iOS 17.3 introduces a major new security feature called Stolen Device Protection to help protect iPhone users in case their device is lost or stolen.
This feature adds additional authentication requirements before allowing access to sensitive information or making account changes when the iPhone is away from familiar locations.
How Stolen Device Protection Works
Stolen Device Protection is optional and needs to be manually turned on in the Settings app. To enable it, go to Settings => Face ID & Passcode, enter your passcode, and toggle on Stolen Device Protection.
Once enabled, certain actions will require biometric authentication with Face ID or Touch ID when your iPhone is not in a familiar location like your home or workplace. These actions include:
- Accessing passwords stored in iCloud Keychain
- Using payment methods saved in Safari
- Applying for a new Apple Card
- Turning off Lost Mode
- Sending money using Apple Cash
- Using your iPhone to set up a new device
- Changing sensitive account settings like Apple ID password
If you try to perform any of the above actions when away from familiar locations, Stolen Device Protection will also initiate a Security Delay. This means it requires biometric authentication once initially and then again after a 1-hour waiting period before allowing the action.
Benefits of Stolen Device Protection
Stolen Device Protection offers several security benefits:
- Prevents account takeover: The biometric and Security Delay requirements make it much harder for thieves to access your sensitive data or take over your accounts.
- Buys time to track: Even if thieves bypass the initial authentication, the 1-hour delay allows you time to notice the iPhone missing, mark it lost, and track its location.
- Deter theft: As this feature gets adopted, iPhones will become less rewarding targets for thieves.
Requirements for Enabling Stolen Device Protection on iPhone
To use Stolen Device Protection on your iPhone, you need:
- iOS 17.3: The latest iOS update is required.
- Passcode/Biometrics enabled: A 6-digit passcode and Face ID/Touch ID must be set up.
- Two-factor authentication: Two-factor authentication must be enabled on your Apple ID.
- Find My enabled: The Find My app must be enabled to track your device location.
- Significant Locations on: Significant Locations must be enabled for familiar location awareness.
Limitations
While Stolen Device Protection improves iPhone security, some limitations exist:
- Access with biometrics/passcode still allowed: Thieves with your biometrics or passcode can still access most data and features.
- Familiar location bypass: No added security when in familiar locations like home or office.
- Accessible after delay: The 1-hour delay can still allow account takeover.
- No remote wipe activation: It does not automatically wipe data if stolen.
As such, users should continue using strong passcodes, Find My, iCloud Keychain, and other security best practices.
How to Turn Off Stolen Device Protection
If you need to disable Stolen Device Protection, go to Settings => Face ID & Passcode => Stolen Device Protection and tap Turn Off Protection.
However, you can only turn off protection when your iPhone is in a familiar location registered with Significant Locations. Everywhere else will initiate a Security Delay before allowing you to toggle it off.
Conclusion
Stolen Device Protection offers iPhone users an important additional layer of security to protect sensitive data and accounts in case their device is lost or stolen. By requiring biometric authentication and adding time delays, it makes stolen iPhones far less rewarding targets for thieves. While limitations exist, enabling this feature is highly recommended for all iPhone users on iOS 17.3 concerned about device theft and account hijacking.