Touch ID takes hardware security to new levels - Here's how, why, and what it means!

Touch ID takes hardware security to new levels - Here's how, why, and what it means!

We already know Touch ID secures your digital fingerprint by storing it in a secure enclave on the Apple A7, only accessible to the sensor itself. It allows the iPhone 5s to better allow for both convenience and security. But what if that wasn't the only safeguard Apple took in order to protect your prints? We've taken a closer look at Touch ID and, through collaboration with repair company mendmyi, found that Apple has taken extra precautions beyond the secure enclave, on a hardware level that we've never seen implemented before.

Apple has touted Touch ID as a secure hardware path from the beginning. Here's the explanation straight from Apple:

Touch ID does not store any images of your fingerprint. It stores only a mathematical representation of your fingerprint. It isn't possible for your actual fingerprint image to be reverse-engineered from this mathematical representation. iPhone 5s also includes a new advanced security architecture called the Secure Enclave within the A7 chip, which was developed to protect passcode and fingerprint data. Fingerprint data is encrypted and protected with a key available only to the Secure Enclave. Fingerprint data is used only by the Secure Enclave to verify that your fingerprint matches the enrolled fingerprint data. The Secure Enclave is walled off from the rest of A7 and as well as the rest of iOS. Therefore, your fingerprint data is never accessed by iOS or other apps, never stored on Apple servers, and never backed up to iCloud or anywhere else. Only Touch ID uses it and it can't be used to match against other fingerprint databases.

Apple doesn't make specific mention of any other additional safeguards. However, as we discovered through some research and testing of our own, it seems as though Apple went through the trouble of pairing every individual Touch ID sensor cable to each individual phone as well. That's an incredible feat, and it immediately raises the question - why?

Our investigation into the Touch ID assembly started when mendmyi contacted me about an issue with Touch ID on a customer's phone. It had come in for their Colour Lab service. The video below demonstrates the issue:

In order to try and rectify the problem, many steps were attempted. These included swapping out the Touch ID sensor for one verified to work, replacing the dock connector the Touch ID makes contact with, and even replacing the logic board itself. When each different hardware fix was attempted, a DFU restore was performed as well. Nothing worked. It was baffling.

It was then discovered that the Touch ID sensor currently in the device was not the original one that came in the device. Once the original was returned, Touch ID started working again.

At this point, we knew there had to be some additional, previously undisclosed, hardware lockdown going on. To test this theory, we took two iPhone 5s handsets that had never been opened before, and verified Touch ID was working on both. The front assemblies, which contain the Touch ID assembly itself, were then removed and swapped. After re-assembly, both Touch ID setups failed. When returned to the original device, Touch ID once again operated correctly.

This confirmed for us that the Touch ID component cable assembly itself is tied to each individual A7 chip.

I asked our resident security expert, Nick Arnott, if he had any thoughts on why Apple would find this necessary. While none of this can be confirmed, these are his thoughts on why Apple may have taken the extra precaution:

It's hard to say why Apple might lock the A7 chip to a specific Touch ID sensor. One possibility could be to try and prevent any sort of sniffing or interception taking place between the Touch ID sensor and the secure enclave. Sort of like a hardware equivalent to SSL certificate pinning. By pairing the A7 chip to a specific Touch ID, this could make it more difficult for tinkerers to try and intercept communications to reverse engineer how the components talk to each other. This could also mitigate possible risks of malicious third-party Touch IDs being installed in a user's device without their knowledge which could capture a user's fingerprint for an attacker, while passing it on to the A7 chip to allow a user to continue to use their device as normal, without any indication it has been tampered with. If Apple instead used some sort of shared key that was used by all Touch ID sensors to authenticate with the A7 chip, it would only take one Touch ID's key being hacked to compromise all of them. Being tied to a unique Touch ID sensor on each phone means installing something like a malicious Touch ID sensor would require cracking each device you want to attack individually.

