Apple has further detailed the way security works in iOS, including how the Touch ID system handles keeping fingerprint data safe as biometrics come under renewed scrutiny following Samsung’s Galaxy S5 launch. The new iOS security whitepaper, quietly released this week, covers multiple aspects of data safety across devices like the iPhone and iPad, but is likely to be most interesting for the Touch ID scanner details and insight into the so-called Secure Enclave where Apple locks up fingerprint information.
Apple had been coy with Touch ID specifics in the past, explaining that the sensor – then going technologically unexplained – stored a unique map built up of distinctive elements of the user’s fingerprint, rather than the fingerprint itself. That map was kept on the phone itself in the Secure Enclave part of the Apple A7 chipset, and was never synchronized with the cloud.
Even if hackers did access the fingerprint data, Apple insisted, they wouldn’t be able to retroactively calculate what the fingerprint itself looked like.
This new document – which you can read below – goes into greater detail about the system. For instance, the Secure Enclave itself is generated during the phone’s construction with a unique ID (UID) unknown both to Apple and other parts of the software stack; that is mixed with an ephemeral key created when the iPhone boots, and the result used to encrypt the memory used for the locked-down space.
The Touch ID sensor itself, meanwhile, is effectively a very specific camera, snapping an 88 x 88, 500ppi raster scan of the fingertip. Data transfer between it and the Apple A7 is also explained:
“Communication between the A7 and the Touch ID sensor takes place over a serial peripheral interface bus. The A7 forwards the data to the Secure Enclave but cannot read it. It’s encrypted and authenticated with a session key that is negotiated using the device’s shared key that is built into the Touch ID sensor and the Secure Enclave. The session key exchange uses AES key wrap- ping with both sides providing a random key that establishes the session key and uses AES-CCM transport encryption” Apple
The emphasis on the fundamental workings of Touch ID – and the security systems Apple put in place around it – comes as Samsung launches its own take on biometric security. The new Galaxy S5, revealed on Monday, has a fingerprint scanner built into its home button, used to unlock the phone as well as enable mobile payments.
However, Samsung has taken a different approach with regards to third-party apps, and where Apple only allows iOS itself (and the App Store itself) to tap into Touch ID, the scanner on the Galaxy S5 will be accessible to other software. The company is readying a so-called Pass API which developers will be able to use to integrate biometrics themselves, though has said that, like with Touch ID, the fingerprint data won’t ever leave the individual handset.
Apple’s document also goes into detail on iCloud security, iMessage and FaceTime encryption, and other privacy elements of iOS, all topical given the greater attention paid to NSA monitoring and other fears.