or Connect
AppleInsider › Forums › Mobile › iPhone › Apple details Touch ID and Secure Enclave tech in new security white paper
New Posts  All Forums:Forum Nav:

Apple details Touch ID and Secure Enclave tech in new security white paper

post #1 of 48
Thread Starter 
An iOS security white paper published by Apple on Wednesday offers a deeper understanding of the company's Touch ID fingerprint sensing system and the so-called "Secure Enclave" found in the A7 SoC, both of which were introduced with the iPhone 5s.

Touch ID


The security document (PDF link) details a number of iOS hardware and software security protocols, including new information outlining how Touch ID and the Secure Enclave work together to keep user data safe. First spotted by TechCrunch, the white paper was published to Apple's "iPhone in Business" website.

According to the paper, the A7's Secure Enclave is actually a coprocessor built into Apple's latest system-on-a-chip design. With a secure boot sequence and software update mechanism separate from the application processor, the component is responsible for "all cryptographic operations for Data Protection key management and maintains the integrity of Data Protection even if the kernel has been compromised."

Each Secure Enclave is provisioned during fabrication with its own UID (Unique ID) that is not accessible to other parts of the system and is not known to Apple. When the device starts up, an ephemeral key is created, tangled with its UID, and used to encrypt the Secure Enclave's portion of the device's memory space.

Additionally, data that is saved to the file system by the Secure Enclave is encrypted with a key tangled with the UID and an anti-replay counter.



As for Touch ID, Apple notes the iPhone 5s-only technology reads fingerprints from any angle and continuously "learns" a user's fingerprint over time. The paper explains that the sensor expands the stored fingerprint map with each consecutive use by adding newly identified overlapping nodes.

When a user's finger contacts the capacitive steel ring surrounding the home button, the Touch ID sensor performs an 88-by-88-pixel, 500-ppi raster scan that is "temporarily stored in encrypted memory within the Secure Enclave while being vectorized for analysis." The system is sensitive enough that the chance of a random match for one finger is 1 in 50,000.

Once processing and analysis is complete, the data is discarded and is never sent to iCloud, iTunes or Apple.

Explaining how the two technologies work together, Apple says data from the Touch ID module is transferred to the A7 chip via a peripheral interface bus and is subsequently forwarded to the Secure Enclave for decryption.

The application processor cannot read the raw Touch ID data, however, as it is encrypted and protected with a unique session key generated based on a shared key built into the fingerprint sensor and Secure Enclave. Session key exchange uses advanced encryption standard (AES) key wrapping on both ends and AES-CCM transport encryption to provide randomized key generation and enhanced protection.

Touch ID


Unlocking the iPhone 5s is a slightly different process, but uses the same shared secret and data protection key mechanisms:

On iPhone 5s with Touch ID turned on, the keys are not discarded when the device locks; instead, they're wrapped with a key that is given to the Touch ID subsystem. When a user attempts to unlock the device, if Touch ID recognizes the user's fingerprint, it provides the key for unwrapping the Data Protection keys and the device is unlocked. This process provides additional protection by requiring the Data Protection and Touch ID subsystems to cooperate in order to unlock the device.


Decryption keys are stored in memory, meaning the data will be deleted if a device is rebooted. This explains why users must re-enter their password when purchasing an item from the App Store or iTunes. Adding further protection, the Secure Enclave jettisons these keys after 48 hours or five failed Touch ID attempts.

Describing a Touch ID use case in purchasing digital content, Apple explains:

When users choose to authorize a purchase, authentication tokens are exchanged between the device and store. The token and nonce are held in the Secure Enclave. The nonce is signed with a Secure Enclave key shared by all devices and the iTunes Store.


Apple previously detailed a similar shared secret method of authentication in a patent filing pertaining to retail purchases.

The remainder of the white paper focuses on overall iOS security protocols with special attention given to app security layers.

post #2 of 48
Quote:
Originally Posted by AppleInsider View Post

With a secure boot sequence and software update mechanism separat from the application processor...

I'm glad it is separat! Keeps hot food hot and cold foods cold. 1wink.gif

"Apple should pull the plug on the iPhone."

