As noted in Tuesday's iPhone event coverage, Apple is debuting a new biometric authentication and security method in Touch ID, a capacitive fingerprint sensor integrated into the iPhone 5s' home button. While the technology was briefly covered during the presentation, an Apple spokesman elaborated on the tech in an interview with The Wall Street Journal on Wednesday.
The person confirmed that Touch ID does not store fingerprint images on-board, nor does the method upload gathered information to off-site servers like iCloud. Instead, encrypted "fingerprint data" is placed in a secure enclave in Apple's A7 SoC, which is used to digitally verify users who want to gain access to the phone and its features.
This setup adds a bit of extra security for the extremely sensitive personal data. Even if a thief or cracker managed to obtain the A7 chip, the replication or reading of a user's fingerprint would be an unlikely scenario.
Also of note is how Apple chose to implement security safeguards and backup systems to go along with the new hardware. First, a user must enter a passcode to initiate the iPhone 5s' biometric capabilities. As a protection against nefarious users trying to bypass the security measure, only this code can be used to unlock a device after it's been rebooted or has been left unlocked for more than 48 hours.
Apple cautions that the Touch ID sensor is not perfect and will give inaccurate readings in some cases, especially when a finger is moist. This is due to the capacitive "image" the sensor array captures. Moisture or other conductive debris on a finger could give false readings.
In addition, Touch ID may have trouble identifying fingers with scarring from surgical procedures or accidents. Simply using another finger solves the problem, but makes the system more cumbersome to use.
It can be speculated that scar tissue may generate a blank reading for the sensor as the module only scans live tissue. Another possibility is that the algorithms used to power the system may simply reject scarred areas as they don't fit with a fingerprint's natural peaks and valleys.
Finally, the Apple representative said that third party apps will not have access to fingerprint data. This may change with later iterations of iOS, though the feature will not be available to developers on rollout.
Further testing is required to pinpoint the exact capabilities and operational functions of the sensor, which will be covered by AppleInsider shortly after the 5s is released on Sept. 20.