Touch ID and A7 Secure Enclave Detailed in Updated Apple Security Document

[CausticPuppy]

How so ?

So your saying something that is out in the open is no less secure than something that's kept ?

Isn't telling people what security that's used and exactly how it works, gives them an advantage to try and attack what they would otherwise have to find out for themselves (hence more secure) because they don't know ? Regardless of the method used for security.

Its like picking a lock vs telling someone how to (it may not be easy based on what security, but at least telling peple, you have something to go on, vs nothing at all)

The strongest encryption standards we currently use are also public and well documented. Everybody can learn exactly how they work. Yet they are secure enough that banks rely on them. Ever wonder why?

Hiding how something works, aka security through obscurity, is not good security.

 

[jkichline]

Then...

My 5S's sensor appears to be deteriorating in recent weeks. I've gone from at least a 90% success rate to a 10% success rate. I have redone my prints multiple times. It seems like I get better results if I clean the home button every time, but you shouldn't have to do that, and it makes me suspect a hardware failure.

Then take it to an Apple Store and get a replacement. It's under warranty.

 

[pure3d2]

My 5S's sensor appears to be deteriorating in recent weeks. I've gone from at least a 90% success rate to a 10% success rate. I have redone my prints multiple times. It seems like I get better results if I clean the home button every time, but you shouldn't have to do that, and it makes me suspect a hardware failure.

It means your fingers are filthy. Have you tried bathing once in a while?

 

[pgiguere1]

Because you're on an Apple-based website?

I'd agree with you if he said something like

How come no one here cares about security when Samsung does it yet when Apple does it we all FLIP?

But he made no mention of this website specifically so it's safe to assume he meant "in general".

And from my observation looking at comments of plenty of tech websites (that aren't Apple-focused), it's true that way more people were skeptical about Touch ID's security than they were about about the GS5's fingerprint scanner.

And that's despite the fact that:

1. Apple explained the security enclave stored on the A7 and the fingerprint hash thing whereas Samsung didn't say whether they had similar security mechanisms. Only thing they said is that it was "encrypted", but that's a given. Exactly how it's encrypted is what matters, and Samsung didn't really explain that.
   
2. Unlike Apple which took the decision to give no third-party access to Touch ID, Samsung immediately announced third-party partnerships. Not only that but a third-party partnership with PayPal, which doesn't exactly have the cleanest ethical track record.

So now, does that mean more people have double standards against Apple than they do about Samsung?
I think the answer is Yes.

But it's not anything against Apple specifically, just against people/brands with a lot of mainstream attention/appreciation. People love to hate what's loved.

You can clearly see that Samsung is getting there too however. Their brand has gained so much recognition in the past few years that you can already see people having double standards against Samsung more than against other Android OEMs.

You didn't see that amount of hate towards TouchWiz, cheap plastic, marketing budgets and such only a few years ago, even though Samsung's approach didn't change that much. What did change, however, is Samsung's mainstream popularity and perception.

The amount of negativity something/someone gets is nowhere proportional to how actually bad it is, otherwise it wouldn't seem like Justin Bieber is the most hated human on earth. It's more of a popularity thing, and indirectly a way for people to validate their choices, find common opinions with other people, and just generally feel better about themselves.

 

[Rogifan]

According to this article the Galaxy S5 fingerprint data is not stored locally, it's encrypted and sent to PayPal. I'd be curious to know where PayPal is storing what's sent to them.

http://www.smh.com.au/it-pro/busine...rint-payments-very-secure-20140227-hve02.html

"The important thing about this announcement is that none of your biometric data is stored on that phone.

"It's not storing your fingerprints locally. It takes your fingerprint, encrypts it, sends it to PayPal, they decrypt it, checks it's the same, and then you're authenticated. It's very, very secure."

 

[Essex711]

Good timing with the new Samsung S5 Touch-wipe-button. Hey how come no one cares about security when Samsung does it yet when Apple does it we all FLIP?

Because they implement it better than anyone else can. Also, if you read Apple's website the button is made out of sapphire crystal - it makes sense why then have been ramping up the sapphire crystal plant, they are going to put fingerprint technology into all of their devices.

 

[ziggie216]

According to this article the Galaxy S5 fingerprint data is not stored locally, it's encrypted and sent to PayPal. I'd be curious to know where PayPal is storing what's sent to them.

http://www.smh.com.au/it-pro/busine...rint-payments-very-secure-20140227-hve02.html

"The important thing about this announcement is that none of your biometric data is stored on that phone.

"It's not storing your fingerprints locally. It takes your fingerprint, encrypts it, sends it to PayPal, they decrypt it, checks it's the same, and then you're authenticated. It's very, very secure."

So what happens if the phone is offline?

