As rumors suggested, Apple merged its ‘Find My Friends’ and ‘Find My iPhone’ app into a new app called ‘Find My.’ Today, Apple has detailed to Wired how the app works and how it tracks devices by deploying a genius cryptography even when they are offline. The new ‘Find My’ app uses Bluetooth signals from nearby Apple devices to track your device without any cellular connectivity.
When Craig Federighi described the app and its functioning at WWDC 2019, he said that the app uses an “end-to-end encrypted and anonymous” mechanism that ensures that only you can track your device and not even Apple can identify its location.
It is a noteworthy fact that iOS 13’s FindMy offline mode requires you to have two Apple devices. The second device will hold the key that will decrypt the key to track the location of your lost device.
How does Offline tracking work?
Apple has further explained how the app deploys a complex cryptographic technique that involves a constant Bluetooth signal emitted by both the devices. These signals contain a constantly changing key that are picked up by nearby Apple devices for encrypting and uploading your geolocation on Apple servers.
However, the location data can only be decrypted by your second device as only it has the keys to decrypt it.
Since the public key is frequently “rotating,” it is virtually impossible for anyone to intercept the Bluetooth signals and track your location.
For example, if someone steals your iPhone and puts it on Airplane mode. The iOS device will continuously emit a rotating public key via Bluetooth. Any nearby iOS or macOS device will pick up this signal and will encrypt its location data using the public key emitted in the Bluetooth signals. The public key doesn’t contain any personal identifier that could be used to track the owner of the device.
The nearby iPhone or macOS device will upload the encrypted location and a hash of the lost iPhone’s public key. Since only your second device has the private key to decrypt the location, nobody else can track it — not even Apple.
However, the second device’s has of the public key won’t be the same as your iPhone’s public key as it is continuously rotating. Apple hasn’t explained how it will work but it is possible that all the previous public keys could be published and then Apple could apply an algorithm to pull the previous location of the lost device.
It is a complex mechanism but if Apple manages to pull it off successfully, it could be a great method to track the location of offline devices while ensuring that users’ privacy is not compromised.
What do you think about the new ‘Find My’ app? Tell us in the comments below. You can read more about the working of the app on Wired.