clock menu more-arrow no yes

Filed under:

How Apple will keep your fingerprints safe in the iPhone 5S

New, 14 comments

If you buy something from a Polygon link, Vox Media may earn a commission. See our ethics statement.

When Apple unveiled the iPhone 5S last week, it also unveiled Touch ID, a feature that allows users to unlock the smartphone and make purchases through the home button's new fingerprint scanner.

Using a device that recognizes users has security implications, as Microsoft acknowledged in the wake of the Xbox One announcement, where it unveiled the next-gen Kinect's "always listening" feature.

In the video above, Apple senior vice president of hardware engineering, Dan Rico, explains how the company will store fingerprint information securely using a technology Apple calls Secure Enclave.

"All fingerprint information is encrypted," Rico explains in the video above, "and stored inside the Secure Enclave in our new A7 chip. Here, it is locked away from everything else, accessible only by the Touch ID sensor. It's never available to other software, and it's never stored on Apple's servers or backed up to iCloud."

"Apple needed a processor that is already aware of the concept of encryption and security at a native level"

A recent post on Quora by Brian Roemmele cites ARM documentation to explain how Apple uses the 64-bit A7 processor to create the Secure Enclave.

"To economically create the Secure Enclave, Apple needed a processor that is already aware of the concept of encryption and security at a native level and has the dedicated hardware to make a segregated and secure area with in the processor architecture," Roemmele wrote.

He also cites an ARM white paper from 2008 called "ARM Security Technology" (PDF link) that describes the TrustZone architecture, which stores secure information embedded on the processor where only trusted software can access it.

"Many embedded devices are now storing a large amount of user data, including sensitive information such as synchronized email, mobile banking details, and mobile payment credentials," section 6.2.2, "Mobile Payment," reads. "This user data can be protected, requiring the entry of passcode before it can be used, however once unlocked it is vulnerable to any weakness in the underlying software environment.

"Migrating the data storage, data manipulation, and even the passcode entry, into the Secure world makes sense for many applications that make use of user data."