Apple left a few important questions unanswered regarding its all-new fingerprint sensor implemented on the iPhone 5s, called Touch ID. The useful feature stems from Apple’s 2012 purchase of Israeli-based biometric security experts AuthenTec. In a nutshell, Apple strives to easily and securely authenticate users into their device and approve purchases from the iTunes Store, App Store or iBookstore – simply by scanning their finger on the Home button.
What happens next is anyone’s guess. Neither Apple’s website nor available promotional material reveals much in way of detail. Perhaps sensing a privacy scare in the making, Apple dispatched its spokesperson to dispel any notion that the new iPhone might expose users to security risks…
Rather than store actual fingerprint images, the iPhone 5s keeps your fingerprint data in an encrypted form, a company spokesperson told The Wall Street Journal:
Apple’s new iPhone 5S, which comes with a fingerprint scanner, won’t store actual images of users’ fingerprints on the device, a company spokesman confirmed Wednesday, a decision that could ease concerns from privacy hawks.
Rather, Apple’s new Touch ID system only stores “fingerprint data,” which remains encrypted within the iPhone’s processor, a company representative said Wednesday.
This stored digital profile of your fingerprint (fingerprint data) is then matched against the sensor to authenticate the user. Assuming someone does crack the chip – which should be next to impossible – they “likely” wouldn’t be able to reverse-engineer someone’s fingerprint, the Journal speculates.
Apple imposes a 48-hour wipe procedure:
In an interview Wednesday, an Apple spokesman pointed to other security features the company has added to the phone. Apple customers who wish the use Touch ID also have to create a passcode as a backup.
Only that passcode (not a finger) can unlock the phone if the phone is rebooted or hasn’t been unlocked for 48 hours.
This is by design, so hackers can’t “stall for time” as they try to find a way to circumvent the fingerprint scanner. There is a toggle in Settings to enable or disable Touch ID, but we haven’t known that a passcode as a backup measure is mandatory.
Another tidbit: even though Touch ID represents an improvement from the temperamental fingerprint scanners that often appear on consumer laptops, Apple said it may not work reliably with sweaty fingers.
But don’t worry, the mandatory passcode is a nice fallback should the sensor fail to read your finger.
It also has trouble reading some fingers, the spokesman said, possibly including ones scarred by accidents or surgery.
In those cases, Apple found users were able to “use another digit successfully with the scanner”.
We also know from what Apple’s executives told us during yesterday’s iPhone 5s/5c keynote that fingerprint data (again, your fingerprint profile rather than fingerprint images) is stored on a secure module on the new A7 chip.
Only the Touch ID chip inside the Home button is allowed to access this module.
Apple is also wary of sucking fingerprint data up into the cloud.
“It’s never stored on Apple servers or backed up to iCloud,” Apple’s press release reads.
“All fingerprint information is encrypted and stored securely in the Secure Enclave inside the A7 chip on the iPhone 5s,” the company underscores. The Secure Enclave is represented by a small white rectangle on the A7 graphics above.
Apple’s SVP of Hardware Engineering, Dan Riccio, explains in the Touch ID promotional video that “the sensor uses advanced capacitive touch to take, in essence, a high-resolution image of your fingerprint”.
I find it reassuring that Apple prohibit apps from using the Touch ID scanner or accessing your fingerprint profile, as per the Journal report. As we heard earlier today, Apple may have stopped syncing saved web passwords across devices via iCloud. This is possibly another precaution as Apple is thought to enhance Touch ID in the future by adding ability to authenticate the user on web sites, in apps and more.