I think all Nick's points are valid and could certainly explain what Apple was getting at in their own description of Touch ID when they say it isn't possible for your fingerprint to be reverse-engineered. One thing is for sure, I'd be very curious to see if these kinds of security precautions are taken in other fingerprint readers such as the one found in the HTC One Max.

Update: Interesting take from natevancouver on Twitter as well:

@noir @reneritchie Sounds like HDMI Protected Media Path. Really good to have if they plan to introduce a touch-based payment system.

So what does all this mean for general consumers, hackers, DIY repairs, and future security standards? For general consumers, this is good news. It means you've got an extra layer of protection that's specifically unique to your device. A universal hack won't work. For hackers, it means they've got their work cut out for them and if they want to attack Touch ID. It looks like it can't be done by modifying the sensor cable itself.

When it comes to DIY repairers, it means your job just got a little more precarious. Since you need to remove the Touch ID cable and transfer it in order to perform to most common repair, including replacing a cracked screen, you'd better make damn sure you don't break it. If you do, you'll lose Touch ID functionality and won't be able to get it back.

I've not yet been able to find a reference to another company locking down specific hardware components the way Apple has with Touch ID. It theoretically means they could lock down any component in an iPhone, iPad, iPod, or Mac if they really wanted to. Will they? Probably not. But the option is there.

It's obvious tremendous safeguards have gone into building Touch ID, likely to make sure everyone feels safe and comfortable using it now and into the future.

Allyson Kazmucha

Editor for iMore, Potter pundit, and the ninja in your iOS

More Posts



← Previously

iMore show 373: iPad Air & Retina iPad mini buyers guide

Next up →

Partying for Halloween tonight? Make sure to snap some #iFright photos for the contest!

There are 49 comments. Add yours.

htabbach says:

I want to take this article and slap it in the face of one AC moderator who insisted that TouchID is less secure than a 4 digit PIN!

Rene Ritchie says:

This is discussing the security of touch ID, not how secure touch ID is for your device. Neither opinion code nor touch ID are great. Long gnarly passwords are great. However they're inconvenient, especially on mobile. Touch ID is better than nothing, and right now a lot of people use nothing.

Sent from the iMore App

jgr627 says:

Hey Rene love the site, I check it out a few times a day. Don't mean to get off topic but can you please make apple take notices and get them to some how incorporate an option that requires you to enter a password for airplane mode / power off.

ericsmcdonald says:

I'm actually pretty sure Apple locks the SIM tray to the device. While I've never tried swapping SIM trays, I was at the apple store once, waiting to meet with the Genius Bar, and the person before me was having SIM card issues. Turned out the person didn't have the original tray in (for whatever reason) and until the original tray was put back in the phone didn't work.

Allyson Kazmucha says:

I can 200% verify that is not true. I've swamped hundreds of SIM trays across hundreds of devices in the past. It's just a piece of metal with absolutely no circuitry. It does however have the IMEI and serial imprinted on it in the iPhone 3G/3GS/4/4s but they stopped that as of the iPhone 5.

Sent from the iMore App

Rene Ritchie says:

I swap sim trays all the time.

Sent from the iMore App

Ides of Buster says:

Fascinating technology and discovery, Ally. It is reassuring to me that Apple took extraordinary countermeasures to protect Touch ID's physical security against fingerprint skimming threats, as well as attempts to reverse engineer the system. Awesome.

Sent from the iMore App

DRAppleGuy1593 says:

I just like that Apple is taking a chance with it. So far it's worked about 90% of the time for people and that 10% common has easy fixes or replacements. It's just a step forward in tech forcing other companies to add this technology as it's already been announced in 2014 at least 1 android phone will have a fingerprint scanner. Then It kind of goes along the same line of 64-bit architecture chip isn't the best but it's a start to having all phones be 64-bit soon. Everything has to start somewhere at least.

dmitrygr says:

Um... Atrix4G came with fingerprint reader in 2011...

