Share:

Discovery Reveals How Apple Takes Touch ID Security to Another Level

Share:

touch id part

With Touch ID, Apple has added another layer of security to the iPhone 5s. According to the company, a huge percentage of iDevice users don’t even use a passcode. We know that the technology behind Touch ID consists of the combination of a laser-cut sapphire crystal with the capacitive touch sensor to take a high-resolution image of your fingerprint and store the encrypted fingerprint information securely in the Secure Enclave inside the A7 chip on the iPhone 5s.

But is this the only precaution Apple has taken to secure your data? iMore has started its own investigation and found some interesting hardware-level security implementations.

As their investigation, with the help of a repair company, mendmyi, reveals, Apple has gone the extra mile and paired each individual Touch ID sensor to each individual phone. The discovery was made after the repair company was looking for an answer for a failed Touch ID setup.

Going beyond a potential software issue, they started investigating the hardware and found that if you take two iPhone 5s devices and switch the touch sensor between them, they will stop working. In other words, the Touch ID component cable assembly itself is tied to each individual A7 chip.

On the question of why Apple would do such a thing, iMore’s security expert, Nick Arnott, theorizes that “pairing the A7 chip to a specific Touch ID, this could make it more difficult for tinkerers to try and intercept communications to reverse engineer how the components talk to each other.”

As a result, Touch ID does add an extra layer of security to the iPhone, and for those who didn’t use a password before, it will certainly mean a lot. But, as we know, Touch ID can be hacked. In fact, it was hacked just 48 hours after the iPhone 5s hit the stores.

So, in the end, Touch ID provides a convenient security control. Don’t expect the ultimate security control from Touch ID, of course, but it will certainly protect your data from casual attackers.

Share:

  • Vincent Joly

    Does that mean it’s not repairable!?

  • JohnnyQ

    It was spoofed not hacked.

Deals