How Touch ID works: Making sense of Apple's fingerprint identity sensor

How Touch ID works: Making sense of Apple's fingerprint identity sensor

Touch ID is Apple's name for their new biometric fingerprint authentication technology. With it, the Home button can now unlock your iPhone 5s and authorize your purchases on the iTunes Store. In the perpetual battle between security and convenience, where many people would rather go without a passcode or strong password than fuss with anything complicated on mobile, Touch ID aims to do for authentication what iCloud did for backup and restore - make it easy enough that people will actually use it. Here's Apple's pitch:

Put your finger on the Home button, and just like that your iPhone unlocks. It's a convenient and highly secure way to access your phone. Your fingerprint can also approve purchases from iTunes Store, the App Store, and the iBooks Store, so you don't have to enter your password. And Touch ID is capable of 360-degree readability. Which means no matter what its orientation — portrait, landscape, or anything in between — your iPhone reads your fingerprint and knows who you are. And because Touch ID lets you enroll multiple fingerprints, it knows the people you trust, too.

Entering a password on the original iPhone was incredibly painful. You couldn't paste a password in, and you couldn't even glimpse the characters you were typing in as you typed them. That led to a high error rate, which led to high frustration levels, which led to people reducing the complexity and strength of their passwords.

Eventually Apple increased security by allowing for strong passwords instead of simple passcodes to unlock devices, and they increased convenience by showing the character being typed in for a few seconds. They also added copy and paste. Yet mobile keyboards, especially virtual ones, still sucked for password entry, especially strong ones. It sucked so much many people continued to leave passcodes turned off, and keep their iTunes passwords simple and easy to enter. And that's not good for anybody.

Your finger is your passport

The Home button is incredibly important on a mainstream computing device like the iPhone. Not only is it an easy way to wake the system, it's an escape hatch that can return anybody, no matter how lost or stressed or frustrated or confused, to a know state - the Home screen. That also makes it the perfect place to put the Touch ID sensor.

The chain is pretty clever. A highly scratch-resistant sapphire glass lens protects the assembly and focuses the sensor, while a color-matched steel ring surrounds it, waiting to detect your finger. When that's triggered, the capacitive Touch ID sensor activates and takes what's effectively a high-resolution snapshot of your fingerprint. The fingerprint is compared against what's stored in the secure enclave on the Apple A7 chipset, and if the unique characteristics in the arches, loops, or whorls match, you're instantly authenticated and your iPhone 5s will unlock or your iTunes purchase will be authorized.

That being the case, Apple seems to be targeting Touch ID squarely at the masses. By contrast, Apple doesn't seem be addressing higher security needs, or at least not yet. Although we'll have to wait until it ships to know for sure, Apple hasn't said anything about enabling TouchID as part of a multi-factor authentication system. In other words, adding fingerprints (something you are) on top of a password (something you know). Multi-factor authentication is desirable - sometimes mandatory - in government and enterprise.

If you don't want to use Touch ID, you can still use an old-school passcode or password, or - but please don't - nothing.

Fail secure

Touch ID prioritizes convenience but there are some situations where it will lock down and force you to enter your 4-digit passcode or strong alphanumeric password instead.

  1. If Touch ID hasn't been used in 48 hours, you'll need to enter your passcode or password to re-enable it.
  2. If your iPhone has been rebooted or reset, you'll need to enter your passcode or password to re-enable it.
  3. If a fingerprint isn't recognized 5 times in a row, you'll need to enter your passcode or password to re-enable it.
  4. If a remote lock has been sent via Find my iPhone, you'll need to enter your passcode or password to re-enable it.

In all of these cases, Apple is defaulting to a secure state to help protect your data and your iPhone.

I don't see dead people

The Touch ID sensor is wafer thin, measuring only 170 microns. However, it can take 550ppi scans, which allows for a good level of detail analysis. It's also capacitive and reads the fingerprint at a sub-dermal level. That means it's not reading the dead skin on the top of your finger, but the new, living skin beneath the surface. That makes it less likely to be fooled by fake fingerprints, severed fingers, and other sci-fi spy movie tropes.

Touch ID is also orientation independent, and can read your fingerprint in 360 degrees. That's right, according to Apple, you're never going to be holding it wrong.

