iMessage Contact Key Verification

Apple iMessage Contact Key Verification coming in iOS 17.2

iMessage Contact Key Verification will be available in iOS 17.2, macOS 14.2, and watchOS 10.2

Apple will be releasing iOS 17.2 soon, and it will bring an update to iMessage, which will be a huge boost to iPhone security. The new iMessage feature in iOS 17.2 prevents attackers from listening to or reading your conversations if they’ve managed to breach cloud servers.

If you have Contact Key Verification enabled in iOS 17.2, you will receive a notification if someone is able to eavesdrop on your conversations.

As an extra layer of security, the new iPhone feature also allows you to use a Contact Verification Code on FaceTime or in person—just to make sure the person you are speaking to is who they say they are.

Designed For Security But Accessible To All iPhone Users

Contact Key Verification in iOS 17.2 is designed for people who could be targets for attacks utilizing iPhone malware, which can allow adversaries to see everything you write and hear anything you say.

Over the last year or so, Apple has been busy releasing new iPhone features to protect users from spyware attacks as well as patching numerous security holes that could be used in so-called “zero click” attacks.

However, while it is a security feature akin to the likes of Apple’s Lockdown setting, Contact Key Verification doesn’t reduce your iPhone’s functionality like Lockdown Mode does, so there is no security-functionality trade off. That makes it more accessible to all iPhone users.

Apple iMessage Contact Key Verification

iMessage Contact Key Verification

iMessage Contact Key Verification also advances the ability to manually compare contact verification codes for users who need that level of assurance, by extending the verification to cover future signed-in devices.

Using the Vaudenay SAS protocol, users can compare short codes to verify that they have the same view of each other’s account key as presented by the IDS service. When the user marks the code as verified, the hash of the peer’s account key is saved to an end-to-end encrypted CloudKit container and linked to the peer’s contact card.

If the account key ever changes — for instance, if the iMessage identifier moves to another account entirely — Messages displays an error in the conversation transcript.

Because the user’s account key and the verified hashes for their contacts are synced via end-to-end encrypted mechanisms, this verification remains consistent across all of the user’s devices, including when they sign in on a new device.

And because the contact card is linked, all conversations with the peer’s identifiers — phone number and email address — are marked as verified. Group chats with peers that have been independently verified one-to-one are also automatically marked as verified.

For users with a public persona, a public verification code encoding the account key hash is available in the Contact Key Verification pane in Apple ID settings. Users can insert these public verification codes into a contact card to ensure that they are communicating with the posted account key from the very first message.

iMessage Contact Key Verification will be available in iOS 17.2, macOS 14.2, and watchOS 10.2.