The giant Apple projects as the best privacy concerned tech company, and can be vouched by looking at the great privacy feature it has that make it unbreakable. But don’t be fooled, the iOS maker will still know a lot about you and the services you have been using. To be specific, Apple knows your billing details, the digital goods you have bought that includes movies, music, and apps.
Axio took privacy a step further and analyzed a series of tests to understand what companies know about you. By far, Axio covered few companies that include Amazon, Facebook, Google, Tesla, etc. and Apple is one of them.
Apple uses a couple of approaches for data protection, where it aims to less amount of information whenever it can. It then processes the critical data on the device, making sure it does not further transfer on the Apple servers. Secondly, the service encrypts user data as a protocol that they follow.
The report of Axio is not a new finding as multiple other research sites have come across what it reported, but it does compile the entire scenario of what Apple knows about us and what it does.
Data Processing Protocol on Device
Fingerprint and Face Recognition Data: These two features are standard in Apple products since a very long time, and the company uses a secure enclave to hold all user data coming from fingerprints and face recognition. The data allows access to everything else on the device, that means Apple not only knows about these two sensors data but gets stored on the iOS chip as well which cannot be accessed by iOS itself.
The operating system OS (iOS) can only ask for a Yes and No permission from the secure enclave. Thankfully the face recognition data in the photos app on all iOS devices stays on the device, and no data is transferred on Apple servers. Also, ‘Apple Pay’ only stores transaction history that of purchases made other than that no history is being recorded.
All saved locations on ‘maps’ whether its a cafe, home, work or searched item is stored on the device and the location data details are sent on the Apple server which then ties the data to a unique identifier that remains anonymous. No Apple ID is used for it.
All the messages iMessages and FaceTime uses end-to-end encryption that rejects anyone from intercepting the communication that includes Apple as well. In case of a court order, Apple still does not have the jurisdiction to intercept the messages as they are highly coded.
Safari bookmarks: All of the processes, apps, and tool used by Apple in their devices are end to end encrypted that includes bookmarks as well. However, Apple has the key to the bookmarks, and the developers can access them. Then again, end-to-end encryption is used for browser data which are from iOS 13 and macOS Catalina where Apple will not be able to access it.
Apple users need to make sure they adopt online security tools for iPhone that are necessary to control Apple access where privacy is breached. That will allow users to enhance their protection and reject Apple access. Among the greatest threats to Apple devices is the iCloud Backups. iCloud backup is a storage for all the copy of data that is present on the device. The data is heavily encrypted, and still, Apple can access it.
This means the giant company can reveal and disclose the data if served a notice from the court. Further, due to holding the key to the door, Apple is leaving room for vulnerabilities as the data is exposed to employees as well. Emails on Apple devices are again encrypted where the process uses a TLS encryption setup on both sending and receiving emails. However, Apple still has the key to access it.
The same is with Siri, where iOS encrypts all the data while communication takes place but later is decrypted along the comm line for Apple.
What Apple Holds on you
It’s clear and self-explanatory that Apple will hold some information on you. They know purchase history of the physical products things availed online that includes apps, music, books, music. We can assume with time the company will have less control over user data but for now it has some control over user activities.