Using Find My to locate missing Apple devices
Any Apple devices within Bluetooth range that have offline finding enabled can detect a signal from another Apple device configured to allow Find My and read the current broadcast key Pi. Using an ECIES construction and the public key Pi from the broadcast, the finder devices encrypt their current location information and relay it to Apple. The encrypted location is associated with a server index which is computed as the SHA256 hash of the P-224 public key Pi obtained from the Bluetooth payload. Apple never has the decryption key, so Apple can’t read the location encrypted by the finder. The owner of the missing device can reconstruct the index and decrypt the encrypted location.
When trying to locate the missing device, an expected range of counter values is estimated for the location search period. With the knowledge of the original private P-224 key d and secret values SKi in the range of counter values of the search period the owner can then reconstruct the set of values {di, SHA256(Pi)} for the entire search period. The owner device used to locate the missing device can then perform queries to the server using the set of index values SHA256(Pi) and download the encrypted locations from the server. The Find My app then locally decrypts the encrypted locations with the matching private keys di and shows an approximate location of the missing device in the app. Location reports from multiple finder devices are combined by the owner’s app to generate a more precise location.
Locating devices that are offline
If a user has Find My iPhone enabled on their device, offline finding is enabled by default when they upgrade a device to iOS 13 or later, iPadOS 13.1 or later, and macOS 10.15 or later. This is designed to ensure that every user has the best possible chance to locate their device if it goes missing. However, if at any time the user prefers not to participate, they can disable offline finding in Find My settings on their device. When offline finding is disabled, the device no longer acts as a finder nor is it detectable by other finder devices. However, the user can still locate the device as long as it can connect to a Wi-Fi or cellular network.
When a missing offline device is located, the user receives a notification and email message to let them know the device has been found. To view the location of the missing device, the user opens the Find My app and selects the Devices tab. Rather than showing the device on a blank map as it would have prior to the device being located, Find My shows a map location with an approximate address and information on how long ago the device was detected. If more location reports come in, the current location and time stamp both update automatically. Although users can’t play a sound on an offline device or erase it remotely, they can use the location information to retrace their steps or take other actions to help them recover it.