Five finger friendly

You train Touch ID by holding a finger repeatedly against the Home button, and every time you use it it gets better at recognizing that finger. You can also train Touch ID to recognize up to 5 fingers. Either a up to 5 of yours, on either hand, or up to 5 of yours, your family members, friends, colleagues, etc.

That's important for environments where, for example, an administrator is managing a large number of devices for Enterprise, or in a household where several people might need access to the same device.

Implausible deniability

Touch ID. The first part of the name describes the mechanism. The second part describes the goal. It's a fingerprint identity sensor. That's important because Identity is the next big digital land-grab. Everyone wants to not only know who we are, but be able to prove it. Facebook and Google do it by demanding we broadcast our real names and give them phone numbers lest we risk being locked out of our own accounts. Apple is doing it with fingerprints, which are intimately more personal, though far less public. And while that may have some advantages, it also has a downside.

First, using fingerprints to authenticate transactions also proves you're the one who made the transaction. There's no more "I must have left my phone on the table and someone else did [insert potentially embarrassing or illegal thing here]."

Second, it's much easier - and even legally accepted depending on the jurisdiction - to get someone to put their finger on a sensor than it is to get them to divulge a passcode or password.

Third, while Apple has gone out of its way to insist biometric fingerprint data is locked away on the A7 chipset, never made available to any software beyond the Touch ID sensor, and never uploaded to their servers or synced to iCloud, once data exists, it exists.

Some people might not care about that at all, convenience trumping privacy, and security trumping freedom. Those who are already taping over webcams and microphones will likely want to put an opaque sticker over Touch ID as well.

Multiuser musings

There's been some speculation about TouchID being the gateway to multiuser accounts, particularly on the iPad. While new iPads are expected next month, multiuser would be a non-trivial addition to iOS architecture, and given all the work going into the current updates, one Apple might not have the bandwidth to address this time around.

You can never say never, and Touch ID certainly could be part of an Apple multiuser solution for iOS, it just seems unlikely that solution is imminent.

Update: iOS 8

Apple has announced iOS 8 and, with it, made Touch ID accessible to developers. No one gets access to fingerprint data, not even iOS itself, but the Keychain can now authenticate based on Touch ID yes/no tokens, and pass that authentication on to apps.

How to get more help with Touch ID

Rene Ritchie

Editor-in-Chief of iMore, co-host of Iterate, Debug, Review, The TV Show, Vector, ZEN & TECH, and MacBreak Weekly podcasts. Cook, grappler, photon wrangler. Follow him on Twitter and Google+.

More Posts

 

102
loading...
0
loading...
0
loading...
0
loading...

← Previously

Could or should Apple use the iPhone 5s M7 motion coprocessor to lock out texting while driving?

Next up →

iOS 7 appears to be bringing Siri out of beta

There are 43 comments. Add yours.

mikells43 says:

ive heard some peoples points of view on it and they are paranoid. I myself believe Apple that they will not release the fingerprint info. Companies like HP have been doing it for years on their computers. The fact that you cannot bypass the fingerprint scanner is concerning. Also the thought of having a database of finger prints at the touch of a button is scary also. I have heard people say the info is going right to NSA in Utah.

kch50428 says:

Watch the video... the fingerprint is scanned... converted into a numerical representation that gets encrypted and stored only on the phone's system chip. It goes nowhere else. All that "it gets sent to the NSA" is a load of bovine processed feed grains being passed to stir FUD... fear, uncertainty, doubt.

Burnaby says:

I bet people said the same thing prior to the latest revelations about the NSA activities...
I don't know how valuable fingerprint data is (since most people's fingerprints are already in the system for one reason or another), but the concerns of the covert collection of personal data can't be dismissed as mere FUD anymore.

kch50428 says:

If the NSA wanted your prints, they got em already... they don't need to go through your iPhone5S to get them... your privacy is far more at risk from everyday activity than it ever will be from Apple's print scanner on the 5S. The incessant whining about the print scanner is feature envy from denizens of other platforms that hate on what they don't have.

CORYK333 says:

Thank you!......if people really think Apple putting this fingerprint scanner on the 5s is just what organizations like NSA have been waiting for to collect your info, then I don't have too much faith in peoples' common sense anymore

stephen007 says:

You can bypass the fingerprint reader by using a passcode instead.

stewm says:

Mikells43, you are right a lot of them are paranoid, though I think a lot of them are the Foil hat government conspiracy brigade. As for other information that may worry you.

Maybe I was mistaken but didn't Phil Schiller state 'categorically' during the presentation that the fingerprint data is not even stored anywhere other than inside the physical processor. I presume that it has memory in there that will store it and it never leaves the phone.

Though these are the same people that don't realize that a capacitive fingerprint sensor doesn't actually read the fingerprint it reads the changes to the capacitive field in the sensor. Your body changes ever so slightly depending on the time of day and the sensor will slowly learn to interpret these variations and compensate.

For those that believe that they will have their finger cut off and taken with their phone. This type of sensor will not be able to read an amputated finger. Unlike the screen that uses the same principle of detecting a change in the capacitive field that is picked up by the sensors, because it reads the variations to the capacitance as opposed to the finger print holding the 'dead' finger may activate the scanner but it will not read the fingerprint in the same way because the capacitive characteristics change. That is why it takes more than one read to set up the fingerprint and that is why it has to continually learn as it goes.

Would I worry about having my fingerprints on the iPhone? No. Did I worry when I used my Toshiba laptop a few years ago with it's fingerprint scanner? Not really, apart from the authentic reader used a scanner and it was sometimes a five to 10 minute task to get it to unlock the laptop! I eventually turned it off!

Since as a matter of course, having become a Naturalized Citizen of the USA my DNA, Fingerprints, photograph and everything else have been shared with the FBI, Homeland Security and probably NSA and anyone else It doesn't give me the slightest concern.

Would I buy the iPhone 5S? No. Why? I am waiting for my Contract with Verizon to end and then will look at the Rivals. I don't have a decent signal in half of the area where I am working and even where I live and wasn't until I was in Pasadena and experienced LTE there compared with LTE at home that I realized that my service was worse than appalling. Nothing to do with Fingerprint scanner or anything else and by the time my Verizon Contract Expires It will be time for the next iPhone to be out and I can choose both a new carrier and have the next iPhone.

rustymini says:

So people will have to use the scanner? So no more passwords? Yea, might be concerning.....

ame says:

No, we will not *have* to use it. They're trying to get people to have some responsibility and security with their devices, and this is one other solution being presented to do so, since most people won't take the 2 seconds to enter a passcode.

ame says:

Yknow, anywhere you go, anything you touch, your fingerprints are available for "them" to have. If you work in government, finance, law enforcement, or any sort of secure type industry, you've already been fingerprinted so "they" already have you on file. I don't honestly believe Apple is going to release the information, and I don't honestly believe the NSA is going to work around anything to get to it for 99.9999999% of the population. I am not particularly concerned about this...I know my husband feels very "Minority Report" about all of it, but I feel like the time to have been concerned about it happening was years ago, and it's all well beyond our control at this point.

Adem Reka says:

Honey. I'm your husband. Don't blog all day. Come to sleep.

ame says:

Creepy. How would you post this with no device in the bedroom since I have ALL OF THEM in my possession...

CORYK333 says:

He's sending these comments from the CPU chips where a brain should be (He's been a robot spy for the govt this whole time, run!!!!!!)

Rkolodz1 says:

Awesome. Post of the day.

scottnch1 says:

If Apple says it's stored on the chip, and not uploaded to Apple's servers or to iCloud (which would be a daft place to store it, since that's completely broken and useless) then I believe them.

This is a great feature. Possibly the most compelling reason to upgrade.

stulaw11 says:

If its stored on the chip, which is sounds like, and never goes off of the device then there is nothing to worry about. And you dont have to use it, you can not set it up and use your 4 digit pin if you are still worried for some reason.

Further, lots of iphone users are fingerprinted for their jobs- law enforcement, government, doctors, lawyers, and lots of other with state licenses. They already have you on file and nothing bad has happened, so the tin foil hat is a little too soon.

mikells43 says:

they say its stored on the chip. but Verizon also said that your info is secure on their servers, and the nsa got all the call and text info from a chunk of time earlier this year. so yea..

