iCloud security overview

iCloud uses best-in-class security technologies, employs strict policies to protect your information, and leads the industry by adopting secure, privacy-preserving technologies like end-to-end encryption for your data.

Data security

iCloud secures your information by encrypting it when it's in transit and storing it in iCloud in an encrypted format. Many Apple services use end-to-end encryption, which means that only you can access your information, and only on trusted devices where you’re signed in with your Apple ID.

In some cases, your iCloud data may be stored using third-party partners’ servers—such as Amazon Web Services or Google Cloud Platform—but these partners don’t have the keys to decrypt your data stored on their servers.

End-to-end encryption

End-to-end encryption provides the highest level of data security. On each of your devices, the data that you store in iCloud and that's associated with your Apple ID is protected with a key derived from information unique to that device, combined with your device passcode which only you know. No one else, not even Apple, can access end-to-end encrypted information.

End-to-end encryption requires that you use two-factor authentication for your Apple ID and set a passcode on your device. Some features also require recent software, generally iOS 13 or later. With two-factor authentication, your account can be accessed only on devices you trust, like your iPhone, iPad, or Mac. Keeping your software up to date, using two-factor authentication for your Apple ID, and protecting your device with a passcode—or password on Mac—Face ID, or Touch ID are the most important things that you can do to maintain the security of your devices and data.


Data types and encryption

Here's more detail on how iCloud protects your data.

Data Encryption  Notes
Backup In transit & on server A minimum of 128-bit AES encryption
Calendars In transit & on server
Contacts In transit & on server
iCloud Drive In transit & on server
Notes In transit & on server
Photos In transit & on server
Reminders In transit & on server
Siri Shortcuts In transit & on server
Voice Memos In transit & on server
Wallet passes In transit & on server
iCloud.com In transit All sessions at iCloud.com are encrypted with TLS 1.2. Any data accessed via iCloud.com is encrypted on server as indicated in this table.
Mail In transit All traffic between your devices and iCloud Mail is encrypted with TLS 1.2. Consistent with standard industry practice, iCloud does not encrypt data stored on IMAP mail servers. All Apple email clients support optional S/MIME encryption.
Apple Card transactions End-to-end  
Health data End-to-end
Additional info below
Home data End-to-end  
Keychain End-to-end Includes all of your saved accounts and passwords
Maps Favorites, Collections and search history End-to-end  
Memoji End-to-end  
Messages in iCloud End-to-end Additional info below
Payment information End-to-end  
QuickType Keyboard learned vocabulary End-to-end  
Safari History, Bookmarks, and iCloud Tabs End-to-end  
Screen Time End-to-end  
Siri information End-to-end Includes Siri settings and personalization, and if you have set up Hey Siri, a small sample of your requests
Wi-Fi passwords End-to-end  
W1 and H1 Bluetooth keys
End-to-end  

Additional information


iCloud Data Recovery Service

If you forget your password or device passcode, iCloud Data Recovery Service can help you decrypt your data so you can regain access to your photos, notes, documents, device backups, and more. Data types that are protected by end-to-end encryption—such as your Keychain, Messages, Screen Time, and Health data—are not accessible via iCloud Data Recovery Service. Your device passcodes, which only you know, are required to decrypt and access them. Only you can access this information, and only on devices where you're signed in to iCloud.

Messages in iCloud

For Messages in iCloud, if you have iCloud Backup turned on, your backup includes a copy of the key protecting your messages. This ensures you can recover your messages if you lose access to your Keychain and your trusted devices. When you turn off iCloud Backup, a new key is generated on your device to protect future messages and isn't stored by Apple.

Health data

If you back up your device on your Mac or iTunes, Health data is stored only if the backup is encrypted. Learn more about managing your Health data.


Privacy

Apple believes that privacy is a human right. Our Privacy Policy covers how we collect, use, disclose, transfer, and store your information. And in addition to adhering to the Apple Privacy Policy, Apple designs all iCloud features with your privacy in mind.

Learn more

Learn more about advanced security features in Apple products.

 

Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. Contact the vendor for additional information.

Published Date: