Skip to main content

Apple is adding end-to-end encryption to iCloud backups

Apple is adding end-to-end encryption to iCloud backups

/

Apple is expanding its iCloud security features and introducing support for security keys for two-factor authentication.

Share this story

Image of the Apple logo surrounded by gray, pink, and green outlines
Apple announced some big new security features on Wednesday.
Illustration by Nick Barclay / The Verge

Apple will finally be adding end-to-end encryption to iCloud backups, the company said as part of a major set of security announcements on Wednesday. Under what it calls Advanced Data Protection, Apple will expand the number of “data categories” protected by end-to-end encryption from 14 to 23, with backups, Notes, and Photos now covered.

Based on a screenshot from Apple, these categories are covered when you flip on Advanced Data Protection: device backups, messages backups, iCloud Drive, Notes, Photos, Reminders, Safari bookmarks, Siri Shortcuts, Voice Memos, and Wallet Passes. Apple says the only “major” categories not covered by Advanced Data Protection are iCloud Mail, Contacts, and Calendar because “of the need to interoperate with the global email, contacts, and calendar systems,” according to its press release.

You can see the full list of data categories and what is protected under standard data protection, which is the default for your account, and Advanced Data Protection on Apple’s website.

A screenshot from Apple of an iPhone showing details about Advanced Data Protection.
A screenshot detailing what’s included as part of Advanced Data Protection.
Image: Apple

With standard data protection, Apple holds the encryption keys for things that aren’t end-to-end encrypted, which means the company can help you recover that data if needed. Data that’s end-to-end encrypted can only be encrypted on “your trusted devices where you’re signed in with your Apple ID,” according to Apple, meaning that the company — or law enforcement or hackers — cannot access your data from Apple’s databases.

Privacy advocates like the Electronic Frontier Foundation have long called for Apple to expand end-to-end encryption to iCloud backups, and Apple had reportedly scrapped plans to do so after the FBI complained. Craig Federighi, Apple’s SVP of software engineering, said he had heard that “rumor” but didn’t “know where that came from” in an interview with The Wall Street Journal’s Joanna Stern.

Users on Apple’s beta program in the US will be able to enable Advanced Data Protection beginning Wednesday, Apple says. It will be available broadly to US users by the end of the year and will begin rolling out globally — including in China, according to The Wall Street Journal — in early 2023. Alongside the news of end-to-end iCloud backups, Apple confirmed that it has dropped its controversial plans for scanning child sexual abuse imagery.

Apple is also improving its two-factor authentication support by letting users secure their accounts with hardware keys starting early next year. Hardware keys, like YubiKeys, have become increasingly popular tools to provide an extra layer of security for your online accounts, and soon, you’ll be able to use a key with your iCloud account as well.

A screenshot showing what it will look like when you use a hardware security key with your iPhone.
Here’s what it will look like when you use a hardware security key with your iPhone.
Image: Apple

In addition, Apple is improving iMessage security with iMessage Contact Key Verification, which the company says can alert you if state-sponsored bad actors are snooping on your chats.