Kaiju says:

The NSA isn't some rogue hacker, which is what Verizon was most likely referring to when they were discussing having secure servers.

stewm says:

Any of the Carriers will give this information to the authorities and most times they won't even wait for a warrant or court order to be served they will just offer it out. Really the only people that something to worry about are those that have something to hide. I have bigger worries than what the NSA, FBI, CIA, or anyone else reads in my emails and text messages. They can listen in on my phone calls. Heck the ex-missus did it for years. LOL

exnerd says:

Pity I won't be able to use it. Would be awesome to set it to let my 3 year old unlock my phone but then not be able to buy apps. Apparently it's "trust all" no matter what.

On the other hand, I've heard from people who have played with the phone that you can use your nose print if you don't have a spare finger. Useful for those days on the slopes when you don't want to take your gloves off. :)

Ashish Asawa says:

Yes you can, their is setting by which you can allow touch id to unlock but no to buy apps.

Omen87 says:

I imagine that any living surface you put to the sensor can be read. Nose, elbow, knuckle or whatever. It's going to create the mathematical representation of that surface and store it. Doesn't really matter what it is I wouldn't think.

Kaiju says:

Fingerprints are unique, other surfaces are not. I don't think that will work. IF it did work, you probably wouldn't be able to scan it again. It's not like you get elbow prints done by the Feds. There is a biological reason for that.

Chris Summers2 says:

Before people post they should educate themselves so they don't sound uneducated. First of all the finger print information is stored on the ARM chip inside the phone not Apples servers. If you don't trust it then you can continue using a password to unlock your phone. It's the medias that has made this NSA thing an issue. They write headlines so people will read their articles. Apple is trying to improve security since half of mobile phone owners use no security password. Besides if the NSA wants your finger print theirs lots of ways for them to get it. I just don't think Apple or any of the tech companies are willing participant with the NSA. Please don't forget the NSA answers to the President and we voted him into office. If we don't hold elected officials accountable and vote blindly then we have no one to blame but ourselves.

Sent from the iMore App

edd says:

I don't know what folks think the NSA would do with their fingerprints anyway. I speculate people WANT to be concerned about being watched because the reality is most of them lead boring lives. I was in the military, that fingerprint ship has sailed. GIve me the dang phone.

Burnaby says:

"Entering a password on the original iPhone was incredibly painful."

Incredibly painful?
Huh?
It's annoying.
But painful...or incredibly painful?
Um, maybe if you have advanced arthritis....or nerdworld problems.

gbattaglia02 says:

Next iPhone will have a scanner that flips the page following your eye movement and probably take a retina scan. Then a lick screen to unlock with the DNA in your saliva. All culminating in the famous iPhone blood scan (a little needle will come out the top and you'll have to prick your finger to unlock your phone. In the meantime big brother will be gathering and selling all this personal info to the NSA . Nice

Sent from the iMore App

theKHMERboy says:

I think this is a great idea for apple iPhones.. Yes I think you will still have the option to wanna insert a pass code but to use your finger as a pass code is a great idea and I'm looking forward to see it on future iPhone devices and not just the 5s

Dev from tipb says:

NSA concerns aside, passwords and passcodes are communicative testimonial, whereas fingerprints are not.

http://criminal.findlaw.com/criminal-rights/fifth-amendment-right-agains...

This means that the government cannot compel you to give up your passwords without violating your 5th amendment rights, but they can take your fingerprints. Whether or not they can use those fingerprints as a means of access and search is uncharted territory, but the law enforcement will surely argue that they can. At any rate, it is by no means certain that fingerprint alone as a means of security enjoys any kind of constitutional protection.

Sent from the iMore App

Rkolodz1 says:

Nice comment. Made me think of this from a different angle. Of course I am not a drug dealer or other criminal. Basically if you are going to commit a crime then switch your phone to pass code only before they arrest you.