John C. Dvorak, 2007
Reply

"Apple should pull the plug on the iPhone."

John C. Dvorak, 2007
Reply
post #3 of 48
Coincidence this white paper of a clearly superiour solution has come out right after Samsung introduces their S5 with a fingerprint sensor?

This bot has been removed from circulation due to a malfunctioning morality chip.

Reply

This bot has been removed from circulation due to a malfunctioning morality chip.

Reply
post #4 of 48

I must say that a lot of thought went into this, it's a very well executed security measure. As it is described in the article I wouldn't say it's unhackable but it certainly is VERY difficult (actually the use of AES which is not without its flaws might be the biggest issue). But I think it's safe to say that the fingerprint fooling 'hack' is a lot easier than the software/hardware hack. Which says a lot.

post #5 of 48
Quote:
Originally Posted by Chipsy View Post

I must say that a lot of thought went into this, it's a very well executed security measure. As it is described in the article I wouldn't say it's unhackable but it certainly is VERY difficult (actually the use of AES which is not without its flaws might be the biggest issue). But I think it's safe to say that the fingerprint fooling 'hack' is a lot easier than the software/hardware hack. Which says a lot.

I'm sure Apple is aware of the limitations. I think their short-term intention was to get people who normally never use a 4-digit PIN to secure their device to have some security. I think this nails it in one of the few examples of increased security actually being more of a convenience than the previous method.

I've even enabled the complex passcode option so I get the full keyboard when I restart my iPhone 5S. And even if one doesn't want to go that route but would instead just use the dial pad with a longer (or shorter) PIN they can do that too by enabling the complex passcode option. Previously, when you enabled that option and only used numbers you would still get the QWERTY keyboard on screen.

This bot has been removed from circulation due to a malfunctioning morality chip.

Reply

This bot has been removed from circulation due to a malfunctioning morality chip.

Reply
post #6 of 48
Quote:
Originally Posted by SolipsismX View Post

Coincidence this white paper of a clearly superiour solution has come out right after Samsung introduces their S5 with a fingerprint sensor?


I posed the question about how Samsung plans to secure the fingerprint data on this site yesterday, and I've seen similar questions popping up on other articles about the Galaxy S5. Samsung has made a big deal out of having their fingerprint reader available to third party apps, including an announced alliance with PayPal. But, they have not made any details available concerning security. Features like showing the fingerprint scan on-screen as you swipe might add flashiness, but it certainly doesn't give me any confidence in how well Samsung might have secured the fingerprint data.

 

The iOS security paper does a good job of explaining the steps that Apple has taken to secure the fingerprint data using Secure Enclave.  It burnishes Apple's message that it takes fingerprint data security seriously, and muddies the waters a bit over what security shortcuts Samsung might be taking in filling out its feature checklist.

 

But, I think the timing of the paper (which was actually dated February 14) is actually more in line with the iOS 7.0.6 release, and the fallout from the SSL vulnerability.  TechCrunch spotted it today, but who knows when Apple actually posted the paper to their website.


Edited by Woochifer - 2/26/14 at 4:12pm
post #7 of 48
Quote:
Originally Posted by SolipsismX View Post


I'm sure Apple is aware of the limitations. I think their short-term intention was to get people who normally never use a 4-digit PIN to secure their device to have some security. I think this nails it in one of the few examples of increased security actually being more of a convenience than the previous method.

I've even enabled the complex passcode option so I get the full keyboard when I restart my iPhone 5S. And even if one doesn't want to go that route but would instead just use the dial pad with a longer (or shorter) PIN they can do that too by enabling the complex passcode option. Previously, when you enabled that option and only used numbers you would still get the QWERTY keyboard on screen.

