A new iOS 27 framework will help apps fight back against social engineering scams as they unfold via voice calls, text messages, emails, and more. Here are the details.

Details on the new Trust Insights framework

With iOS 27, Apple is introducing a framework called Trust Insights that can alert apps when a user may be falling victim to a scam.

As Apple explains, social engineering scams are harder to detect automatically because the user is often the one carrying out the actions, “authenticated and legitimately.”

In recent years, tech support scams, authority impersonation, and family emergency fraud have become increasingly common, particularly as AI deepfakes have grown more accessible.

To counter that, Apple is introducing a framework that runs mostly on-device, analyzing “interaction patterns, timing, context, and basic sensor data.”

If it detects signs that a user may be getting coached through a scam, Trust Insights can assign a medium or high risk level, allowing the app to add warnings, delays, or additional verification steps.

Apple stresses that Trust Insights doesn’t inspect the contents of Photos, Messages, or Mail. Instead, it analyzes behavioral signals on-device, immediately discards the underlying data, and sends only a single output value to Apple’s servers.

That value may then be combined with information from the user’s Apple Account and checks for unusual activity before Trust Insights returns its final assessment of the suspected scam.

Apple says that although users can disable Trust Insights in Settings, there may be a cooldown period meant “to protect users who may have themselves been coached into turning it off.”

Initially, Trusts Insights will cover five main operation categories. From the WWDC session:

  • .payment: any exchange of assets, content, or money, including in-game purchases.
  • .account: updating account details or security information.
  • .resourceUse: requests to costly or constrained infrastructure, such as AI inference.
  • .communication: sending messages, submitting forms, or signing documents.
  • .other: a fallback for operations that don’t fit the above.

Apple adds that developers should submit feedback through Feedback Assistant if their use case falls under .other. The company also asks developers to report how Trust Insights affected each transaction and, when possible, flag cases that were later confirmed as fraud to help improve the system.

To learn more about the upcoming Trusts Insights framework, follow this link.

Worth checking out on Amazon

FTC: We use income earning auto affiliate links. More.