Apple released iOS 16.5 a few days ago. You should upgrade your iPhone as fast as possible because the new release delivers a few key security patches. But Apple also released iOS 16.6 beta 1 for developers. The new beta includes the iMessage Contact Key Verification security feature that Apple announced late last year.
Apple has been improving the iPhone’s security and privacy at every chance it gets. The iMessage Contact Key Verification feature is hardly surprising. It’s the kind of feature many people will need to ensure that nobody is eavesdropping on sensitive iMessage conversations. At the same time, it’s not for everyone, and you’ll soon know whether you fit the criteria.
In this article, I’ll tell you everything you need to know about iMessage Contact Key Verification.
Apple announced iMessage Contact Key Verification in early December at the same time as Security Keys for Apple ID and Advanced Data Protection for iCloud. The latter is especially interesting, as it lets you encrypt your iCloud backups.
The company devised iMessage Contact Key Verification for iPhone users who are at risk of being the targets of digital attacks. “Users who face extraordinary digital threats — such as journalists, human rights activists, and members of government — can choose to further verify that they are messaging only with the people they intend,” Apple explained.
The feature wasn’t enabled until the first iOS 16.6 beta. While you can now find iMessage Contact Key Verification in the latest beta, it doesn’t appear to be functional just yet.
iMessage Contact Key Verification for iPhone will send automatic alerts if Apple detects a potential intrusion in an iMessage conversation. iMessage and FaceTime have always been end-to-end encrypted. But smartphone platforms are always under attack, so extra security measures can certainly come in handy.
Some nation-state adversaries might find ways to spy on certain individuals. Hence the need for security improvements with each major iOS release. And some might find ways to infiltrate a conversation using a different Apple device they control. They can also pretend to be someone else.
iMessage Contact Key Verification would prevent such breaches as long as both parties in the conversation enable the feature:
Conversations between users who have enabled iMessage Contact Key Verification receive automatic alerts if an exceptionally advanced adversary, such as a state-sponsored attacker, were ever to succeed breaching cloud servers and inserting their own device to eavesdrop on these encrypted communications.
Apple also said users can compare a Contact Verification Code in person, via FaceTime, or on a secure call.
The image above shows the feature in the works. Check out the warning at the bottom of the conversation informing the user of the potential hack.
You can look for iMessage Contact Key Verification in the Settings app after installing iOS 16.6 beta 1. But MacRumors says that tapping it does not appear to activate the feature. It may require additional settings to work. Or maybe it does work, but you won’t be able to tell unless someone tries to hack you or your contact.
Whatever the case, Apple will likely provide more details soon. iOS 16.6 should be released in the coming weeks, even though most people are waiting for the imminent iOS 17 update at WWDC 2023.
When iMessage Contact Key Verification does arrive, you’ll want to have it enabled in all conversations you think need such protections. That means the other person will also have to update to iOS 16.6 and enable it.