Is the new iPhone designed for cybersafety?

Cybersecurity awareness trainers regularly tell users to always review header data to assess an email’s legitimacy. But this information is completely unavailable on Apple iOS Mail – meaning even if you suspect a spear-phishing email, there is really no way to detect it – which is another reason that more people fall victim to spear-phishing attacks on their phones than on their computers.

Safari gets dangerous
The iOS web browser is another casualty of iOS’s minimalism, because Apple designers removed important security indicators. For instance, all encrypted websites – where the URL displays that little lock icon next to the website’s name – possess an encryption certificate. This certificate helps verify the true identity of a webpage and can be viewed on all desktop computer browsers by simply clicking on the lock icon. It can also be viewed on the Google Chrome browser for iOS by simply tapping on the lock icon.

But there is no way to view the certificate using the iPhone’s Safari – meaning if a webpage appears suspicious, there is no way to verify its authenticity.

Everyone knows where you stand
A major iPhone innovation – building in high-quality front and back cameras and photo-sharing capabilities – completely changed how people capture and display their memories and helped drive the rise of social media. But the iPhone’s camera captures more than just selfies.

The iPhone defaults to doing something many smartphones now can do: including in each image file metadata with the date, time and location details – latitude and longitude – where the photo was taken. Most users remain unaware that most online services include this information in posted pictures – making it possible for anyone to know exactly where the photograph someone just shared was taken. A criminal could use that information to find out when a person is not at home and burglarize the place then, as the infamous Hollywood “Bling Ring” did with social media posts.

In the 10 years since the first iPhone arrived, cyberattacks have evolved and the cybersecurity stakes are higher for individuals. The main concern used to be viruses targeting corporate networks; now the biggest problem is attackers targeting users directly using spear-phishing emails and spoofed websites.

Today, unsafe decisions are far easier to make on your phone than on your computer. And more people now use their phones for doing more things than ever before. Making phones slimmer, shinier and sexier is great. But making sure every user can make cybersafe decisions is yet to be “Designed by Apple.” Here’s hoping the next iPhone does that.

Editor’s note: This article was updated at 7:10 p.m. on 12 September 2017, to clarify that the iPhone is not the only smartphone that saves location information in photos. Arun Vishwanath is Associate Professor of Communication, University at Buffalo, The State University of New York. This article is published courtesy of The Conversation (under Creative Commons-Attribution / No derivative).