Skip to main content

The inner workings of Touch ID: Each fingerprint sensor is paired to a specific A7 chip

TouchID-iPhone5S-fingerprint-sensor-01

When Apple introduced Touch ID on the new iPhone 5s, the company provided some basic information about the kinds of security used to protect users’ fingerprints and data. A new discovery by iMore reveals that Apple has even more security in place than they discussed with the public.

According to iMore, each individual Touch ID sensor is paired with its corresponding A7 processor. To confirm the pairing theory, iMore switched the Touch ID sensors from two brand new iPhones and attempted to setup each device. Each phone failed to recognize the sensors and returned an error until the sensors were swapped back to their original phones.

iMore’s Nick Arnott and Allyson Kazmucha speculate that this is to prevent man-in-the-middle style attacks in which fingerprint data is intercepted between the A7 processor and Touch ID sensor by nefarious third-parties. This explanation makes a lot of sense and seems like a logical security feature for such sensitive data.

You can think of the Touch ID sensor as a key and the A7 processor as a door lock. If every key worked in every lock, it would be easy to simply copy any key and let yourself into someone else’s house. Because each sensor and A7 chip are unique to each other, copying one key (cracking the security on one Touch ID sensor) does not let you into every house on the block. In the event that someone does find a way to intercept fingerprint data on one iPhone 5s, pairing the hardware components helps prevent this hack from working on every other device.

iMore’s entire post is quite interesting and includes a bit more detail about the process of discovering this security mechanism and its potential impact on iPhone security. I recommend giving it a read.

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

  1. Larry Kwan - 10 years ago

    Wow, they went the extra mile on this one.

  2. Kadeem Kadz Dulice - 10 years ago

    Simple reasons, why i love my phone

  3. tallestskil - 10 years ago

    In before whiners complaining how this will make replacing the “inevitable to fail” Home Button impossible.

    Take care of your possessions and you won’t have that problem.

  4. Walter Cooke - 10 years ago

    In information security standards, this is referred to as “Trusted Path”, a component of the “B” level of trust when evaluating the trustworthiness of a system where Mandatory Access Controls (MAC) are used to enhance the security of the system. Trusted Path security ensures that no one can attack the path between the two computer components being assessed.

  5. iMaurus (@iMaurus) - 10 years ago

    Logical question: What if I need to replace the Touch ID/Home button ? Should I need to replace entire logic board ? O_o

    • Adhish Chugh - 10 years ago

      Umm, no. I think. If you need to replace your Touch ID for some reason, probably because it isn’t working, you should unlock the device with your password and turn off Touch ID. Then when you replace the Home Button, you can set it up again. I hope that’s how it works as it doesn’t make sense to remove both the logic board and the home button just because the home button has issues.

      • Wrong, i don’t this would work and apple wont risk the information of how change the touch id sensor, the would (for saving time, money and reputation) give you a new phone and trow the damaged one in the trash can.

      • Marty Anderton - 10 years ago

        No… They explained they attempted to set up each touch sensor on the new phones and it did not work. The reason is because each touch sensor is paired with a specific A7 chip. Replace both. Just like a gun… it’s firing pin is specific to that gun, switch it to another…. it does not work

  6. thejuanald - 10 years ago

    If they didn’t do this, that would be an incredible security hole. Why is taking the necessary measures for device security news? Must we applaud people for not doing something stupid now?

  7. Larry Gray - 10 years ago

    @Maurus “What if I need to replace the Touch ID/Home button ? Should I need to replace entire logic board ?”
    You won’t be the one replacing it as it is not a user repair. Suspect it is not even a 3rd party technician repair. Suspect it will be Apple only repair and they will have the equipment that they keep secure for pairing as the original was paired.

    • thejuanald - 10 years ago

      Replacing the battery is also not a “user repair” but that hasn’t stopped me from replacing it twice. Spending $10 or less for a battery and doing it yourself is way better than the $150+ apple charges.

      Also, if the Touch ID broke and you took it to apple, they wouldn’t fix it, they would replace the phone and charge you out the ass like they do for everything. It’s cheaper to just replace the cheaply made phone than pay someone to repair things.

  8. Vladimir Krejci - 10 years ago

    What worries me most about this technology is that all you need is one of the owner’s fingers. You can even do it in a public place. Just make him drunk enough or drug him…