I'm sure they are, and let's be honest nothing will ever be 100% secure. But I must say I'm impressed by the measures they took. It's very well thought out and executed.

post #8 of 48

The NSA hates this

“What would I do? I’d shut Apple down and give the money back to the shareholders”

Michael Dell - 1997

Reply

“What would I do? I’d shut Apple down and give the money back to the shareholders”

Michael Dell - 1997

Reply
post #9 of 48

This is why the apple solution will work better than the solution which were out before this and the new Samsung me too solution. We all know that Samsung did not build in a processor to make their solution work they are using the same processor that does everything else and when it is busy dealing with android overhead it will not respond and let you unlock the phone.

post #10 of 48

Security depend on who you are trying to keep out. If you are trying to keep the ever day person out what they did works, if you have enough knowledge, resource and time, you are getting in. Remember 128 bit encryption was good enough and required lots of time and computing power to krack it. But when computer got faster it does not take as long using the pure brute force method.


Edited by Maestro64 - 2/27/14 at 5:19am
post #11 of 48
Quote:
Originally Posted by Maestro64 View Post
 

Security depend on who you are trying to keep out. If you are trying to keep the ever day person out what they did works, if you have enough knowledge, resource and time, no you are getting in. Remember 128 bit encryption was good enough and required lots of time and computing power to krack it. But when computer got faster it does not take as long using the pure brute force method.


Exactly right. That's what I stated in an earlier post as well. The AES encryption probably is its weakest point. Nothing will ever be 100% secure but I must say that I am rather impressed by the measures Apple took here.


Edited by Chipsy - 2/26/14 at 4:27pm
post #12 of 48
Quote:
Originally Posted by SolipsismX View Post

Coincidence this white paper of a clearly superiour solution has come out right after Samsung introduces their S5 with a fingerprint sensor?


I'm curious why Samsung hasn't stepped-up (manned-up) and explain to us how "secure" their fingerprint scanning solution is.  I'll bet that Samsung simply half-a$$ed their solution just to get their S5 into market.  Expect it to be broken or compromised soon.

post #13 of 48
Quote:
Originally Posted by sflocal View Post
 

I'm curious why Samsung hasn't stepped-up (manned-up) and explain to us how "secure" their fingerprint scanning solution is.  I'll bet that Samsung simply half-a$$ed their solution just to get their S5 into market.  Expect it to be broken or compromised soon.

 

A fingerprint scanning solution that requires two hands, a pretty exact motion and still fails more often than not will not be used after day one. Can't get more secure than that.

post #14 of 48
Quote:
Originally Posted by sflocal View Post
 


I'm curious why Samsung hasn't stepped-up (manned-up) and explain to us how "secure" their fingerprint scanning solution is.  I'll bet that Samsung simply half-a$$ed their solution just to get their S5 into market.  Expect it to be broken or compromised soon.

At first Apple also didn't detail their security measures either so don't know if that is an indication of bad security persé. I know they said that it was encrypted and secured locally but no further details were given. I guess if PayPal agreed to the integration it will be 'secure enough' but if it goes as far as this I have no idea...

post #15 of 48
Quote:
Originally Posted by Maestro64 View Post

Security depend on who you are trying to keep out. If you are trying to keep the ever day person out what they did works, if you have enough knowledge, resource and time, no you are getting in. Remember 128 bit encryption was good enough and required lots of time and computing power to krack it. But when computer got faster it does not take as long using the pure brute force method.
Quote:
Originally Posted by Chipsy View Post


Exactly right. That's what I stated in an earlier post as well. The AES encryption probably is its weakest point. Nothing will ever be 100% secure but I must say that I am rather impressed by the measures Apple took here.

Is that really a concern when the path for the 256-bit AES is so short? Wouldn't one already have to have access to the device and have it apart to even begin to grab any of the encrypted data being sent between the Touch ID sensor and secure enclave? I'd think there would be better and fasters ways to get access to someone's phone. Even a social hack solution to get access to someone's iCloud contacts, calendar, emails, iPhone backups, etc. seems like it would be easier and could be done from a half-a-world away.

Quote:
Originally Posted by sflocal View Post

I'm curious why Samsung hasn't stepped-up (manned-up) and explain to us how "secure" their fingerprint scanning solution is.  I'll bet that Samsung simply half-a$$ed their solution just to get their S5 into market.  Expect it to be broken or compromised soon.