DRAppleGuy1593 says:

Yes I know. It was in an awkward position and not as reliable. It also wasn't like the apple one though. This apple one requires a touch only. No swiping your finger across it like the Atrix4G and others and it's right in the home button on the front. For 90% of people it's basically instantaneous in accuracy compared to a lot less accuracy and true reliability. Nothing against previous phones with that tech because it's building blocks for ones like Apple's and androids in the future. It's like the whole NFC thing. The first NFC phone was in early 2001, then there was one motorola flip phone after with it. They don't get enough credit most people would say that current androids with NFC are the start mainly because they are successful with it but the early 2000s phones were a start to NFC that makes it what it is now for Android users. Everything starts somewhere no matter how bad it is in the beginning usually.

angermeans says:

Are you saying that the A7 (64bit) isn't the best, but the industry will get better? Have you looked at any reviews on this beast? It's abolish rely destroying every SoC on the market and the only one that comes close is Intel's unreleased bay trail that is being made for tablets. If your saying the 64bit isn't the reason for that then I 100% agree as it is a sum of all parts, but apple started this SoC with the A6 which also led the industry (as is still one of the best in power consumption and speed. Not only that but the "A Series" chips are made for the devices they are going in and are powering apple phones that beat android phones with twice the ghz and only 1/3 the ram and also get the same or better battery life of android devices that have a 2-3 Times bigger battery. Apple is truelly innovating with their chips. If they can do this with this silicon in a phone the size of the iPhone 5 and 5s then what will they be able to do with a bigger footprint if they do indeed make a bigger display iPhone 6? I'm willing to bet we see 3-4 days battery life on a single charge and if they have more dye space then we could see some true power. Android on the other hand has backed themselves in a corner. They can't even keep up on phones much larger that have a lot more space to work with and can't take a step back to where they are at now.

smiff1985 says:

You do know that the A7 chip is built by Samsung, right? And that when you say that "Apple is truelly [sic] innovating with their chips" that Samsung are probably due some credit, yes?

trrll says:

That's a bit like insisting that the printer wrote the book. Apple designed the chip and contracted with Samsung to manufacture it. Samsung has no rights to the chip and can't use it in their own products

DRAppleGuy1593 says:

To a point but Apple designed it and put all the components needed to make it right. Samsung is nearly putting it together. That's like buying one of those desk or dressers at a store that need assembled and me taking credit for making the desk because I solely put it together.

DRAppleGuy1593 says:

It obviously is innovative and it definitely is a great chip it's only a start though, just imagine a 64-bit chip in a few years because they made this one though, it's going to be over double this power I can almost guarantee. In the iPad Air it's already noted to have half the bench score of the new rMBP. But if they didn't make this 64-bit chip then who know how many more years it would be before another company tried putting their own 64-bit chip into a phone? It nearly forces other companies to add their own 64-bit chip to a phone to be able to compete on that section of the phone competition. Innovation basically forces other companies innovation and Apple clearly has done it best though. Their clearly waiting to perfect their "iWatch" before release since Samsung basically forced their Galaxy gear out and it hasn't even shaken Apple at all since they want to make the better device.

cpmorris0 says:

It's always interesting to me when Apple comes out with something like Touch ID and everyone's like "So?". Then little bits of information start coming to light, like they went the extra mile to make this just that much more secure. Then the people who said "So?" and now saying "Wow, they put a lot of extra effort into that!". That's what sets Apple apart from other companies.

Trappiste says:

I believe these sort of arguments when I get a decent camera and working maps on my iPhone. Till then, my Windows-Phone-wielding colleagues will own the high ground on "making it that little bit better." Sad, but true.

Rene Ritchie says:

iPhone 5s has arguably the best general purpose camera on the market. Your trolls are losing all credulity. :)

Sent from the iMore App

pookyjoralyn says:
I think you're a troll instead. Even my cheap Lumia 520 has the same Nokia Camera as the 1020 and with some cool things like manual focus

sting7k says:

Google Maps is available in the App Store.

kch50428 says:

and it just got an update...

