Apple Platform Security
- Welcome
- Intro to Apple platform security
-
- System security overview
- Signed system volume security
- Secure software updates
- Rapid Security Responses
- Operating system integrity
- BlastDoor for Messages and IDS
- Lockdown Mode security
- System security for watchOS
- Random number generation
- Apple Security Research Device
-
- Services security overview
-
- Apple Pay security overview
- Apple Pay component security
- How Apple Pay keeps users’ purchases protected
- Payment authorization with Apple Pay
- Paying with cards using Apple Pay
- Contactless passes in Apple Pay
- Rendering cards unusable with Apple Pay
- Apple Card security
- Apple Cash security
- Tap to Pay on iPhone
- Secure Apple Messages for Business
- FaceTime security
- Glossary
- Document revision history
- Copyright
iPhone Mirroring security
iPhone Mirroring allows a user to use iPhone from their nearby Mac. While being remotely used on the Mac, iPhone remains locked.
Notification forwarding
iPhone Mirroring lets users forward notifications from their iPhone to a Mac using the same iCloud account. Users signed in to devices with the same iCloud account exchange cryptographic identities using a local peer-to-peer protocol, encrypted using keys stored in iCloud using end-to-end encryption. When the user enables iPhone Mirroring and enters their passcode on the iPhone, the current cryptographic identity for the Mac is recorded. The private key for this identity is protected in the Secure Enclave. This identity is pinned so that if it changes, notifications aren’t forwarded to the Mac. Notifications are encrypted in transit using end-to-end encryption.
Remote unlock
Remote unlock for iPhone Mirroring uses the same remote unlock protocol as Auto Unlock and Apple Watch but is triggered by the user launching the iPhone Mirroring app on their paired Mac. Secure ranging isn’t required for iPhone Mirroring.
When users set up iPhone Mirroring for the first time, they’re prompted to choose to either “Automatically authenticate,” or to “Ask every time.” The Secure Enclave on the Mac enforces this user choice and prompts the user to authenticate using their Mac password (or Touch ID if supported). After the authentication policy is completed, the Mac connects to the iPhone using a local wireless peer-to-peer connection and unlocks the iPhone keybag to enable remote access for the duration of the remote session. The Lock Screen remains locked on the iPhone during this time.
When iPhone Mirroring is in use, users see a persistent notification on the Lock Screen. A banner is shown the first time the device is unlocked after a session has ended.