Has Samsung stated that their fingerprint sensor adds security or did they only tout it as a convenience feature, or worse, just state it as a feature.


edit: If they are allowing PayPal and other apps to use it in lieu of a password that's proof enough to me they are pushing this as a security feature, not just a convenience feature.

This bot has been removed from circulation due to a malfunctioning morality chip.

Reply

This bot has been removed from circulation due to a malfunctioning morality chip.

Reply
post #16 of 48
Quote:
Originally Posted by Chipsy View Post
 

I guess if PayPal agreed to the integration it will be 'secure enough' but if it goes as far as this I have no idea...

 

Well, without saying it's not (no idea), that is not really conclusive. Yes, ideally third party clients will not have any access to the finger print data, but just call an API that returns a token, or releases a stored account password from whatever the keychain is called in Android when a matching print is being supplied.

 

For a payment solution provider this is not about fingerprint security, it is about authentication and in how far a solution is more or less secure than a simple password. Fulfilling that requirement does not say anything about the security of the fingerprint on the device. And that is really the critical point, as you can always change a password, but have a limited supply of fingers.

post #17 of 48
Quote:
Originally Posted by SolipsismX View Post



Is that really a concern when the path for the 256-bit AES is so short? Wouldn't one already have to have access to the device and have it apart to even begin to grab any of the encrypted data being sent between the Touch ID sensor and secure enclave? I'd think there would be better and fasters ways to get access to someone's phone. Even a social hack solution to get access to someone's iCloud contacts, calendar, emails, iPhone backups, etc. seems like it would be easier and could be done from a half-a-world away.
Has Samsung stated that their fingerprint sensor adds security or did they only tout it as a convenience feature, or worse, just state it as a feature.


edit: If they are allowing PayPal and other apps to use it in lieu of a password that's proof enough to me they are pushing this as a security feature, not just a convenience feature.


There is no doubt that a social hack is easier than this one. I guess you didn't read my first post as I described the security as not unhackable but VERY difficult and the fingerprint fooling 'hack' as the much easier solution (which says a lot, as it was not easy by any means). I was just confirming that in this configuration the AES encryption is the weakest point, the point you could attack if you get access to it.

post #18 of 48
Quote:
Originally Posted by SolipsismX View Post


I'm sure Apple is aware of the limitations. I think their short-term intention was to get people who normally never use a 4-digit PIN to secure their device to have some security. I think this nails it in one of the few examples of increased security actually being more of a convenience than the previous method.

To me, the simplicity of TouchID is its strongest suit, and this convenience has dramatically increased the proportion of iPhone owners securing their devices (if we believe the surveys of iPhone 5s owners). As an example, I use my phone with a car mount for streaming iTunes Match in the car.  TouchID allows me to unlock the phone in one step without taking my eyes off the road.  If not for TouchID, I very well might have chosen not to secure my phone, because no way would I want to constantly enter a passcode while driving. 

 

Even if TouchID's level of security was no better than a four-digit PIN, it would still be a major improvement for the iOS ecosystem simply because so many more people actually use it.  I suspect that Apple has much bigger plans for TouchID, which would explain why they have taken so many steps to secure the fingerprint data.

 

Quote:
Originally Posted by sflocal
 
 I'm curious why Samsung hasn't stepped-up (manned-up) and explain to us how "secure" their fingerprint scanning solution is.  I'll bet that Samsung simply half-a$$ed their solution just to get their S5 into market.  Expect it to be broken or compromised soon.

 

Recall how the tech press howled when they found that TouchID could be fooled using a pristine finger print and "several hours and ... over a thousand dollars worth of equipment including a high resolution camera and laser printer"?  Considering how half-baked so many of Samsung's much-touted "innovations" turn out in real world usage, I don't have a lot of confidence in their approach being secure enough to gain a foothold with mobile payments, especially since I don't think the API would be used by other Android phones. 

 

If it was just a more convenient substitute for passcodes or gestures, compromising the fingerprint data wouldn't be as big a deal.  But, Samsung plans to use this with PayPal payments and third party mobile apps, so we're talking about some serious security needs.  Are they up to the task?  We'll find out soon enough. That is IF the tech press chooses to scrutinize Samsung as closely as they do with Apple.


Edited by Woochifer - 2/26/14 at 5:01pm
post #19 of 48
Quote:
Originally Posted by sflocal View Post
 


I'm curious why Samsung hasn't stepped-up (manned-up) and explain to us how "secure" their fingerprint scanning solution is.  I'll bet that Samsung simply half-a$$ed their solution just to get their S5 into market.  Expect it to be broken or compromised soon.

 

I expect that the finger-print sensor will cease to work in short order, making it another whoop-de-doo at sales and a whoops after a few months of use... further distancing Samsung from Apple, but in the wrong direction. :D

"That (the) world is moving so quickly that iOS is already amongst the older mobile operating systems in active development today." — The Verge
Reply
"That (the) world is moving so quickly that iOS is already amongst the older mobile operating systems in active development today." — The Verge
Reply
post #20 of 48
Quote:
Originally Posted by dreyfus2 View Post
 

 

Well, without saying it's not (no idea), that is not really conclusive. Yes, ideally third party clients will not have any access to the finger print data, but just call an API that returns a token, or releases a stored account password from whatever the keychain is called in Android when a matching print is being supplied.

 

For a payment solution provider this is not about fingerprint security, it is about authentication and in how far a solution is more or less secure than a simple password. Fulfilling that requirement does not say anything about the security of the fingerprint on the device. And that is really the critical point, as you can always change a password, but have a limited supply of fingers.

What you say could be perfectly right. I assume that PayPal would take into account that if the fingerprint was stolen it could be used for unauthorized transactions (and therefor be also a problem for them). Giving them reason to also be concerned by the storage of the fingerprint on the device itself. We won't know that until the security is fully detailed (but that took a while for Apple as well).

 

Your last sentence really is a problem of fingerprint scanners used for security in general.

post #21 of 48
Quote:
Originally Posted by Chipsy View Post
 

I guess if PayPal agreed to the integration it will be 'secure enough' but if it goes as far as this I have no idea...

 

PayPal may have required Samsung's management to post a bond that can be used if the security is breached, due to poor design or not.

"That (the) world is moving so quickly that iOS is already amongst the older mobile operating systems in active development today." — The Verge
Reply
"That (the) world is moving so quickly that iOS is already amongst the older mobile operating systems in active development today." — The Verge
Reply
post #22 of 48
Quote:
Originally Posted by Chipsy View Post

What you say could be perfectly right. I assume that PayPal would take into account that if the fingerprint was stolen it could be used for unauthorized transactions (and therefor be also a problem for them). Giving them reason to also be concerned by the storage of the fingerprint on the device itself. We won't know that until the security is fully detailed (but that took a while for Apple as well).

Your last sentence really is a problem of fingerprint scanners used for security in general.

I wonder if the Galaxy S5's non-hash scan and visual display of your fingerprint will allow one to take a screenshot and then print out a mold of the image to the appropriate size to bypass the scanner.

This bot has been removed from circulation due to a malfunctioning morality chip.

Reply

This bot has been removed from circulation due to a malfunctioning morality chip.

Reply
post #23 of 48
Quote:
Originally Posted by SolipsismX View Post


I wonder if the Galaxy S5's non-hash scan and visual display of your fingerprint will allow one to take a screenshot and then print out a mold of the image to the appropriate size to bypass the scanner.


Who knows :D. Wouldn't hurt to try I guess :).

To be clear I'm not defending Samsung's solution here by any means, first and foremost I don't know how it works exactly. If anything I think they should have just left the fingerprint scanner for what it is and try to think of something else. I was just making assumptions based on what I thought financial service providers would look at/be concerned with.

And like I stated in my comments before, I am really impressed with Apple's security solution as it is well thought out and well executed.

post #24 of 48
" The system is sensitive enough that the chance of a random match for one finger is 1 in 50,000. "

NYT headline: iPhone touch ID less secure in major cities.