 

[kdarling]

...and now Samsung will copy it and implement it in the all-new Galaxy S5 coming in 6 months or less.

Samsung already implemented a secure enclave, starting back in 2012 on the Galaxy S3, by reportedly being the first mobile phone maker to enable the ARM TrustZone architecture in their Exynos SoC.

Samsung Galaxy S3 may be the first smartphone with full ARM TrustZone support for enabling 100% security in everything online. - ARMdevices.net

It is also apparently used to secure Knox, their NSA derived kernel.

According to this article the Galaxy S5 fingerprint data is not stored locally, it's encrypted and sent to PayPal. I'd be curious to know where PayPal is storing what's sent to them.

Unfortunately you managed to run across just about the only reporter who got it wrong.

As all the major news sources correctly reported, a fingerprint hash is generated and stored on the device itself. NO fingerprint info leaves the device, nor do applications have access to anything but whether a print matches or not.

As for Paypal, here is their explanation:

"The only information the device shares with PayPal is a unique encrypted key that allows PayPal to verify the identity of the customer without having to store any biometric information on PayPal’s servers."

.

 

[MH01]

I posted a question concerning obvious Android fanaticism on the Android Police site some months ago. The amount of hate posts received in response to what was a simple and honest question was astounding. Bottom line is that Apple Fanbois are much more civilized and even tempered than are Fandroids, IMHO.

Ha ha ha ha ha ha post the right question here and see what happens

Fanboi/Fandroid all bad as each other, simple as that.

Nice try.

 

[curmudgeon32]

My issued with TouchID isn't security, it's that it sucks.

I have to re-learn my fingerprint every 90 days. TouchID gets worse and worse and worse as time rolls on.

Mine is still rolling along very reliably several months after I first set it up. At one point early on, I did follow some advice I read somewhere and registered my right thumb in an additional slot (so it's been read in twice) and that seemed to make it more reliable — and like I said, I've seen no deterioration over time.

 

[BvizioN]

iOS cydia tweaks can't actually access the fingerprint data yet can use the fingerprint scanner.

I wouldn't trust not even a bit a jailbreak device either. I really don't care what others say, once you jailbreak it, you open the gates to many threats.

----------

My 5S's sensor appears to be deteriorating in recent weeks. I've gone from at least a 90% success rate to a 10% success rate. I have redone my prints multiple times. It seems like I get better results if I clean the home button every time, but you shouldn't have to do that, and it makes me suspect a hardware failure.

I would take the device back to Apple store if I was you. Mine, got it on the first week it was released, it only fail if my fingers are moist. So far am very impressed with it.

 

[BvizioN]

True

The big issue is if the finger doesn't scan most people have a 4 digit code. My friend guessed mine after 17 tries.

The finger print should require a more complex code otherwise it becomes useless. There should be an option to also require fingerprint and code if you wish if your phone has very secure data on it.

You are aware that you can turn OFF the simple 4 digit pass code and choose to have a complex much longer password? It makes much more sense now with touch ID because you don't have to enter it every time you unlock the phone. Only when you restart it, or if your touch ID fails after several attempts.

 

[patent10021]

Good timing with the new Samsung S5 Touch-wipe-button. Hey how come no one cares about security when Samsung does it yet when Apple does it we all FLIP?

The bold is why

 

[mikecorp]

I'm upset...

-I do not care anymore that Samsung ripped Apple and manufactured look alike iPhone, iPad.

-I do not care anymore that Samsung is copying original advertisements from Apple. (i guess they are not that creative)

-but what pis*** me off is that Samsung is copying my favourite Dyson vacuum cleaners.

 

[mw360]

And with Siri, I hadn't realized that contact names and relationships, music library information, and reminder lists are uploaded to the Siri server.

I'm pretty sure my iPhone5S told me that on first usage. Maybe not all of it, but the contacts part definitely. Of course if you're an iCloud user they already have all that stuff on the servers anyway.

 

[Four oF NINE]

Still waiting for Al Franken to send this to Samsung. Where is the concern over how secure Samsung's finger print scanner is? Seems to me a bit hypocritical that there was all this hysteria around Touch ID and with the Galaxy S5 it's basically a collective yawn.

Yes well.. You see, Al Franken actually uses Apple products. It's much easier when you care about the product.

 

[BvizioN]

Yes well.. You see, Al Franken actually uses Apple products. It's much easier when you care about the product.

Correct me if I am wrong but from what I understood on his letter he was concerned about millions of people who would be using Touch ID on iPhone 5S! So yes, it would be wise of him to be just as much concerned for other millions of people who would be using fingerprint scanner on the latest galaxy phone too.

 

[SPUY767]

Good timing with the new Samsung S5 Touch-wipe-button. Hey how come no one cares about security when Samsung does it yet when Apple does it we all FLIP?