CORYK333 says:

LMAO at all these paranoid people that actually believe they are important enough for the govt (or anyone, really) to spy on.........news flash, you're not!!! Whatever generic, unimportant info you think they could get from this new scanner they already have & don't give 2 sh¡ts about bc, news flash once again.......you're not that important & neither am I :-(
--Chill out, stop being so paranoid, & use this slick new feature if you grab a 5s

Burnaby says:

You're completely missing the point.
For most people, this is not an issue about self-importance or any organization having a "personal" interest in an individual. It's not about delusional paranoia or conspiracy theories either.
It's about the progressive erosion of legal rights and freedoms by a system set up to protect us from threats. We definitely want the protection provided by this system, but it comes at a price of certain liberties in order to do the job they were created to do.
The issue is when we start to become prisoners and victims to the system we created to protect us - and, more importantly, how to deal with the potential of our rottweiler losing it's sense of who it's suppose to protect and ripping out our own throats.
The weapons and methods we employ to protect us, can just as easily harm us if turned against us.
There is significant concern that each thing we give up in the name of security, is one small step towards the absolute hell of a police state - a situation extremely difficult to reverse once it's been established. Just check around the rest of the world.
People have a tremendous desire to prevent that from happening to America.

There used to be time when you could just buy your ticket and get on a plane. Now, in the interest of protecting us, the system has to assume everyone is a potential terrorist and take security actions to prove that assumption wrong.
The danger is a system/society without trust that assumes we're a threat until we "prove otherwise" - it becomes a police state when that mode becomes entrenched and/or is exploited for gains.
Collection of personal information is the fuel and foundation for such a system.

aiwama says:

Imagine that someone wants to get acess to the info stored in your iPhone; with a password they would try and get it from you by asking politely / threatning / getting nasty / begging, etc. With a fingerprint they can just whack you dead and try all your fingersprints until your iPhone is unlocked. Nice, hein!?

Michael Ellis Day says:

Because if they wanted the information on your phone badly enough to kill you, they wouldn't do that now? This argument makes no sense at all.

aiwama says:

No, most likely they wouldn't. Not before they prise the information they would like to have access to. Because now they don't need you to be alive, it would be easier and more practical (in any killer's point of view) just killing you and scan your fingerprints over the Touch ID. No need for water-boarding you...

Mago27 says:

iOS fingerprint sensor usage to unlock the screen may be useless also dangerous, due the device only reads the finger print, not Your Will, so if you're sleeping, drugged, kidnaped (and hogtied ) some one can unlock your phone with your finger (alive but not In your control) and do every thing in your name and most people will believe you're who's send im, tweets, Facebook entries etc

Sent from the iMore App

Harley Kid says:

Although I find the technology interesting, I am going to have to opt out on the simplest of reasons ... construction. I am a general contractor that is CONSTANTLY either moving materials without gloves, installing floor & wall tile or some other task that usually requires bandaids after I super glue the filet back into position. With my luck, I would use my pinky and end up slicing it on an object (you pick it) and would be locked out of my device until healed. I will have to go through the "painful process" (as Burnaby wrote above) in order to ensure access ... No matter my finger prints condition.

kch50428 says:

You'll be able to use the traditional passcode... I fact, using the TouchID will require a passcode be set as alternative method to access your phone.

Harley Kid says:

Nice to see secondary measures have been taken for alternate access to the device. Thanks for the info.

Michael Ellis Day says:

I'm always amazed at the number of people who believe a) their fingerprints are secret and b) their fingerprints possess some magical power that government agencies are desperate to have. You are in far more danger of a thief stealing your phone out of your hand or your pocket and running away with it than you are of being in possession of secret information sought by the NSA. A passcode, whether numerical or fingerprint based, will slow down the criminal in his or her attempt to access your bank account / credit card info / e-mail login until you can get to a computer and remotely wipe your phone. Most people don't use ANY protection like this because they find it inconvenient. TouchID will make it easier for those users, and make new iPhones slightly less attractive to theft. If you don't like it you don't have to use it, but please get a clue before griping about it.

mwalker017 says:

I have seen that Otterbox has come out to say that they are redesigning their defender series in order for it to be functional with the TouchID. I am curious as to how Lifeproof will redesign their case in order to be functional with the TouchID. Will they use some type of transparent thin plastic over the home button? Would that even work? Will they come up with something completely different?

It is something I am curious about, especially with their nuud case for the iPhone 5 offering screen-less waterproof technology being such a big improvement over their previous fre case. It had issues with the screen cover having an air cushion effect which sometimes hindered using the screen.

Does anyone have thoughts on this?