This may seem to be a strange question but how can you be sure who is actually texting you? Your phone may show you that you are texting with your friend or company IT support but there are ways for hackers to spoof who they appear to be or even easier an inquisitive significant other is using the phone!
Now Apple is introducing a personal verification service for iMessage users that will enable people to easily verify who they are talking to:
Blog – Advancing iMessage security: iMessage Contact Key Verification – Apple Security Research
That article is very technical – Bruce Schneier has the key points here:
Apple to Add Manual Authentication to iMessage – Schneier on Security
Contact Key Verification will involve the swapping of verification codes via channels outside of iMessage and independent of Apple servers – in simple terms “with for example a phone call” so people will absolutely know who they are texting with.
Now iMessage is already very secure for most of us as it uses end-to-end-encryption (E2EE) – Contact Key Verification is a level of security being offered to all of us but probably of more use to journalists, politicians, activists, 007 etc.. Of course the UK Government does not like E2EE and have recently passed the Online Safety Act which will oblige vendors to compromise this type of security. They probably will not like this either.
Clive Catton MSc (Cyber Security) – by-line and other articles
Further Reading
Online Safety Bill articles (Smart Thinking Solutions)
Online Safety Act publications – Parliamentary Bills – UK Parliament
