In the latest release of its iOS Security document spotted by TechCrunch, Apple offers a number of details about the function and processes of the Touch ID fingerprint recognition system offered on its iPhone 5s. The document describes the Secure Enclave, “a coprocessor fabricated in the Apple A7 chip,” which manages safely matching active fingerprints read by Touch ID against registered fingerprints saved by the user. While much of how Touch ID behaves was revealed last fall when the iPhone 5s was introduced and through experience, the white page does list more specifics than have previously been made available…
According to Apple, a single registered fingerprint creates a 1 in 50,000 chance of a successful random match with someone else’s print.
Apple describes the Secure Enclave’s system for safely managing identities while keeping the data separate from the rest of the system through encrypted memory and a hardware random number generator.
As many Touch ID users have probably discovered, some instances require passcode use over Touch ID. The document points out exactly when Touch ID cannot be used and passcode input is required:
Apple goes on to describe the role which the A7 plays in authorizing Touch ID:
Additionally, data that is saved to the file system by the Secure Enclave is encrypted with a key tangled with the UID and an anti-replay counter.
You can read the full iOS Security document for information regarding app security, network security, and more here.
Also worth noting, Samsung announced its Galaxy S5 smartphone with its own fingerprint reader with developer access so we asked readers this morning if Apple should allow iOS developers the opportunity to take advantage of Touch ID.
