Apple will start selling the iPhone 5S tomorrow, and one of its most anticipated new features is the fingerprint reader. Users will be able to lock and secure their phones with their fingerprints and avoid the hassle of having to enter a passcode each time they unlock their phones. Fingerprint reading has a lot of promise, but many have wondered how exactly will the iPhone secure the fingerprints? Nobody wants outsiders to be able to steal their fingerprint information without their knowledge.
It turns out that Apple’s new A7 processor has some interesting new features that will keep the fingerprint data safe and secure. Brian Roemmele explains the details in a fantastic post on Quora. If you’re at all interested in hardware security, you should take a few minutes to read Brian’s excellent explanation.
Here’s a short summary. The A7 processor is based on the ARMv8 architecture. ARM has recently introduced a couple of technologies known as TrustZone/SecurCore which allow the CPU to securely manage memory and peripherals. Using this technology, Apple can securely store and manage fingerprint data in memory and only allow certain trusted systems to access it.
Brian writes:
The security of the TrustZone system is achieved by partitioning all of the hardware and software resources so that they exist in one of two worlds – the Secure world for the security subsystem or the Normal world for everything else. …
The deep level hardware based secure architecture is rather rock solid. It would require a rather large magnitude of hardware hacking to even attempt access to the data stored in the Secure Enclave.
He also hints that Apple will provide developers with secure access to this technology through some as–yet undisclosed pathways.
There are dozens of applications and use cases on the roadmap and I am certain a developer economy will build around this amazing technology. One that is very clear is retail payments and Apple will have quite a number of unique ways they will solve real problems for merchants and iPhone users. I can say this aspect of Touch ID will be more magical then what we have seen thus far.
Undoubtedly the new fingerprint reader will change how we manage our password and identity information. If Apple’s new A7 CPU can actually keep the fingerprint data as secure as Brian describes, then we can expect more and more uses for fingerprint authentication in the future.