Apple’s tracking-optional iOS 14.5 update provides privacy-preserving features, giving users the ability to opt-out of being followed around the Internet via “trackers” in their apps. This privacy-driven iOS 14.5 update contains a feature that redirects all fraudulent website checks through its own proxy servers. Apple’s released this as a part of their strategy to protect user privacy and prevent leaking IP addresses to Google and Facebook. Facebook makes 98% of its revenue from advertising.  An unknown portion of that advertising revenue will be impacted by these changes in Apple’s privacy initiative.

Facebook’s Concern

Facebook is contemplating suing Apple, and Apple is standing their ground. Facebook has the ability to deliver these personalized advertisements through tracking user data; that’s why after searching for a new Tesla on Google, users see Tesla and electric car ads everywhere they go. Facebook’s reasoning was described in a recent blog post: 

“Every business starts with an idea, and being able to share that idea through personalized ads is a game-changer for small businesses. Limiting the use of personalized ads would take away a vital growth engine for businesses.”

Facebook is exhausting all resources to try and preserve the revenue that they could be losing, finding a way to still have Apple user’s data harvested. Facebook discovered that the new Apple update will be presenting a pop-up, referred to as a “privacy nutrition label”. The pop-up is a displayed message telling users what tracking data is gathered by the mobile app they’re using and asking for permission to allow it. Facebook determined they will do the same to ensure users are making a “more informed decision” by providing another pop-up asking the user to reconsider the denied data access. 

How Does This Work?

The main new feature is built-in to the Safari browser, the ‘Fraudulent Website Warning‘ alerts users of dangerous websites that have been reported as deceptive, malicious, or harmful. To accomplish this, Apple relies on Google’s ‘Safe Browsing’, a block-list tool that provides a list of URLs for websites that contain malware or phishing content. Apple uses data from Google’s block-list, comparing it to the URLs their users are attempting to visit and either letting them through or blocking the site, depending on the level of risk. 

Apple found that when they use this too that it does leak the IP address of the device from which the check was made, going against their intention of ‘leaking IP addresses to Google’. However, with iOS 14.5, all these verifications will be re-routed through an Apple-owned proxy server. This makes all requests appear to originate from the same IP address (Apple’s server IP), protecting user privacy by not showing their personal IP address.

How Can I Set Up My Privacy Tools?

Be on the lookout for the upcoming update, but iOS 14.5 won’t be officially released until Spring of 2021. Some features are available now on your devices to improve your privacy. If you’re using Safari on your devices, you can edit these preferences to remove and block data that websites can use to track you. To view these preferences and find the tools shown below, go to Settings > Safari on your device.

Prevent Cross-Site Tracking

Some websites use third-party content providers. A third-party content provider can track you across websites to advertise products and services. With this option turned on, tracking data is periodically deleted unless you visit the third-party content provider.

Fraudulent Website Warning

Fraudulent or malicious website warnings happen today inside Safari, but not as rigorously as the feature being rolled out in the upcoming update. When enabled, it will display a warning if the website you are visiting is a suspected phishing website. CyberHoot strongly recommends having this feature turned on, as it can help prevent an accidental visit to a malicious site. 

Private Browsing

When Private Browsing is enabled, Safari doesn’t remember the pages you visit, AutoFill information, and your open tabs aren’t stored in iCloud. Websites can’t modify information stored on your device, so services normally available at such sites may work differently until you turn off Private Browsing. To confirm that Private Browsing is enabled, the address bar appears dark instead of light.

Check for Apple Pay

When you are in an app or on a website that uses Apple Pay on an iPhone, iPad, or Apple Watch, the website can check if you have Apple Pay enabled on your device and use it for secure payments. You may disable websites you visit from checking if Apple Pay is enabled by going to the “Check for Apple Pay” setting on your iOS or iPadOS device in Settings > Safari > Privacy and Security.

CyberHoot recognizes Apple Pay as one of the most secure payment methods available online today and recommends using it whenever possible for payments.

Concluding Thoughts from CyberHoot

By using these features, you agree and consent to Apple’s and its subsidiaries’ and agents’ transmission, collection, maintenance, processing, and use of this information as described above.

To learn more about the upcoming iOS 14.5 update and its new features, watch this short video: