The new fingerprint sensor in the iPhone 5s won't store images of actual fingerprints in the device, nor will it upload them to Apple servers (including iCloud) according to an Apple statement given to the Wall Street Journal today.
Instead of proper scans, Touch ID only stores "fingerprint data," which remains encrypted within the iPhone's processor, according to Apple. This is then converted into a digital signature which is used to unlock the phone or authorize purchases in the App stores.
If accurate, this would mean that even if someone compromised the iPhone 5s' encrypted chip, they wouldn’t be able to reverse engineer your fingerprint. In theory, anyway.
In the iPhone 5s promotional video Apple Senior VP of Hardware Engineering Dan Riccio explains the security measures included in Touch ID:
All fingerprint information is encrypted, and stored inside the secure enclave inside our new A7 chip. Here it is locked away from everything else, accessible only by the Touch ID sensor. It's never available to other software, it's never stored on Apple's servers, or backed up to iCloud.
Riccio's statement about the fingerprint data (and scanner) being off limits to other apps can be both a positive and a negative. Apple would emphasize that a nefarious app can't steal the data, while others, like ZDNet's own Jon Fontana, think that Touch ID's lack of developer access is a limiting factor for enterprise users.
Fontana thinks that Touch ID is more of a consumer play than an enterprise security feature. He concedes that the likely win for the enterprise is that more BYOD users will lock their phones thus protecting the applications and data contained on them.
The other revelation from Apple is an addition security measure that the company built into Touch ID:
Apple customers who wish the use Touch ID also have to create a passcode as a backup. Only that passcode (not a finger) can unlock the phone if the phone is rebooted or hasn’t been unlocked for 48 hours. This feature is meant to block hackers from stalling for time as they try to find a way to circumvent the fingerprint scanner.
Apple also divulged that although it's an improvement over the craptastic fingerprint scanners built into some laptops (which require numerous scans and are almost universally abandoned), Touch ID doesn't fare well with fingers covered in sweat, lotion or other liquids. Apple also told WSJ that the iPhone 5s fingerprint scanner has trouble reading fingers scarred by accidents or surgery. In those cases, a user can easily use another digit.
Apple didn't comment on wether the NSA was involved in the development of Touch ID or if it has access to the encrypted data stored in the A7 chip.
Here's the video. The Touch ID content starts at the 00:43 mark: