Apple removes iCloud Keychain from iOS 7 GM, here’s why

By , Sep 11, 2013

iCloud Keychain (teaser 001)

Yesterday, Apple seeded its registered iOS developers with a so-called Gold Master version of iOS 7, which is essentially the same version owners of iPhone, iPod touch and iPad devices will be getting come September 18.

Unfortunately, it seems the company has quietly pulled the useful iCloud Keychain feature from the GM build. The company did not provide an explanation as to why exactly the feature got yanked.

For what it’s worth, it’s entirely possible the company leadership didn’t feel confident enough to declare iCloud Keychain ready for prime time. We have another theory…

Advertised as a simple way to sync all your stored passwords across devices, iCloud Keychain worked in tandem with iOS 7 Safari by offering to save (and even generate) passwords people use to log in to websites such as eBay and Facebook.

iOS 7 GM still lets you save passwords locally to your keychain (Settings > Safari > Passwords & Autofill), but you won’t find the option in Settings > iCloud > Keychain to sync your saved passwords across devices.

Here’s iOS 7 Beta 7 with iCloud Keychain (left) and the GM build without it (right).

iCloud Keychain (iOS 7 Beta 7, iOS 7 GM)

MacRumors was quick to point out that iCloud Keychain is a goner in the iOS 7 GM build. Interestingly enough, Apple has updated the iOS 7 web page with the “coming soon” label next to the iCloud Keychain description.

In addition to web site logins, iCloud Keychain also syncs stored credit card information across devices so it’s possible the company temporarily removed the feature to avoid any potential security breaches.

iphone1

With the advent of fingerprint scanning that debuted on the iPhone 5s, Apple must take extraordinary measures to keep customer data safe from prying eyes and not compromise their security (that’s NSA’s job). Apple’s execs during yesterday’s keynote frequently repeated that fingerprint data is stored on a secure module on the new A7 chip that only the Touch ID chip is allowed to access.

“It’s never stored on Apple servers or backed up to iCloud,” Apple’s press release assures. “All fingerprint information is encrypted and stored securely in the Secure Enclave inside the A7 chip on the iPhone 5s,” the company underscores.

Apple A7 chip (Secure Enclave 001)

In addition to unlocking your device without having to punch in a passcode, Touch ID on the iPhone 5s can also be used as a secure way to approve purchases from the iTunes Store, App Store or iBookstore.

Here’s Touch ID in action.

We have every reason to believe that Touch ID will soon work with website passwords and perhaps even in-app passwords so perhaps Apple removed iCloud Keychain until Touch ID support for website/app passwords is properly implemented.

Also, as some noted on Twitter, they may be waiting for Mavericks.

There has been some commotion on Twitter concerning the potential for a rogue app or web site to steal your fingerprint ID. Now, I’m not a security expert, but I’m pretty sure Apple means business when it says only Touch ID can match your fingerprint to the data securely stored inside the A7 chip.

The most third-parties can hope for is an iOS 7 API for fingerprint authentication which I’m pretty sure won’t allow developers to ever touch your fingerprint data. As for websites, there’s no way a remote server could steal your identity because (at least in in theory), a server such as Amazon doesn’t need to know anything about fingerprint scanning – it simply puts up a standard web login form.

The only way to bypass the iPhone 5s Touch ID that I know of is this.

Touch ID securtiy breach

iOS 7 then recognizes the password prompt and ask you to authenticate using your finger – again, theoretically speaking.

Upon successful authentication, iOS 7 would then retrieve your Amazon login information previously stored in the iOS keychain (and synced to other devices via iCloud Keychain) and log you in – much like 1Password on steroids.

If you’re eager to learn more about the implications of using fingerprints versus traditional passwords, I wholeheartedly recommend Mark Burnett’s excellent write-up.

  • Share:
  • Follow:
  • The_Rise_Of_The_Shrimp

    LOL at the photo. I thought of the same during the keynote!

    • Glorin

      then you have badass kids.!

      • The_Rise_Of_The_Shrimp

        You can say that i’m still the kid ;)

      • Gavin

        I hope Apple don’t allow users to store credit card details on the device such that one only needs the fingerprint TouchID to complete a transaction?

        This would start a new wave of crime, where criminals will go stealing someones phone and their finger with a knife…..eeek!!

        Gav :-)

  • Guest

    Mine is still on. I am using the GM.. The settings are still there for it.

  • Preet Patel

    Please check this paragraph, the iphone 5c should be iphone 5s
    “In addition to unlocking your device without having to punch in a passcode, Touch ID on the IPHONE 5C can also be used as a secure way to approve purchases from the iTunes ”
    Please fix it in the post

    • http://www.iDownloadBlog.com Sebastien

      Fixed, thank you :)

  • Andreas Ferber

    I have iCloud Keychain left and im running The GM

    • http://www.idownloadblog.com/author/dujkan Christian Zibreg

      No you have Safari auto-fill which saves passwords locally. you don’t have Settings > iCloud > Keychain, that’s what’s been pulled

  • Victor

    Or someone could chop your finger off??!

  • Jonathan

    I find it strange Apple specifically say it’s not uploaded to Apple server or iCloud. Surely it would just be easier to say it’s not uploaded to *any* server?

    • Jason Duong

      That would be lying then… it gets uploaded to NSA servers obviously.

  • Joseph A. Ahmad

    I’ve seen a few people who are running iTunes 11.0.5 who have upgraded to iOS 7 GM and cannot use their iPhones to sync or connect to iTunes. I’m aware that you must have the iTunes 11.1 beta (I’m running it), but my question (while probably obvious) is: will Apple be releasing iTunes 11.1 to the general public next week? I would assume so if iOS 7 GM requires iTunes 11.1 to sync to a computer. Does anyone agree or disagree? I just want people’s thoughts.

    • Alejandro M. Marez

      I sync music pretty regularly so I have the same problem, there isn’t a iTunes 11.1 download available.
      *Good thing I have iTunes Match!*

      • Joseph A. Ahmad

        Well music isn’t a problem, I can always download that from the cloud, but I just like to back up my iPhone to a computer, so I’m just thinking of those who are running the GM with 11.1 … I guess they can always just restore via DFU mode if they run into problems. But I guess we’ll see the release next week then.

  • Joseph

    For people who want this feature on their computer browsers, MaskMe does pretty much all of what Keychain does, including allowing you to generate passwords.

  • Guest

    Has Apple said anything about future iOS support on the iPhone 5? For now I’d assume it will just go on as usual.

  • MyFlammingSkull

    You mean ios 7 beta 6 not ios 7 beta 7

  • Aaron de Silva

    I think they are just waiting for mavericks to launch iCloud Keychain.

  • Yunsar

    There should be a different passcode to access the safari saved passwords. I usually don’t mind sharing my device passcode with my friends, but this feature makes me think twice.

  • Maha Rajan

    Price?

  • Douglas Riley

    Since loading ios7 on my iPad3 all my Wes sites require login every time! Horrible! Sorry I upgraded – now iPad Safari is unusable!

  • xxxx

    touch

  • xxxx

    please
    touch
    me