Safety New in iOS 27iOS 27+ Demo

Trust Insights Framework

Trust Insights is a new iOS 27 framework that provides behavioral context signals to help apps detect whether a user may be under social engineering or coercion during sensitive operations. It uses on-device ML combined with Apple cloud signals to produce a coaching-risk level without exposing personal content.

TrustInsights

Impact

3/5

Why you should care

• Fills a critical security gap: MFA and biometrics can't detect a legitimate user acting under duress — Trust Insights provides a coercion-risk signal that existing auth mechanisms cannot

• Privacy-first design: device-sourced signals never leave the device, inputs are discarded after evaluation, and users can disable it in Settings

• Plugs into existing risk logic at high-value moments (large transfers, account changes, remote access grants) and requires minimal client-side integration

Tiny Demo

Medium

Demonstrates how to configure an InsightEvaluator, request an IsLikelyBeingCoachedInsight for a payment operation, interpret the result, and submit the mandatory consumption feedback.

import SwiftUI
import TrustInsights

struct MoneyTransferView: View {
    @State private var transferAmount: Double = 2500
    @State private var riskLevel: String = "Not evaluated"
    @State private var isEvaluating = false
    @State private var showCoachingWarning = false

    var body: some View {
        VStack(spacing: 24) {
            Text("Transfer $\(transferAmount, specifier: "%.0f")")
                .font(.title)

            Text("Risk level: \(riskLevel)")
                .foregroundStyle(riskColor)

            if showCoachingWarning {
                Label("Unusual activity detected. Are you being assisted by someone right now?", systemImage: "exclamationmark.shield.fill")
                    .padding()
                    .background(.yellow.opacity(0.2), in: RoundedRectangle(cornerRadius: 12))
            }

            Button("Send Money") {
                Task { await evaluateAndTransfer() }
            }
            .buttonStyle(.borderedProminent)
            .disabled(isEvaluating)
        }
        .padding()
    }

    var riskColor: Color {
        switch riskLevel {
        case "high": return .red
        case "medium": return .orange
        default: return .secondary
        }
    }

    func evaluateAndTransfer() async {
        isEvaluating = true
        defer { isEvaluating = false }

        // 1. Build the insight parameter pack
        let insightParams = IsLikelyBeingCoachedInsight.Parameters(schema: .v1)

        // 2. Create the evaluation request
        let evaluation = InsightEvaluation(insightParameters: insightParams)

        // 3. Provide context about what the user is doing
        let context = InsightContext(
            operationCategory: .payment,
            evaluations: [evaluation]
        )

        // 4. Create the evaluator
        let evaluator = InsightEvaluator(context: context)

        // 5. Check authorization before proceeding
        guard await evaluator.authorizationStatus == .authorized else {
            riskLevel = "Not authorized"
            return
        }

        do {
            // 6. Request evaluation (may take a couple of seconds)
            let response = try await evaluator.requestEvaluation()

            guard let result = response.results.first else { return }

            // 7. Interpret the coaching insight value
            switch result.insight {
            case let coached as IsLikelyBeingCoachedInsight:
                switch coached.value {
                case .high:
                    riskLevel = "high"
                    showCoachingWarning = true
                    // Submit mandatory consumption feedback
                    await result.reportConsumption(.usedIncreasedFriction)
                case .medium:
                    riskLevel = "medium"
                    showCoachingWarning = true
                    await result.reportConsumption(.usedIncreasedFriction)
                case .unknown:
                    riskLevel = "unknown"
                    // unknown ≠ safe; proceed normally but stay alert
                    await result.reportConsumption(.usedUnchangedFriction)
                default:
                    await result.reportConsumption(.usedUnchangedFriction)
                }
            default:
                await result.reportConsumption(.usedEvaluationOnly)
            }
        } catch {
            riskLevel = "Error: \(error.localizedDescription)"
        }
    }
}

Source map

Meet Trust Insights

wwdc session · Official

Gotchas

• Requires a special entitlement configured in Xcode before the API is accessible • requestEvaluation() is async and can take several seconds — plan UI accordingly with animations or interstitials • reportConsumption() is MANDATORY after every evaluation; omitting it will cause rate-limiting • unknown should never be interpreted as low risk — it means no evidence was found, not that the user is safe • Blocking a transaction solely on a trust insight is explicitly discouraged by Apple

Requirements

Requires Internet reachability at evaluation time; sandbox environment used during development, production models used after App Store distribution; users can disable Trust Insights in Settings (with a cooldown period)

More iOS 27 APIs land every week.

Get notified when new capabilities are published — no noise, just signal.

All capabilities