A New Apple System Monitors Fraud Indicators Before Sensitive Transactions
SadaNews - "Apple" is working on adding a new layer of protection to the "iOS 27" system, which not only verifies the user's identity but also tries to assess whether they are performing a sensitive action voluntarily or under pressure or guidance from a fraudster.
The company introduced a new framework called "Trust Insights" during the Worldwide Developers Conference "WWDC 2026" that allows applications to request a behavioral assessment before executing certain operations, such as transferring money, modifying account information, or granting remote access. The technology focuses on fraud based on social engineering, where the attacker persuades the victim to perform the action themselves rather than directly hacking the device.
Face or Fingerprint Verification
Traditional security measures successfully ensure that the account owner is the one performing the operation, but they cannot always tell if the user is acting freely. In some fraud cases, the attacker stays in contact with the victim through a call or chat, guiding them step-by-step to send money or share sensitive information.
The patterns targeted by the technology include technical support fraud, impersonation of banks or government entities, and family emergency operations that rely on urgent financial requests, possibly using AI-generated images or voices to increase persuasion.
"Apple" clarifies that multi-factor authentication or biometric verification do not prevent this type of fraud, because the actual user is the one who agrees to the transaction. Thus, the new system relies on behavioral context, not just identity proof.
Not a Definitive Judgment
Developers can integrate "Trust Insights" within their applications and then request an assessment when the user reaches a high-risk step. The system returns three possible outcomes: the first is "Unknown," meaning there is insufficient evidence of fraudulent guidance, but it does not necessarily mean the operation is safe. The intermediate result indicates some risk indicators, while a high result indicates stronger evidence that the user may be under pressure or guidance. After that, the application decides how to handle the result. It may display a warning message, request additional verification, add a waiting period, or refer the operation for human review. "Apple" does not recommend blocking a transaction based solely on this signal, but rather integrating it with other risk management tools within the application.
Five Categories of Actions
The framework divides the operations that can be assessed into five main categories, including payments and transfers of money or assets, modification of account or security information, usage of expensive or limited resources, sending messages and forms, signing documents, in addition to a general category for other actions. The company points out that the system may be particularly useful when executing a large financial transfer, deleting an account, exporting personal data, adding a new device, granting remote access, or sharing sensitive passwords and documents. The assessment requires an internet connection and may take a few seconds, as the processing combines device capabilities with the "Apple" cloud infrastructure.
Maintaining Privacy
"Apple" states that "Trust Insights" analyzes interaction patterns, timing, context, and some basic sensor data, but does not read the content of images, messages, or emails. The data processed from the device is done locally, and inputs are deleted immediately after the assessment. Only a single output, indicating the level of risk, leaves the device. The system may combine this output with some signals from the "Apple" account or transaction frequency rates for additional context. Users also have the ability to disable the feature from settings. A waiting period may be applied after being disabled to limit the likelihood that a fraudster will ask the victim to disable protection just before executing the transaction.
An Example of Intervention
"Apple" presented an example of a user preparing to send a large amount of money to someone claiming to be a doctor treating a family member. If the system detects a medium level of guidance risk, the banking app can display a warning and add a delay before executing the transfer. This grace period allows the user to verify the story away from the pressure created by the fraudster. Additionally, the app can refer the process for human review or raise the level of verification, depending on the nature of the service and the level of risk.
Protection and Application Adoption
The technology does not mean that every "iPhone" will automatically prevent fraud as soon as "iOS 27" is installed. The framework is directed at developers, requiring its addition to applications and obtaining the necessary permissions in "Xcode." Additionally, the responses may vary from one application to another, depending on the policies of the bank, payment company, or service provider. The technology is still in the experimental development stage, meaning that its details may change before the final release. However, the fundamental idea represents a shift in the protection approach, from asking: "Is this the account owner?" to a more complex question: "Is this decision being made freely, or is it being executed under the guidance of another person?"
Usernames on WhatsApp Spark Debate Between Privacy and Fraud Risks
10 Films That Marked the First Half of This Year
A New Apple System Monitors Fraud Indicators Before Sensitive Transactions
New Drug Gives Hope to Pancreatic Cancer Patients
How to benefit from taking vitamins and dietary supplements?
Study: Experimental Drug Promises Treatment for Patients with Life-Threatening Respiratory...
A Recent Study Explains... Why Did the Antarctic Freeze Before the Arctic?