Apple’s Secure Enclave Chip Undergoes Extreme Testing Procedures to Ensure Users’ Privacy

A new report from The Independent details the facility where Apple tests its Secure Enclave chip, the hardware-based key manager that’s isolated from the main processor to provide an extra layer of security.

Photo: Brooks Kraft/Apple

Inside the Secure Enclave chip are key pieces of information, like keys that lock up the biometric data it uses to check users’ fingerprint against when one holds it up to the sensor, as well as keys that lock messages so they can only be read by the people sending or receiving them.

The aforementioned facility houses expensive machines that “abuse” these in-house designed chips to see whether they can withstand hacking and whatever other types of assault anyone might try on them:

In a huge room somewhere near Apple’s glistening new campus, highly advanced machines are heating, cooling, pushing, shocking and otherwise abusing chips. Those chips – the silicon that will power the iPhones and other Apple products of the future – are being put through the most gruelling and intense work of their young and secretive lives. Throughout the room are hundreds of circuit boards, into which those chips are wired – those hundreds of boards are placed in hundreds of boxes, where these trying processes take place.

Those chips are here to see whether they can withstand whatever assault anyone might try on them when they make their way out into the world. If they succeed here, then they should succeed anywhere; that’s important, because if they fail out in the world then so would Apple. These chips are the great line of defence in a battle that Apple never stops fighting as it tries to keep users’ data private.

According to the report, this level of comprehensive testing is a portion of what has made the chip an achievement in privacy recognized by many independent security experts.

“Biometrics aren’t perfect, as the people posting clever workarounds online to supposedly secure logins would attest,” says Chris Boyd, a lead malware analyst at Malwarebytes. “However, there’s been no major security scare since the introduction of Apple’s Secure Enclave – and the release of a Secure Enclave firmware-decryption key for the iPhone 5S in 2017 was largely overblown.”

Craig Federighi, Apple’s SVP of Software Engineering, says privacy considerations are at the beginning of the process, not the end. “When we talk about building the product, among the first questions that come out is: how are we going to manage this customer data?” he told The Independent.

Federighi also responded to the notion that privacy is a luxury good, a comment made by Google CEO Sundar Pichai just a few days ago.

“I don’t buy into the luxury good dig,” says Federighi. “On the one hand gratifying that other companies in space over the last few months, seemed to be making a lot of positive noises about caring about privacy. I think it’s a deeper issue than then, what a couple of months and a couple of press releases would make. I think you’ve got to look fundamentally at company cultures and values and business model. And those don’t change overnight.”

Read The Independent‘s entire report here.