Meet Trust Insights

Hi, I'm Mike Armstrong, Engineering Manager at Apple. In this video, you'll learn how to use Trust Insights to detect and respond to social engineering threats in your app. Social scams are a growing challenge. Attacks that target people not systems.

Social engineering exploits human psychology rather than technical vulnerabilities. Your users may be pressured, frightened, or deceived into performing legitimate actions.

And your app can't tell the difference between a genuine and coerced intent.

Across the industry and from partner feedback, several recurring coercion patterns stand out. Tech support scams, where fake alerts prompt remote access, deceiving the user into handing over control.

Authority impersonation, posing as banks, government agencies, or law enforcement to collect sensitive information.

And family emergency fraud, with urgent requests for money that exploit emotional bonds increasingly using AI-generated deepfakes.

Real-time coaching makes detection especially difficult. Attackers guide victims through actions via voice calls, chat, or messaging. The user then performs the actions themselves authenticated and legitimately.

Existing protections like multi-factor-authentication and biometrics don't help in this scenario, because the user is the one acting.

A new kind of signal is needed.

Authentication confirms who, but not whether they're acting freely.

Behavioral context can help distinguish genuine intent from a coerced action.

Critically, this signal must preserve privacy while still protecting users.

Trust Insights, a framework introduced in iOS 27, provides a new approach to help your app understand this behavioral context. I'll take you through how to integrate Trust Insights into your app, cover the requirements for using the API, explain its privacy architecture, and wrap up with an example of how your app could respond to a trust signal.

Starting with generating insights. Trust Insights is a framework that combines device and cloud infrastructure, but your integration is entirely client-side, using a Swift API.

The first step is configuration. Generating Trust Insights requires an entitlement. Configure this in Xcode by declaring the capability on your app target.

After importing Trust Insights, the next step is to create a parameter pack containing the insights to request. A schema is required, but modelVersion is optional. Specifying both a current and prior version of the same insight can support model governance and validation.

The InsightEvaluator accepts multiple insights. In its context, specify the operationCategory and the evaluations.

The operation category tells the system what kind of action the user is performing and determines which model logic is applied.

Five categories are available.

payment: any exchange of assets, content, or money, including in-game purchases.

account: updating account details or security information.

resourceUse: requests to costly or constrained infrastructure, such as AI inference.

communication: sending messages, submitting forms, or signing documents. And other: a fallback for operations that don't fit the above. If your use case lands here, please file feedback through Feedback Assistant. Next create your InsightEvaluator, passing in your InsightContext. As your user has full control over the usage of Trust Insights, you should check if your app is authorized. If not, you may want to notify the user.

You're ready to go. Asynchronously call requestEvaluation. Take note. This can take a couple of seconds to provide a result and requires Internet reachability. It's important to consider where in your user experience or flow you have this code. You may want to take advantage of existing animations or interstitial screens at the right moment.

When in development, your requests will hit a sandbox environment. Once distributed on the App Store your requests will be evaluated by production models and servers. To test decision logic and UX variations, you can override insight values and errors by customizing the build schemes for a project in Xcode.

For more information about which launch arguments are available, check the developer documentation for Trust Insights.

The response contains one result per InsightEvaluation requested. For IsLikelyBeingCoachedInsight, there are three possible values: unknown: the system has no evidence of scam risk, but this should not be interpreted as low risk.

medium: some evidence of coaching risk. Depending on the use case, consider introducing friction, additional verification, or adjusting risk scoring.

high: significant evidence of coaching risk. The user should be informed of the determined risks before proceeding.

You should handle both evaluation-level and insight-level errors independently. Details are in the developer documentation. Behind those three values is a sophisticated ML model. Device-sourced data is processed locally. Inputs are immediately discarded after evaluation, with only a single output value leaving a user's device. The final output may incorporate Apple Account signals and velocity checks for additional context.

