All the what's new in iOS 12 They do not lie at the design level, but at the level of functionality. This new major software update provides the user with greater privacy and new functions that improve their user experience. The security and privacy They are two of the most important axes of the operating system, so there are many functions dedicated to this.
One of them is what is known as Auto Fill or, in Spanish, self-filling of security codes, a tool that allows us to decrease the time when inserting security codes that arrive in the form of SMS in different services. In recent days, doubts have arisen about the safety of this function and, therefore, there are two camps: the detractors and the defenders.
IOS 12 Key Autofill Lose Human Component?
iOS 12 contains many surprises at the level of small functions that we have been discovering with the different betas that Apple releases over the weeks. The security key auto-fill it was presented at WWDC as a user facility. Many services offer users keys in the form of text messages (SMS) that they have to enter into an application to finally be able to access the platform. Until now in that process the user had to participate actively copying and pasting the code from the SMS, but with the function we are talking about the process is automated.
The unique access codes that you receive by SMS appear automatically as Autofill suggestions, so you don't have to worry about memorizing or entering them.
A developer from the Cambridge Innovation Center on the OneSpan platform, Andreas Gutmann, has produced a lengthy paper in which calls into question reliability and safety of the process that takes place in the new feature of iOS 12. In it he talks about the active role that is lost with the autofill function. Gutmann says that an important aspect of authentication is the human validation process, and if this component is lost the user can be a target of «man-in-the-middle attacks, phishing or other social engineering attacks ».
In Android in various applications the code was already set automatically when receiving the sms