AdamChew says:

Maps work beautifully in my iPhone and direction is second to none, google maps is relegated to the gutter in my case.
Oh, nothing seems to work in a troll's iPhone. I wonder why.

angermeans says:

The camera comment has to be a joke, but I would love to hear what maps app on wp8 your talking about. They don't have a native option and if your talking about the multiple maps made by Nokia then your severely wrong. iOS maps has gotten much better and even if you don't like it you can go to the industry best google maps by downloading a free app. I'm sorry I have the Nokia 920 and it is a great looking phone and I really like it, but it in now way compares to any iPhone. Hell, it doesn't even compare to any android phone I've owned especially when it comes to apps. I won't even get into cameras. I love nokias cameras, but my iPhone 5s has the best bang and I'm not constantly fumbling with settings. Sure I can get a better picture some of the time on day the 1020, but that is only when you really work at it. If I want to mess with settings then I'll grab my Nokia and go to work, but the iPhone 5 and 5s camera cannot be beat for taking excellent pics on the go.

DRAppleGuy1593 says:

Maps is a lot improved since it's released and it uses TOMTOM's maps which are pretty phenomenal in GPS devices. Also the iPhone 5S camera has been phenomenal reviewed by professional photographers as a top smartphone camera and I've heard as been compared by few to a much more portable DSLR. Also it's already been review by many people as a better camera than the Nokia Lumia phone with a 41 MP camera. Shows that internals are much more important than forcing a ton of MP into it a camera on a phone especially!

Trappiste says:

"Touch ID sensor cable to each individual phone as well. That's an incredible feat"

"Incredibfe feat"? Come on! No. It ain't. It's standard manufacturing.

" Fingerprint data is used only by the Secure Enclave to verify that your fingerprint matches the enrolled fingerprint data. The Secure Enclave is walled off from the rest of A7 and as well as the rest of iOS. Therefore, your fingerprint data is never accessed by iOS or other apps, never stored on Apple servers, and never backed up to iCloud or anywhere else. Only Touch ID uses it and it can't be used to match against other fingerprint databases."

These claims put an incredible amount of faith on Apple. This is all true if Apple plays along. If they don't, then no amount of hardware "walling" is going to help.

The only way to prevent Apple from storing your fingerprint is not to let the iPhone generate the hash. This option is not made available. The only way to guarantee (not just trust in Apple's word) that the rest of the iOS cannot access these data is to prevent TouchID from authenticating. This, in turn, eliminates its purpose. Conclusion: Your fingerprint and your data in general are only so secure as Apple wants them to be. No more. Apple pulls all the strings, since they write the code. Not you.

Any system that lets a third party generate encryption keys or hashes on your behalf puts your security inherently at the mercy of that party. No amount of marketing BS or pseudo-computer-security terminology will get around that fact. This naturally applies to the Hushmails, iMessages etc. of this world, too.

Allyson Kazmucha says:

You DO realize that quote was taken directly from Apple's own website right? There isn't any statement there from me. It's apples own statement.

And yes it is an incredible feat considering apple produces millions of devices. Pairing each device with a unique sensor takes a lot of control during the process, extra care, and time.. Not to mention it is something no one has done yet, at the very least not on a mass scale like this. Saying this is standard manufacturing is a flat out false statement.

OrionAntares says:

How incredible it is would really depend on what they actually did. There is certainly a pretty general way of doing this by simply making the sensor IDs unique and then having this Secure Enclave do a first run "burn-in" with that sensor ID with it's initial activation. That kind of design isn't really new or difficult to manufacture, it just complicates servicing such products since as you've seen a new sensor won't work.

Now there are more complicated options for doing this as well and if they did actually use those methods that would be "incredible" given the scale of production they are targeting.