Two types of feedback complete the integration: real-time consumption feedback, which reports how your app responded to an insight and offline feedback, for cases where a transaction later turned out to be fraudulent. To submit real-time feedback, call reportConsumption on the evaluation result. This call is mandatory for each insight evaluation request.

If omitted, your app may be rate-limited.

Six consumption values are available: usedReducedFriction the insight contributed to making the operation easier. usedUnchangedFriction the insight was evaluated but didn't change the experience.

usedIncreasedFriction the insight led to additional checks or friction, though outright blocking based solely on a trust insight is not recommended.

notUsedNotNeeded the user cancelled, so no decision was required. notUsedError a technical failure prevented use, such as the result arriving too late. usedEvaluationOnly the insight was used for example in internal evaluations and benchmarking, without affecting the user experience.

Offline labels are vital for model improvement. When a trust insight evaluation ultimately results in confirmed fraud, that signal helps the model understand its real-world performance.

These reports may come days, weeks, or months later.

Submit them through Apple Business Register using a server-to-server API with a defined schema that includes the insight identifier from the original evaluation.

Don't include any surplus information such as PII in your submission and apply privacy preserving techniques against any remaining values that could be used for fingerprinting.

Offline label submission is not required to benefit from Trust Insights, but it strengthens the ecosystem for everyone. More details are available in the developer documentation. That covers the full integration: configuration, evaluation, results and feedback. Next: privacy. Data minimization is central to how Trust Insights works. The framework processes only what's needed, discards inputs immediately, and keeps all device-sourced data on the device. Privacy is foundational to every Apple product and service. It's considered from the start, throughout development, and continuously as each service operates. Trust Insights analyzes interaction patterns, timing, context, and basic sensor data. Never content within Photos, Messages, or Mail.

None of these device-derived signals are shared with Apple or third parties.

Users have full control and can disable Trust Insights within Settings.

A cooldown period may apply after disabling, to protect users who may have themselves been coached into turning it off.

You should query authorization status to check whether the user has Trust Insights enabled for your app. Trust Insights has been in use within Apple's own services, and there are practical recommendations to share. Here's an example. A user is setting up a large money transfer to someone claiming to be a doctor treating a family member. Behind the scenes, the app has requested a trust insight.

The .medium result prompts the app to adjust its flow. In this case, displaying a warning and adding a delay to the transaction. Depending on your use case, you may instead handle the result server-side, add a manual review step, or adjust for risk without disrupting the user.

The right approach depends on your app, your users, and your product.

Choosing when to call Trust Insights is just as important as how. Consider the moments where it adds the most value.

High-value financial transactions, such as peer-to-peer payments. Irreversible actions, like account deletion or personal data export. Permission grants, such as remote access or new device authorization. And sensitive data sharing, like credentials or personal documents. Beyond identifying critical moments, there are other best practices to consider: Integrate Trust Insights into your existing risk and decision logic. It should not be the sole factor or determinant in any decision.

Utilize the ability to sample different model versions over time to understand how newer models impact your decisioning logic before taking action. Handle errors at every level, as evaluation errors and insight errors carry different meaning. Never treat unknown or a missing value as low risk.

Your feedback helps to enrich the ecosystem and protect everyone from being the victims of coercion. To avoid rate limits you must submit real-time insight feedback directly in your app and if possible, contribute offline fraud labels via Apple Business Register.

Identify the moments in your app where Trust Insights can work along your existing logic to protect users.

From there, adopt the framework following the best practices and developer documentation.

Register your business on Apple Business Register to learn about Partner Data Services. You may also be interested in App Attest a framework for verifying that server requests come from legitimate instances of your app.

Now is the best time to submit feedback through Feedback Assistant on any aspect of Trust Insights, including the framework, its capabilities, or any high-volume use cases.

Trust Insights brings behavioral context to your app, helping detect coercion while preserving privacy. Integrate it at the moments that matter most, handle results thoughtfully, and close the feedback loop to strengthen the ecosystem. Thank you for watching.