New this year, touch ID, is not only part of the iPhone 5S, but also a frequent topic of media and discussion. Its purpose is to make it more pleasant iPhone security instead of inconvenient and time-consuming entering a code lock or typing a password when making a purchase in the App Store. At the same time, the level of security increases. Yes, the sensor itself can wheedle, but not the entire mechanism.
What do we know about Touch ID so far? It converts our fingerprints into digital form and stores them directly in the A7 processor case, so no one can access them. No one at all. Not Apple, not the NSA, not the gray men watching our civilization. Apple calls this mechanism Secure Enclave.
Here's an explanation of Secure Enclave straight from the site Apple Lossless Audio CODEC (ALAC),:
Touch ID does not store any fingerprint images, only their mathematical representation. The image of the print itself cannot be recreated from it in any way. The iPhone 5s also features a new enhanced security architecture called Secure Enclave, which is part of the A7 chip and has been designed to protect code data and fingerprints. Fingerprint data is encrypted and protected with a key available only to the Secure Enclave. This data is only used by Secure Enclave to verify the correspondence of your fingerprint with the registered data. The Secure Enclave is separate from the rest of the A7 chip and the entire iOS. Therefore, neither iOS nor other applications can access this data. Data is never stored on Apple servers or backed up to iCloud or elsewhere. They are only used by Touch ID and cannot be used to match another fingerprint database.
Server & Hosting iMore in cooperation with the repair company mendmyi he came up with another level of security that Apple didn't publicly present at all. According to the first fixes of the iPhone 5S, it seems that each Touch ID sensor and its cable is tightly paired with exactly one iPhone, respectively. A7 chip. This means in practice that the Touch ID sensor cannot be replaced with another one. In the video you can see that the replaced sensor will not work in the iPhone.
[youtube id=”f620pz-Dyk0″ width=”620″ height=”370″]
But why did Apple go to the trouble of adding another layer of security that it didn't even bother to mention? One of the reasons is to eliminate the intermediary who would like to sneak between the Touch ID sensor and the Secure Enclave. Pairing the A7 processor to a specific Touch ID sensor makes it difficult for potential attackers to intercept communications between components and reverse engineer how they work.
Also, this move completely eliminates the threat of malicious third-party Touch ID sensors that could secretly send fingerprints. If Apple used a shared key for all Touch ID sensors to authenticate with the A7, hacking a single Touch ID key would be enough to hack all of them. Because each Touch ID sensor in the phone is unique, an attacker would have to hack each iPhone separately to install their own Touch ID sensor.
What does all this mean for the end customer? He is happy that his prints are protected more than enough. Repairers must be careful when taking apart an iPhone, as the Touch ID sensor and cable must always be removed, even for display replacements and other routine repairs. Once the Touch ID sensor is damaged, I repeat including the cable, it will never work again. Although we have golden Czech hands, a little extra caution doesn't hurt.
And hackers? You're out of luck for now. The situation is such that an attack by replacing or modifying the Touch ID sensor or cable is not possible. Also, there won't be a universal hack due to pairing. In theory, this also means that if Apple really wanted to, it could pair all the components in its devices. It probably won't happen, but the possibility exists.
I really like Touch ID a lot. I would like to see this technology in more Apple products. In addition to the iPad, I could imagine it built into the mouse for Macs or Touchpads in MacBooks...
I would be interested in only one thing, and that is when the phone is under warranty and we know that the home button will wear out over time and there is a question whether the home button can be replaced or the user can just throw the phone away, I am quite puzzled as to how it is
Well, I assume that if you prove that the device is yours, there will be no problem.
So, if the home button goes out after the warranty, do I need to replace it at the service? I thought that the home button and the Touch ID sensor are like one whole, if the home button goes out, then everything has to be replaced, and I understood in the article that a different Touch ID sensor is needed or you can't transfer it from another iPhone, and if yes, then it won't work, I probably didn't understand the article very well, I don't even use the home button on my iP5 since I only use gestures, so the home button is useless to me, I only use it when I have to do a hard reset, otherwise it's fine to no avail, but I think that Touch ID is a great step, but then I'm staying with my year-old fives, we'll see what Apple brings in a year, but I would like it if they completely removed the home button from the iPhone and left only a touch sensor that would react the same as the home button, but just a touch :-)
wow, thanks for the tip in the form of removing the HomeButton using gestures ;) I didn't even know, much better than pressing the hw button
I don't know if it's better, it depends on how one gets used to it, it's not a matter of habit, for me it's definitely better, I got used to the gestures quite a bit, but I thought that when they put this function in the phone, why not use it :-) but as I say I don't want to argue whether it's better, I'm only speaking for myself :-) for me it's definitely better and today I consider assistive touch one of the top functions that exists in the iPhone and I can't imagine that it wouldn't be there just because I miss this function the smallest part of the phone and that is the home button :-) I really press it at least twice a day and at most 2x 2x and I don't really do that, when I want to get into the phone I press the power/vip button once and when I want to put the phone to sleep I just use touch gestures but how I say it's just a matter of habit :-) as one gets used to