Chris Summers2 says:

Trappiste your just one of those people. Apple could creat cold fusion and you would have something negative to say.

Sent from the iMore App

Allyson Kazmucha says:

Ahhh! You have a shibu! I do too! :)

mhemmes says:

Go Shiba Nation!

I actually have three; that's Madison the mommy of my younger female (Rosie). Love 'em!

oscaramzz says:

You DID read the article right? Those are direct quotes from apple not from iMore.

Sent from the iMore App

Nick Arnott says:

""Incredibfe feat"? Come on! No. It ain't. It's standard manufacturing." - Standard in what manufacturing?

"These claims put an incredible amount of faith on Apple." - They're claims from Apple, so yes, they do.

"This is all true if Apple plays along. If they don't, then no amount of hardware "walling" is going to help." - This is like saying your banking information is only as safe if your bank plays along and if they don't, no amount of additional banking security will help. A) It's in their best interest to "play along". B) Security is about layers and tradeoffs between security and convenience. I'll play Devil's Advocate and say some issue with the way Touch ID fingerprints is identified. This would not nullify the benefit of all users who previously used no passcode to secure their devices who now secure a device using Touch ID. The benefits for those users is still very real.

"The only way to prevent Apple from storing your fingerprint is not to let the iPhone generate the hash. This option is not made available." - The only way to be sure Apple isn't storing your fingerprints, if you choose to not trust them, is to not use Touch ID, period. This has nothing to do with Apple or Touch ID, this is the case with any company you entrust with your information anywhere.

"Conclusion: Your fingerprint and your data in general are only so secure as Apple wants them to be." - Your fingerprint is not secure. This is well-established. Somebody wanting to get a copy of your fingerprint will. In the case of Touch ID it acts as a decent token for users who want some convenient security where they won't be hassled for a passcode all of the time. It's not a highly secure token, but it is a convenient one.

"Any system that lets a third party generate encryption keys or hashes on your behalf puts your security inherently at the mercy of that party." - And any system that relies on individuals generating their own encryption keys stands little to no chance of widespread public adoption. Apple's goal is to strike a balance of securing users as much as possible while keeping it convenient and easy to use. I'm not trying to dismiss the value of security, but security is never just about what the most secure technique is. A service could enforce password rules like must contain upper and lower case, must contain numbers, must contain special characters, must not contain words, and must be at least 30 characters, but nobody would want to use that service. It wouldn't be convenient. You clearly miss the point of Touch ID. It's not intended to be a high-security mechanism suitable for protecting government secrets. It's a convenience intended to make user's lives easier, and in the case of those who didn't previously use passcodes, a little more secure.

We're talking about an aspect of Touch ID that indicates some security measures taken by Apple to increase the integrity of the security chain with Touch ID. You want to rant about conspiracy theories involving Apple recording your fingerprint for God knows what purpose.

Walter Cooke says:

In military information security standards, this is referred to as “Trusted Path”, a component of the “B” level of trust when evaluating the trustworthiness of a system where Mandatory Access Controls (MAC) are used to enhance the security of the system. Trusted Path security ensures that no one can attack the path between the two computer components being assessed. This is all MIL spec "Trusted Computer System Evaluation Criteria (TCSEC)", not just Apple's "marketing BS or pseudo-computer-security terminology" as you refer to it as... Look it up.

aerovtp says:

I am just curious, when someone makes a purchase on the App Store, does iOS basically go to the Secure Enclave and ask for a Yes or No answer about whether it is the actual person. This basically applies to all of iOS's functions in relation to Touch ID, is it basically a "is this the person, not the person" deal?

Nick Arnott says:

More or less. The OS is asking for authentication. The Touch ID sends the fingerprint to the secure enclave and it returns a simple yes or no.

angermeans says:

I've read this, but in code we don't have a yes or no, but we do have a Boolean of true or false. Not being critical just wondering if apple is doing something else as I've read what you stated before. I'm only in the second year of my bachelors in Computer Info Systems so I could not be that far into it all yet though. Would love to know if I'm wrong though. That's the only reason i commented. I don't want to sound like one of those internet jerks that correct grammar.

