Apple Platform Security
- Welcome
- Intro to Apple platform security
-
- System security overview
- Signed system volume security
- Secure software updates
- Rapid Security Responses
- Operating system integrity
- BlastDoor for Messages and IDS
- Lockdown Mode security
- System security for watchOS
- Random number generation
- Apple Security Research Device
-
- Services security overview
-
- Apple Pay security overview
- Apple Pay component security
- How Apple Pay keeps usersโ purchases protected
- Payment authorization with Apple Pay
- Paying with cards using Apple Pay
- Contactless passes in Apple Pay
- Rendering cards unusable with Apple Pay
- Apple Card security
- Apple Cash security
- Tap to Pay on iPhone
- Secure Apple Messages for Business
- FaceTime security
- Glossary
- Document revision history
- Copyright
SiriKit security for iOS, iPadOS, and watchOS
Siri uses the app extension system to communicate with third-party apps. On a device, Siri can access the userโs contact information and the deviceโs current location. But before it provides protected data to an app, Siri checks the appโs user-controlled access permissions. According to those permissions, Siri passes only the relevant fragment of the original user utterance to the app extension. For example, if an app doesnโt have access to contact information, Siri wonโt resolve a relationship in a user request such as โPay my mother 10 dollars using Payment App.โ In this case, the app would see only the literal term โmy mother.โ
However, if the user has granted the app access to contact information, the app would receive resolved information about the userโs mother. If a relationship is referenced in the body portion of a messageโfor example, โTell my mother on MessageApp that my brother is awesomeโโSiri doesnโt resolve โmy brotherโ regardless of the appโs permissions.
SiriKit-enabled apps can send app-specific or user-specific vocabulary to Siri, such as the names of the userโs contacts. This information allows Siriโs speech recognition and natural language understanding to recognize vocabulary for that app and is associated with a random identifier. The custom information remains available as long as the identifier is in use, or until the user disables the appโs Siri integration in Settings, or until the SiriKit-enabled app is uninstalled.
For an utterance like โGet me a ride to my momโs home using RideShareApp,โ the request requires location data from the userโs contacts. For that request only, Siri provides the required information to the appโs extension, regardless of the user permission settings for location or contact information for the app.