Apple has posted a document to its business site detailing the security features behind the Touch ID that was introduced on the iPhone 5s. This is the first time Apple has publicly revealed security features of the Touch ID, which could point to the fact that Apple may be considering opening up the fingerprint scanner to third-party developers at this year's WWDC. It's better to educate people beforehand on just how secure the technology is so that users will feel more comfortable when developers have access to it.
The highlight of the Touch ID security features appears to be the "Secure Enclave," which is a coprocessor in the A7 much the same way the M7 is a coprocessor. As MacRumors notes:
Secure Enclave is a coprocessor within the A7 chip that uses a secure boot process to ensure that its separate software is both verified and signed by Apple. All Secure Enclaves can function independently even if a kernel is compromised and each one contains a unique ID inaccessible to other parts of the system and unknown to Apple, preventing the company or any other third parties from accessing data contained within....
Fingerprint data collected from Touch ID is stored within the Secure Enclave, which is used to determine a match and then enable a purchase. While the A7 processor collects data from the Touch ID sensor, it is unable to read it because it is encrypted and authenticated with a session key built into Touch ID and the Secure Enclave.
Given that the Touch ID seems much more secure than many thought, here's hoping Apple opens it up to third-party developers...just as Samsung has done with the new Galaxy S5.
In other news:
- Apple has released a firmware update for the Mac Pro which allows the machine to enter Power Nap mode without running the fan.
- Apple has made sweeping changes to its iOS device management tools for Enterprise And Education.
- iOS 7.0.6, the version that fixed the SSL bug, has already been installed on 25% of iOS devices after just four days.