Apple provides details on Touch ID's privacy features

Apple provides details on Touch ID's privacy features

Summary: Fear not, tinfoil hatters and conspiracy theorists, Apple's built-in a good deal of security into the iPhone 5s to protect your fingerprint data.

SHARE:
TOPICS: Apple, iOS, iPhone, Mobile OS
39
Apple provides details on Touch ID privacy features - Jason O'Grady

The new fingerprint sensor in the iPhone 5s won't store images of actual fingerprints in the device, nor will it upload them to Apple servers (including iCloud) according to an Apple statement given to the Wall Street Journal today.

Instead of proper scans, Touch ID only stores "fingerprint data," which remains encrypted within the iPhone's processor, according to Apple. This is then converted into a digital signature which is used to unlock the phone or authorize purchases in the App stores.

If accurate, this would mean that even if someone compromised the iPhone 5s' encrypted chip, they wouldn’t be able to reverse engineer your fingerprint. In theory, anyway. 

In the iPhone 5s promotional video Apple Senior VP of Hardware Engineering Dan Riccio explains the security measures included in Touch ID:

All fingerprint information is encrypted, and stored inside the secure enclave inside our new A7 chip. Here it is locked away from everything else, accessible only by the Touch ID sensor. It's never available to other software, it's never stored on Apple's servers, or backed up to iCloud.

Riccio's statement about the fingerprint data (and scanner) being off limits to other apps can be both a positive and a negative. Apple would emphasize that a nefarious app can't steal the data, while others, like ZDNet's own Jon Fontana, think that Touch ID's lack of developer access is a limiting factor for enterprise users.

Fingerprint data is encrypted and store inside the Apple A7 chip - Jason O'Grady

Fontana thinks that Touch ID is more of a consumer play than an enterprise security feature. He concedes that the likely win for the enterprise is that more BYOD users will lock their phones thus protecting the applications and data contained on them.

The other revelation from Apple is an addition security measure that the company built into Touch ID:

Apple customers who wish the use Touch ID also have to create a passcode as a backup. Only that passcode (not a finger) can unlock the phone if the phone is rebooted or hasn’t been unlocked for 48 hours. This feature is meant to block hackers from stalling for time as they try to find a way to circumvent the fingerprint scanner.

Apple also divulged that although it's an improvement over the craptastic fingerprint scanners built into some laptops (which require numerous scans and are almost universally abandoned), Touch ID doesn't fare well with fingers covered in sweat, lotion or other liquids. Apple also told WSJ that the iPhone 5s fingerprint scanner has trouble reading fingers scarred by accidents or surgery. In those cases, a user can easily use another digit.

Apple didn't comment on wether the NSA was involved in the development of Touch ID or if it has access to the encrypted data stored in the A7 chip.

Further reading:

Here's the video. The Touch ID content starts at the 00:43 mark:

Topics: Apple, iOS, iPhone, Mobile OS

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

39 comments
Log in or register to join the discussion
  • AND?

    What point is security? When they hand they information to NSA?
    And do you understand how easy and fast it would be for them to just pull a low KB picture from a phone, straight from the source, or through another app?

    Sounds like Apple have paid CNet to calm people down.
    Wall.iPhone4
    • WARNING

      This data IS accessible, and Apple knows it. What they've done is the bare minimum level of protection needed to cover themselves.

      You don't even need the whole perfect fingerprint. Apple's experts know this perfectly well. A fingerprint match involves certain points in a standardized pattern.

      That's what the device stores. And that's exactly what hackers, the police and NSA would want! It's a disgrace to hear Apple trying to playing-down legitimate concerns by misleading customers about how fingerprint technology works.

      On the street, Apple's new gimmick means that muggers will start cut of the hands or fingers of victims. The victim no longer needs to be alive to gain access.

      Do not use an iPhone. This is corporation willing to put people's lives and security at risk for the sake of a marketing gimmick, and we now know that they'll be as dishonest as it takes to cover their tracks.
      Tim Acheson
      • You are joking right?

        A mugger may cut off your finger to get you to tell your password, never mind to use it scan your print. Or beat you silly. Or worse. What a stupid comment.
        CowLauncher
        • Tim Acheson is Hillarious When Off His Meds!

          He needs to take his psychotics - quickly! His iHate is nearly to Toddy's level but he's not quite as smart.

          Tim - you need help, dude.
          Gr8Music
      • Put Up...

        "This data IS accessible, and Apple knows it."
        Okaaay...so tell us 'how' it is available and prove how Apple knows this.

        "You don't even need the whole perfect fingerprint. Apple's experts know this perfectly well. A fingerprint match involves certain points in a standardized pattern."
        So you know precisely the scanning algorithm, how the scanner technology works and the complete data set held in an encrypted locker? So you know for certain that Apple does not use biometric feedback to differentiate between dead and living flesh? And if they are...that it doesn't work?

        ...Or shut up!

        The rest of your craptastic paranoia FUD is laughable. Hate to tell you so late in the game, but the threat of violence against anyone's person is invariably enough to make them give anything you want.
        frogspaw
      • Fixing your post

        This data IS accessible, and Microsoft knows it. What they've done is the bare minimum level of protection needed to cover themselves.

        You don't even need the whole perfect fingerprint. Microsoft's experts know this perfectly well. A fingerprint match involves certain points in a standardized pattern.

        That's what the device stores. And that's exactly what hackers, the police and NSA would want! It's a disgrace to hear Microsoft trying to playing-down legitimate concerns by misleading customers about how fingerprint technology works.

        On the street, Microsoft's new gimmick means that muggers will start cut of the hands or fingers of victims. The victim no longer needs to be alive to gain access.

        Do not use an Windows Phone. This is corporation willing to put people's lives and security at risk for the sake of a marketing gimmick, and we now know that they'll be as dishonest as it takes to cover their tracks.

        There, fixed it for you. So Owlnet how many alts do you have on here?
        athynz
        • Hmmm...

          'Cowboy' Tim Acheson is a pretty well upfront Microsoft shill who wakes up once in a while to post mostly unoriginal FUD in defiance of facts, logic and plain common sense
          Owlnet by comparison...is two stops short of Barking(sorry, London underground joke).
          frogspaw
      • Wow, you really have NO idea what you are talking about...

        Do some basic research before you make ignorant comments. This sensor makes a muti-layer scan (does not store any photographic data) and creates a hash value via a one-way computation. There is NO way to derive the fingerprint from the hash value (look up "one-way hash"), and there is no way a fingerprint lifted from a glass or other surface can be used to trigger the sensor. Further, this hash value is encrypted and stored in a protected area of the chip. Will it be perfect? No. But your comments are nothing but rotten horse feces.
        denobin
        • Or maybe not

          You might want to look at this:

          http://www.bbc.co.uk/news/technology-24203929
          gavind1974
    • Smear tactics: "tin foil hat"

      @JasonOGrady @ZDNet Your cynical and cheap link bait attempt to smear legitimate Apple critics as tin-foil hat wearing cranks is duly noted. You're complicity in Apple's corporate propaganda is disappointing.
      Tim Acheson
      • Just as your

        FUD and complicity in Microsoft's corporate propaganda is the hallmark of a paid Microsoft shill.
        athynz
    • What's the point?

      What's the point exactly? If the NSA can have all of your data how is a fingerprint lock any less secure?

      How easy?
      First, even the OS doesn't have access to a picture of the print, and it's not a picture, it's a hash from EM properties of the sub dermal skin layers. Not only is it not easy, it sounds pretty darn impossible without physically opening up the processor and using forensic data recovery and decryption.
      Just take 2 seconds to read about it an not be totally dismissive that it's all BS.
      taylor@...
    • Isn't it too much?

      In any case don't use the fingerprint scanner if you don't like it.
      ibrahim_bittar
  • DANGER

    You don't need the whole perfect fingerprint. Apple's experts know this perfectly well. A fingerprint match involves certain points in a standardized pattern.

    That's what the device stores. And that's exactly what hackers, the police and NSA would want! It's a disgrace to hear Apple trying to playing-down legitimate concerns by misleading customers about how fingerprint technology works.

    On the street, Apple's new gimmick means that muggers will start cut of the hands or fingers of victims. The victim no longer needs to be alive to gain access.

    Do not use an iPhone. This is corporation willing to put people's lives and security at risk for the sake of a marketing gimmick, and we now know that they'll be as dishonest as it takes to cover their tracks.
    Tim Acheson
    • Ignorance

      Please please read how this sensor works before making these claims.
      A dead finger will not unlock the phone. so people can cut off thumbs. Personally I think it's easier to hold a gun to someone's head and then a finger print isn't necessary to get you to unlock the phone.

      Then again the phone was never liked because be person was too lazy to set a pass code that they otherwise would have had if they could have used their thumb most of the time.

      Get used to it because your next android phone will have one of these.
      taylor@...
      • correction

        locked (not liked)
        taylor@...
      • Wrong

        "A dead finger will not unlock the phone"

        That is absolutely wrong. Neither has anybody apart from you even made such a claim -- you invented this fiction yourself. Outright lying is a hallmark of Apple apologists online.

        A dead finger absolutely will unlock the phone using this particular scanning component and indeed almost all similar components that are currently available. Even a photocopy of the fingerprint is usually sufficient, because the sensor module it's essentially a high-contrast camera.

        Why attempt to discuss a topic if you know literally nothing about it?
        Tim Acheson
        • Scanner is not a camera

          Read the tech.

          The phone is a high res touch scanner not a camera at al.

          Try holding a photo of a finger on a touch screen. Does anything happen? Why not?

          You make up rubbish and have no clue nor any sense of humour or reality.
          richardw66
        • What's the point

          Wake up Tim. Microsoft dead in mobile.

          They're finished.

          If they weren't nailed to the perch, they would be pushing up daises.

          All your had work on the FUDS front is wasted because Microsoft just aren't there to pick up the slack.
          Henry 3 Dogg
      • TV education

        The one and only source for claims that a dead finger may not work is an episode of the TV series "Mythbusters" which -- obviously -- did not properly test this using the finger of somebody who was subsequently killed for the experiment! The attempted to emulate it. In practice, we know for certain that a dead finger is in fact sufficient. The same Mythbusters episode also managed to trick the sensor using an imprint taken from a finger -- and an imprint obviously is not a living finger.
        Tim Acheson