OrionAntares says:

Yes or No, True or False, 0 or 1 are all just semantics.

As far as what they do on a hardware level, people can really only guess. If their goal was absolute security against having anything lifted out of the Secure Enclave, then the only output line on it should be a single bit response connection for "Yes/No".

Nick Arnott says:

OrionAntares is correct. When discussing the "yes/no" answers, it's speaking at a high-level, not meant to specify how they're handling it at a code level. The yes/no discussion is only to try and make it clear that the fingerprint verification is controlled entirely by the Secure Enclave; all it returns is an affirmative or not in response to the Touch ID sensor requesting authorization.

Becjr says:

I love reading about the new discoveries about how this "magic" tech works. I think it's great that this level of needed security has already been anticipated.
I do have to wonder about how the fingerprint is so protected in its lofty tower fortress and yet is available for verification and approval for purchases.
I don't have an iPhone 5S, but I am very excited about TouchID.

Sent from the iMore App

DRAppleGuy1593 says:

It's basically to the point that the phone scans, remembers, and sends in into the chip in binary/coding/electric pulses then it basically only allows a path for use to App Stores and with verification to unlock started by touching the metal ring around the Touch ID/Home Button. So it's basically just by the ports it's allowed to go to! I'm really excited about Touch ID too though! Hopefully getting a 5S for Christmas so I'll get to try it out! I think it would be cool if Apple tried adding Touch ID capabilities to the Passbook app first and maybe eventually to 3rd party app companies for verification purposes down the road!

Winski says:

Allison... THAT'S some good work !!!


BeyondtheTech says:

Perhaps it just renders the currently captured fingerprints useless if you change the Touch ID sensor. Has someone wiped out all the fingerprint scans, changed the Touch ID sensor, then established new ones to see if it works? Getting third-party suppliers that order Touch ID sensor parts to fix your 5s may then not be as difficult if the A7 and and the Touch ID sensor just have to get to "learn" each other all over again. It could be more costly to fix if the logic board or the Touch ID sensor go bad, which means both needs to be replaced each time.

I wouldn't put it past Apple to mark each Touch ID sensor assembly with the same serial number as the logic board of the 5s, much like how you can't just swap out a DVD drive from an Xbox 360 (for those that remember modding them), but it could be that when the two components meet for the first time, they establish a shared key that helps encrypt the data pass through the sensor. Change the sensor or the logic board, and the learned keys of each component won't match and therefore won't decrypt the data properly. But, establish new data (with brand new fingerprint registrations) and it might work.

Artiste212 says:

Allyson, thanks. Your article was great but your replies were even better. Demonstrating mastery of the topic really increases the value of your reporting. I'm getting the app.

Bob Deskin says:

While I like the idea of tying Touch ID to the CPU, what happens if the Touch ID breaks? Is there a method by which Apple re-syncs the new Touch ID with the chip such that it's reset? And if there's something Apple can use, couldn't it be maliciously worked around?

A_D_A_M says:

You would likely be issued a new device

DRAppleGuy1593 says:

Most often Apple recommends a replacement device first, which is why Apple Care is so highly recommended on iPhones as the first iPhone external issue you have with Apple Care gets you a brand new iPhone sent to you free of charge. Second to that most people would probably be like oh well and go to using the passcode or no passcode as there really isn't much you can do with the Touch ID, so far. Just simply for unlocking the device then verification of apps that you buy within a 15-30 minute period because after that period you have to enter the Apple ID password again as I've heard with iPhone 5S users so far. So it's really currently a luxury feature as it doesn't have much use yet.

A_D_A_M says:

Fantastic article! A great read for sure. Thanks for the insight.