Three major tech companies now offer enhanced security features designed to block sophisticated spyware that can infect devices without any user action.
Apple, Meta and Google have deployed special security modes in response to so-called “zero-click” attacks, which allow hackers to compromise phones and applications without requiring targets to click malicious links or download infected files.
The security features represent a defensive shift as commercial spyware has grown more advanced. Governments and private actors have increasingly deployed tools that exploit unknown software vulnerabilities to silently breach devices.
Apple introduced Lockdown Mode in iOS 16 in 2022, according to the company’s security documentation. The feature restricts certain functionalities to reduce attack surfaces available to spyware.
When activated, Lockdown Mode blocks most message attachment types except images. It also disables link previews in Messages and restricts web browsing technologies frequently exploited in attacks, including some JavaScript compilations.
FaceTime calls from users not previously contacted are blocked. The mode also prevents configuration profiles and device enrollment in mobile device management systems while active.
Users can enable Lockdown Mode through Settings, then Privacy & Security. Apple warns the feature significantly limits device functionality and recommends it only for individuals who believe they face targeted attacks from state-sponsored actors or mercenary spyware firms.
Meta offers similar protections through its WhatsApp messaging platform. The company introduced Device Verification in 2023 to authenticate that messages come from legitimate sources rather than compromised or spoofed devices.
The system works by cryptographically verifying the sending device’s identity. WhatsApp performs these checks in the background without requiring user action, according to Meta’s security team.
Meta also implemented automatic security codes that let users verify they communicate with intended recipients. The app displays warnings when security codes change, which can indicate a potential account takeover or device compromise.
Google deployed Enhanced Safe Browsing across Android and Chrome in 2020, then expanded features in subsequent updates. The mode provides real-time protection against malicious websites and downloads by checking URLs against Google’s constantly updated threat database.
Enhanced Safe Browsing also scans files before download and warns users about suspicious extensions or apps. The system shares more data with Google than standard protections, including browsing history and sample content from pages visited.
Android users activate the feature through Settings, then Google, then Manage your Google Account, followed by Security. Chrome users access it through browser settings under Privacy and Security.
Security researchers have documented growing use of commercial spyware against journalists, activists and dissidents. NSO Group’s Pegasus software has infected devices in multiple countries despite Apple and Meta’s legal efforts against the Israeli firm.
WhatsApp sued NSO Group in 2019 after discovering the company exploited a vulnerability affecting 1,400 users across four continents. Apple sued NSO in 2021 and notified affected users.
The enhanced security modes impose tradeoffs. Apple’s Lockdown Mode disables features many users consider essential, including some website functionality and instant photo sharing.
Google’s Enhanced Safe Browsing requires sharing additional data with the company, raising privacy concerns for users seeking protection from both hackers and corporate data collection.
Security experts generally recommend most users avoid these modes unless they face specific threats. The features can interfere with normal device operation and daily workflows.
Still, the modes provide options for high-risk individuals including human rights workers, political opposition figures and investigative journalists working in hostile environments.
