Apple added a new security feature called Stolen Device Protection for your iPhone in the most recent iOS 17.3 update. This helps prevent a thief from accessing personal data or making critical security settings changes on a lost or stolen iPhone.
When this feature is enabled, some features and actions require additional security steps beyond entering the numeric passcode when your iPhone is away from familiar locations such as home or work. Here’s how it works.
How it works
Stolen Device Protection works by first tracking and storing the locations you frequent, such as your home, office or local airport. When you’re at one of these locations, everything works normally, meaning you just need to enter your passcode (or Face/Touch ID) to access personal data or modify security settings.
Now let’s say you go to a new restaurant in town or head out on vacation. As soon as you leave one of the locations that Apple deems as familiar to you, the extra protections are automatically enabled.
Stage 1 – Biometric Authentication
When away from a familiar location, you must use either Face ID or Touch ID to make the following changes on your device:
- Use passwords or passkeys saved in Keychain
- Use payment methods saved in Safari (autofill)
- Turn off Lost Mode
- Erase all content and settings
- Apply for a new Apple Card
- View Apple Card virtual card number
- Take certain Apple Cash and Savings actions in Wallet (for example, Apple Cash or Savings transfers)
- Use your iPhone to set up a new device (for example, Quick Start)
The thought here is that if a person with malicious intent gets a hold of your phone knows your passcode, they won’t be able to access or change personal data.
The next level of security when away from a familiar location comes in the form of a security delay when attempting to change critical security settings. Let’s say you want to Sign out of your Apple ID while on vacation; when you first go to this setting, you’ll need to confirm your identity with Face/Touch ID. This then starts a one-hour countdown timer, and you’ll be prompted to do another Face/Touch ID scan after the end of the hour to make the change.
The security delay applies when attempting to update any of the following:
- Change your Apple ID password
- Sign out of your Apple ID
- Update Apple ID account security settings (such as adding or removing a trusted device, Recovery Key, or Recovery Contact)
- Add or remove Face ID or Touch ID
- Change your iPhone passcode
- Reset All Settings
- Turn off Find My
- Turn off Stolen Device Protection
How to enable Stolen Device Protection
This new security feature works only on iPhone, requires iOS 17.3, and is disabled by default. To turn it on, go to Settings > Face ID & Passcode > Stolen Device Protection. To enable this feature, you must use two-factor authentication for your Apple ID and set up or enable the following on your iPhone: a device passcode; Face ID or Touch ID; Find My; and Significant Locations (Location Services).