesn’t work on the first try. You should also have a strong password in place rather than a PIN code. Finally, you can protect your Apple ID by locking access to it.
How to unlock an iPhone with a Siri voice command
Nearly three years ago, we showed you an incredible use of an iPhone accessibility feature that lets you unlock the phone via Siri voice commands.
The iPhone hack lets you customize voice controls from the Settings app and run custom gestures on the screen. This combo is what would let you say something like “Open Sesame” to the iPhone in order to unlock it with only your voice.
The hack takes advantage of the Run Custom Gesture feature that lets you touch the screen without actually touching it. It’s an accessibility feature you’ll hopefully never need to use for that purpose. But if you set your PIN code as the custom gesture and then assign a custom Siri voice command to it, you can use the hack to unlock the iPhone. We’ve shown you how to do it at this link.
With this feature enabled, you can unlock the phone when Face ID doesn’t work on the first few tries. However, the feature has two potential security issues. First, the screen turns on, and it still shows touches on the number pad. That means an attacker might see your password.
Secondly, a knowledgeable attacker would hear the Siri voice command you used to unlock the iPhone. They could then try to steal the iPhone and then use the voice command to unlock it. I know it all sounds impossible, but it can happen. This hack isn’t perfectly secure.
You might have already experienced this Siri issue when watching TV and someone says, “Hey, Siri.” Your iPhone or iPad might come to life. That same would happen with an attacker saying your custom voice command.
iOS 17 introduces Personal Voice for iPhone
Apple’s upcoming WWDC 2023 event will be so crowded that it had to remove some announcements. Apple already gave us Final Cut Pro and Logic Pro for iPad ahead of the show. The company then unveiled iOS 17 accessibility features a few days ago.
Among them is one called Personal Voice, a feature you’ll hopefully never have to use. Here’s how Apple describes it:
Users can create a Personal Voice by reading along with a randomized set of text prompts to record 15 minutes of audio on iPhone or iPad. This speech accessibility feature uses on-device machine learning to keep users’ information private and secure and integrates seamlessly with Live Speech so users can speak with their Personal Voice when connecting with loved ones.
You’ve probably realized where I’m going with this.
With iOS 17, Apple will bring voice recognition to the iPhone in order for this Personal Voice feature to work. Hopefully, this will be a system-wide Siri upgrade, which will let you train Siri to only answer your voice. After all, Apple already supports this sort of feature for the HomePod and HomePod mini.
If it happens, you’ll be able to take the iPhone unlock Siri shortcut above to a whole new level in terms of security. That’s because Siri will respond only to your voice. Others might know your voice command for unlocking the iPhone, but unless they can replicate your voice, they won’t be able to do it.
Mind you; I am only speculating here based on these developments. Also, I don’t expect Apple to make Siri voice unlocks an alternative to Face ID and PIN/password. But if such a Siri upgrade is coming, the unlock hack above would be more secure.
That said, I do see two issues with this more secure iPhone unlock via Siri voice commands. First, the touch gesture will still show on the screen. Second, with generative AI products in the wild, sophisticated attackers will be able to clone your voice, maybe on the fly.
That’s why Face ID remains the only way you should log into the iPhone. Just get used to avoiding entering the PIN, especially in public places, and your handset will remain secure.