The security measures Apple has put into place for the Touch ID fingerprint sensor on the iPhone 5s are quite incredible. There’s the “secure enclave” within Apple’s new A7 chip that holds all the encrypted fingerprint data, and today a new security measure has been discovered that prevents Touch IDs from being swapped on an iPhone 5s.
The finding, made by iMore, reveals that each Touch ID sensor is tied to a unique A7 chip:
We took two iPhone 5s handsets that had never been opened before, and verified Touch ID was working on both. The front assemblies, which contain the Touch ID assembly itself, were then removed and swapped. After re-assembly, both Touch ID setups failed. When returned to the original device, Touch ID once again operated correctly.
This confirmed for us that the Touch ID component cable assembly itself is tied to each individual A7 chip.
(An iPhone 5s with a Touch ID different from the one it originally came with.)
The most obvious reason Apple has this security measure in place is to prevent someone from swapping your iPhone’s original Touch ID sensor with a malicious one, that could capture your fingerprints without you knowing. While the Touch ID, as of now, can be used only to unlock your device and authenticate your iTunes purchases, in the future, the sensor could also be used for generalised payments.
Of course because the two components are tied, it becomes much harder to repair a broken Touch ID sensor. So an extra security protection is added for the average user at the cost of repairability. Such measures however don’t prevent sophisticated tricks that could bypass the Touch ID sensor with a high resolution copy of the owner’s fingerprint.
No comments:
Post a Comment