This post will explore some of the miscellaneous settings in iOS 10, including Wallet & Apple Pay, Notes, Phone, and Message Settings.
iOS 10 Wallet & Apple Pay Settings
Settings//Wallet & Apple Pay
Apple Pay allows you to pay at certain retail locations with your iOS device. After putting a credit card in your Wallet, its data can be transferred via Near-Field Communications (NFC) to a payment terminal. This is a very convenient way to pay, and the security of it is, overall, very good. If you choose to use Apple Pay, there is one option that you should change: Allow Access When Locked. Though anyone with access to your device would still need your fingerprint or passcode to make a purchase, he or she could see the cards in your wallet. This can reveal your bank and creditors to anyone with brief physical access to your phone.
RECOMMENDATION: LIMIT THE NUMBER OF CREDIT CARDS YOU ASSOCIATE WITH APPLE PAY AND DISABLE “ALLOW ACCESS WHEN LOCKED”.
iOS 10 Notes Settings
In my earlier version of this book I recommended against using the native Notes application. In iOS 9.3.2, however, iOS introduced password protection and AES encryption of notes stored in the native Notes app. In the Notes settings, you must assign a password or enable Touch ID. When you create a note, you must choose to encrypt it, as they are not secured by default. To encrypt a note press the “share” button (the box with an arrow pointing upward). In the menu that pops up, choose “Lock Note”.
This is an important feature, but it should be used correctly. When you secure a note, the first line of it will still be visible and searchable through Spotlight Search (the content of the note is not searchable). If you are storing sensitive content, you should create an innocuous first line that does not reveal the contents or sensitivity of the rest of the note. If you forget your Notes password you can create a new one. This will allow you to generate new notes, but will not allow you to access old ones.
Figure 1.06: Creating a secure note in the native Notes application. Tap the Share icon to bring up the menu (left), enter your Notes password (center), and the note will be locked. To open it, tap View Note and enter the password.
iOS 10 Phone Settings
Call Blocking & Identification: This setting displays the list of numbers and email addresses that you have blocked. You will no longer receive phone calls, texts, iMessages, or FaceTime communications from these numbers and email addresses. To block a number from this menu, however, it must first be added to your contacts. This menu setting also allows you to remove callers from the blocked list in the event the number in question was blocked in error or you no longer desire it blocked.The faster way to block a number, and do so without adding it to your contacts, is from inside the Phone application. To block a call from the phone application open Recents and find the number you wish to block. Next, click the information icon (the circled “i”) on the right side of the display; this will open up a menu displaying metadata about the call(s) (time placed or received and duration) and options to call, FaceTime, or message the number. Scroll all the way to the bottom of the page. t Tap “Block this Caller”. You will be asked to confirm this decision. The number will not be blocked and you will no longer receive calls or text messages originating from it.
Wi-Fi Calling: Wi-Fi calling allows your phone to connect to your cellular network via Wi-Fi. This is desirable if you live or work in a location with poor cellular reception. However, enabling this setting requires that you enter an emergency address. This address is used in the event you call 911 because your Wi-Fi network cannot be geolocated as quickly or accurately by first responders. This maybe a privacy concern for some who do not wish to give out their home address. It may also be a safety concern for others. If you travel frequently a single address may not be sufficient. Rather than using Wi-Fi calling, I recommend using FaceTime if possible (see section on FaceTime on p. 20).
Calls on Other Devices: This setting allows you to answer calls on other Apple devices, connected to the same Wi-Fi network, and that share a common Apple ID. This may be a security concern if you live or work in a space with multiple Apple devices sharing a common Apple ID, because others may be able to answer your calls, though this risk is relatively minor.
SIM PIN: The SIM (Subscriber Identity Module) is the small card that is provided by your cellular provider. It is necessary for your iPhone or iPad to connect to a cellular network. You can assign a PIN that is required to unlock your SIM card each time the device is powered on. This can prevent someone with access to your phone from making expensive calls or text messages. However, this would require the individual to cycle power on the phone, and bypass the lock screen. I do not believe a SIM PIN provides an appreciable security upgrade.
iOS 10 Messages Settings
iMessage: This option allows you to enable or disable iMessage, Apple’s organic messaging system. iMessage has several tantalizing benefits. First, it uses data and not text messages. This is great news for the privacy-conscious because your cellular service provider will have no record of iMessages transmitted or received. Next and most importantly, iMessages are encrypted end-to-end using very strong 128-bit AES encryption, making the interception of their content highly unlikely.
Send Read Receipts: iMessage offers the ability to send read receipts. This is not a security concern but it may be a privacy concern as it allows other iMessage users to see when you have opened messages from them.
Blocked: Phone numbers can also be blocked from this location in the menu as described above in the Phone settings.
Keep Messages: This allows you to set a message expiry policy. Messages can be saved forever, for one year, or for 30 days. Any messages older than the selected expiry will be delete automatically. I like this and choose to only keep messages for thirty days. This accomplishes several things. First, it frees space on my device by getting rid of old messages, none of which I will never need to access. It also limits the amount of content on my device should someone gain access to it.
Filter Unknown Senders: This feature offers a small degree of privacy. It allows you to turn off notifications for messages from unknown senders (senders who are not in your contact list). You will still receive these messages but will not be audibly alerted to them.
Audio Messages and Video Messages: Both of these can be set to expire after two minutes or thirty days. I set both for two minutes. Like setting expiry for text messages this frees space on my device and prevents potential future exploitation of this information.
Report Junk: The option to report junk iMessages is not a menu option, but it shows up in the Messages application when an iMessage is received from a number or email address that is not in your contacts. Reporting a number will allow Apple to flag it as spam.