Apple Platform Security
- Welcome
- Intro to Apple platform security
-
- Encryption and Data Protection overview
- Passcodes and passwords
-
- Data Protection overview
- Data Protection
- Data Protection classes
- Keybags for Data Protection
- Protecting keys in alternate boot modes
- Protecting user data in the face of attack
- Sealed Key Protection (SKP)
- Activating data connections securely in iOS and iPadOS
- Role of Apple File System
- Keychain data protection
- Digital signing and encryption
-
- Services security overview
-
- Apple Pay security overview
- Apple Pay component security
- How Apple Pay keeps users’ purchases protected
- Payment authorization with Apple Pay
- Paying with cards using Apple Pay
- Contactless passes in Apple Pay
- Rendering cards unusable with Apple Pay
- Apple Card security
- Apple Cash security
- Tap to Pay on iPhone
- Secure Apple Messages for Business
- FaceTime security
- Glossary
- Document revision history
- Copyright
Legacy Contact security
If a user wants their iCloud data to be accessible to designated beneficiaries after their death, they can set up Legacy Contacts on their account. A Legacy Contact beneficiary gains access to all of the decedent’s iCloud data, including almost all end-to-end encrypted data but excluding iCloud Keychain data like account passwords. The technology underlying Legacy Contact is similar to how Recovery Contact works—a strong random key that is split between Apple and the legacy contact, so that neither can decrypt any data by themselves. A beneficiary receives the same classes of data whether or not the user turned on Advanced Data Protection.
The keying information a beneficiary receives is referred to as an access key in user-facing documentation, and is saved automatically on supported devices, but can also be printed and stored offline for use. For more information, see the Apple support article How to add a Legacy Contact for your Apple ID.
After the user’s death, Legacy Contacts sign in to the Apple claim website to initiate access. This requires a death certificate and is authorized in part with the authorization secret mentioned in the previous section. After all the security checks are completed, Apple issues a user name and password for the new account and releases the necessary keying information to the Legacy Contact.
To more easily input the access key when needed, it’s presented as an alphanumeric code with an associated QR code. After it’s entered, access to the decedent’s iCloud data is restored. This can be performed on a device, or access can be established online. For more information, see the Apple Support article Request access to an Apple account as a Legacy Contact.