Because the less secure your data is, the more money Google stands to make.

 

[MrGimper]

-I do not care anymore that Samsung ripped Apple and manufactured look alike iPhone, iPad.

-I do not care anymore that Samsung is copying original advertisements from Apple. (i guess they are not that creative)

-but what pis*** me off is that Samsung is copying my favourite Dyson vacuum cleaners.

And didn't their ChromeBook look like a total copy of the MacBook Air.

Not just Samsung ... HTC have just released an "Exclusive" Gold HTC One. Wow, how original. And didn't the HTC one look like the back of the iPhone 5?

 

[wikiverse]

So what happens if the phone is offline?

Nothing. If the phone is offline you wouldn't be able to search the web or make paypal payments anyway.

 

[sulpfiction]

Because you're on an Apple-based website?

He's not talking about people on this site. And while yes, we were concerned over the security of the new technology, it was the large corporations, and goverment officals that were going crazy and wanting to put a hold on using the 5S until they understood it, and it was determined safe and secure. Which it has proven. I don't think anyone is really gonna care about the Samsung scanner. Just another half hearted attempt to copy iPhone...As is the new gold color. Which BTW, makes an already ugly phone even more hideous.

 

[kdarling]

Still waiting for Al Franken to send this to Samsung. Where is the concern over how secure Samsung's finger print scanner is? Seems to me a bit hypocritical that there was all this hysteria around Touch ID and with the Galaxy S5 it's basically a collective yawn.

Hysteria often comes from ignorance.

At first, there was much ignorance about how fingerprint sensor data is stored and used, so at the time there was a lot of curiosity from people like Franken.

Knowledgeable people now understand that the way these things work, is that user apps do not have access to any personally recognizable data. They only know if a match occurs or not.

In Paypal's case, they don't even seem to know that it was based on a fingerprint. All they get is a personal key from the device (no user name and password is sent) that indicates the device has authenticated the user in some way.

I would hope that the user can set it up to require both a print and a PIN, though.

 

[rdlink]

My 5S's sensor appears to be deteriorating in recent weeks. I've gone from at least a 90% success rate to a 10% success rate. I have redone my prints multiple times. It seems like I get better results if I clean the home button every time, but you shouldn't have to do that, and it makes me suspect a hardware failure.

Your suspicion is likely correct.

First of all, if you live in a very cold part of the country, it's at least a little feasible that you are having the failures when you're out in the cold. I've seen accuracy go down quite a bit when your fingers are very cold.

Having said that (and considering that the above is only a small possibility, IMO) I recently took my iPhone to the Genius bar and had them run diagnostics on it. My reasoning for it was because my Touch ID had gone from near 100% accuracy to 30-40% accuracy, at best. I, too had re-trained it with my fingers multiple times. I was also experiencing issues with my phone losing LTE signal, switching to 3G, and not going back to LTE when it was obvious that I was within range of an LTE enabled tower. I would have to put my phone into airplane mode, and bring it back out again to get an LTE signal.

So the guy ran the diagnostics, showed me the results on screen, and pointed out all of the apps crashing. He told me that he'd handicap it at about a 60-40 chance that the problem was software over hardware, and that I would likely eliminate the issues if I wiped my phone and did not restore it from backup. To be honest, this seemed like it might have some merit, because I have run some developer versions of iOS on my profile in the past, and it's possible that there is some residual funkiness (term of art) left over in there.

Nonetheless, I pressed him a bit, because I was not particularly looking forward to rebuilding my phone settings and reconfiguring my 120+ apps. So he went ahead and gave me a new phone.

Since then my Touch ID has been working flawlessly again. I continue to see some issues with the LTE problem from time to time, but even that hasn't been as bad.

So, long story short, given your description of your issue I'd say you have a decent chance that a hardware swap would fix it.

 

[parseckadet]

Each Secure Enclave is provisioned during fabrication with its own UID (Unique ID) that is not accessible to other parts of the system and is not known to Apple. When the device starts up, an ephemeral key is created, tangled with its UID, and used to encrypt the Secure Enclave's portion of the device's memory space.

Honestly, this is the part that interests me the most. How does this UID provisioning occur? Does a computer assign it? If so, what happens if that computer is compromised? Doing such a thing is something I would not put past the NSA nor the Chinese.

What would be better would be to find a way to make the UID self-assigned. Of course, the danger there is that you have to be careful that there isn't a way to fool the chip into thinking it's back at the factory and needs to assign itself a new UID.

All of this is just me trying to noodle out some ideas. I don't spend time worrying that the NSA could access my TouchID data.

 

[Cole Carrera]

The strongest encryption standards we currently use are also public and well documented. Everybody can learn exactly how they work.

General rule: serial # 000001 is sent directly to the Kremlin.