{"id":487946,"date":"2026-02-20T16:02:13","date_gmt":"2026-02-20T16:02:13","guid":{"rendered":"https:\/\/www.newsbeep.com\/ca\/487946\/"},"modified":"2026-02-20T16:02:13","modified_gmt":"2026-02-20T16:02:13","slug":"security-bite-the-two-biggest-security-upgrades-in-ios-26-4-explained","status":"publish","type":"post","link":"https:\/\/www.newsbeep.com\/ca\/487946\/","title":{"rendered":"Security Bite: The two biggest security upgrades in iOS 26.4 explained"},"content":{"rendered":"

\t\"\"<\/p>\n

9to5Mac Security Bite is exclusively brought to you by\u00a0Mosyle, the only Apple Unified Platform.<\/a>\u00a0Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost.\u00a0Request your EXTENDED TRIAL<\/a>\u00a0today and understand why Mosyle is everything you need to work with Apple.<\/p>\n

Earlier this week, Apple surprised users with the first iOS 26.4 beta<\/a> for the iPhone. Many were disappointed (including me) when the update didn\u2019t include the much-anticipated improvements to the estranged Siri assistant. However, this was nowhere near a featureless update. iOS 26.4 beta 1 introduced at least forty new features and changes<\/a>, including notable upgrades to RCS and Stolen Device Protection.<\/p>\n

\"\"\/<\/a><\/p>\n

E2EE for RCS messaging (beta)<\/p>\n

\"\"Encrypted RCS message thread label in iOS 26.4 beta 1<\/p>\n

Back in March 2025, which is the equivalent of a decade in tech years, Apple announced<\/a> that it was leading a cross-industry effort to bring end-to-end encryption (E2EE) to the RCS Universal Profile. Previously, I predicted this would be unveiled at WWDC25. That didn\u2019t happen. In fact, it was nearly a year of radio silence from Apple until this week, when the company dropped the first iOS 26.4 beta, finally offering the first signs of life for a feature I was beginning to think was DOA.<\/p>\n

Apple added RCS support<\/a> to iPhone in iOS 18 beta 2, to better the messaging experience with Android users. It was a welcoming move for people with parents who refused to get an iPhone (Hi, Dad).<\/p>\n

Unlike the now-old industry standard SMS, RCS offers familiar features such as read receipts, the classic typing indicator animation, audio messages, and improved image size and quality, but it also adds the ability for enhanced privacy and security.<\/p>\n

The keyword here is \u201cability.\u201d<\/p>\n

There\u2019s a common misconception that RCS comes with E2EE baked in, but that\u2019s not the case. Google\u2019s Messages app is basically to blame. It was one of the most widely used RCS clients, which offers E2EE between Android devices as an extra layer of security for those using the service. This is similar to how iMessage provides E2EE exclusively between Apple devices.<\/p>\n

When an iPhone communicates with a non-Apple device via RCS, messages are only encrypted in transit using transport-layer encryption (like TLS). While this protects against basic interception during transmission, it doesn\u2019t guarantee that messages cannot still be accessible server-side, unlike E2EE, where only the sender and recipient can read the content.<\/p>\n

In iOS 26.4 beta 1, the option to test the feature is now available. Apple does state that not all carriers and devices support encrypted RCS messages, though. You\u2019ll know if it was established by the message thread being labeled \u201cEncrypted.\u201d I haven\u2019t had much luck getting existing threads to switch to E2EE. As of now, this feature appears to only apply to newly created ones.<\/p>\n

\"\"RCS message thread not encrypted end-to-end on iOS 26.4 beta 1<\/p>\n

Stolen Device Protection is now on by default<\/p>\n

iPhone thefts are still common, especially in parts of Europe<\/a>. Stolen Device Protection is Apple\u2019s solution to protect data stored on an iPhone. Now it\u2019s on by default!<\/p>\n

The feature came about after the Wall Street Journal\u2019s Joanna Stern<\/a> published an investigative report on the rise of iPhone<\/a> thieves around restaurants and bars.<\/p>\n

The attacks were typically carried out by observing victims enter their passcode before stealing the device, changing their Apple ID password, and turning off Find My iPhone to prevent remote tracking or wiping. From here, a thief can lock victims out of accounts (i.e., Venmo, CashApp, other banking apps, etc) by using passwords saved to the Keychain password manager.<\/p>\n

Stolen Device Protection completely thwarts this vulnerability in two key ways. The feature requires Face ID or Touch ID authentication (with no passcode fallback) before users can change important security settings like Apple ID passwords or device passcodes.<\/p>\n

It also enacts a one-hour security delay before users can change critical security settings. Designed to give victims time to mark an iPhone<\/a> as lost (and wipe it) before a thief can make changes. This can be set to \u201cAlways\u201d or \u201cAway from Familiar Locations.\u201d<\/p>\n

\"\"Stolen Device Protection in iOS 26.4 beta 1<\/p>\n

Let me know in the comments if you have a favorite security feature on iOS or on Mac.<\/p>\n

Follow Arin: Twitter\/X<\/a>, LinkedIn<\/a>, Threads<\/a><\/p>\n

Subscribe to the 9to5Mac Security Bite podcast<\/a> for biweekly deep dives into the latest headlines and interviews with leading Apple security experts:<\/p>\n

\t\t
\n\t\t\t\"Add
\n\t\t\t\"Add
\n\t\t<\/a><\/p>\n

FTC: We use income earning auto affiliate links. More.<\/a><\/p>\n

\"\"<\/a>\t\t\t\t