Still I wonder what develops from this for Apple.
post #25 of 48
Quote:
Originally Posted by Chipsy View Post


To be clear I'm not defending Samsung's solution here by any means, first and foremost I don't know how it works exactly. I was just making assumptions based on what I thought financial service providers would look at/be concerned with.

I'm with you and I appreciate your balanced response. I have some doubts that Samsung's implementation will have issues for reasons already stated but any final judgement will require waiting to see hands-on tests from users.

This bot has been removed from circulation due to a malfunctioning morality chip.

Reply

This bot has been removed from circulation due to a malfunctioning morality chip.

Reply
post #26 of 48
This sounds really impressive and I'm glad Apple considered the shortcomings of previous fingerprint scanners. The Touch ID is supposed to be a feature that "just works", which is a common mantra with all Apple products. I'm curious to know what sort of security Samsung will be implementing in theirs. The swiping readers have been around for an awfully long time though.
My blender/recipe blog: http://blenderinsider.com
Reply
My blender/recipe blog: http://blenderinsider.com
Reply
post #27 of 48

Just slightly off-topic...

Originally I experienced significant difficulty with Touch ID. It would work okay for a few hours up to a day or so, after which I'd need to retrain the system completely--and even train on the same digit multiple times (up to the limit of 5) in order to get a decent rate of recognition. Overall the Touch ID experience was unreliable enough that I abandoned its use.

Recently I revisited Touch ID in iOS 7.1 beta, and I am elated to report Touch ID has worked flawlessly. Through a solid week of usage, I have not had to retrain nor did I need to train on the same digit more than once. I have not once had to enter my passcode. The few times Touch ID didn't work the very first time (in a fraction of a second) was when my digit was obviously moist. Quickly drying off the offending digit or switching to a dry one provided near-instant access. Great job, Apple!

post #28 of 48

Obviously, Apple put a shitload of thought and care into the security and privacy of Touch ID, from all angles, and all aspects. And that came out 5 months ago.  Let's contrast that with the (apparently barely functional and poorly thought out) solution by Samsung- which apparently is integrated with Paypal (a horrendous company from my experience) on day one. Oh, and that can't even authenticate purchases from the official Google store. Did Samsung even mention privacy or security in its briefings? How much access will the OS and 3rd party apps have to the sensor? How is it encrypted? Does anyone even care? Apparently not. Just like everything Samsung does, this was thrown is as a shitty "me too!" after-thought. Apparently, it's nearly impossible to "swipe" the sensor while holding the phone in one hand. How the **** did they think that was ok? Most of the time I can unlock touch ID while pulling it out of my pocket. If I had to use 2 hand, it would defeat the entire purpose. 

 

If Apple came out with such a solution 5 months ago they would have been absolutely torched in the media. But with Samsung, it's always a free pass. 

post #29 of 48
Quote:
Originally Posted by Slurpy View Post
 

If Apple came out with such a solution 5 months ago they would have been absolutely torched in the media. But with Samsung, it's always a free pass. 

You won't hear Samsung calling it a "free" pass! They pay beaucoup advertising dollars in order to receive blindly favorable press.

post #30 of 48
Quote:
Originally Posted by SolipsismX View Post

Coincidence this white paper of a clearly superiour solution has come out right after Samsung introduces their S5 with a fingerprint sensor?
nope. 1smoking.gif
post #31 of 48
Can someone explain how you use your fingerprint to unlock the S5 one handed? Every video I've seen so far the person is using two hands. Seems inconvenient. Also with Touch ID I don't have to wake my device before unlocking it. I just place my thumb on the home button and quickly push down for a second and it unlocks. With the S5 you have to first wake the device. Another inconvenience.
post #32 of 48

If this news article from Sydney is accurate, the S5 will be encrypting your fingerprint and transmitting it to PayPal, which would mean that PalPal would also have a copy of your fingerprints on their servers...unless there is a dual-authentication model, or their scanner is impossible to spoof, seems to be a pretty big door for fraudulent use of PayPal...

 

As for concerns about privacy, Lunn says users shouldn't worry.

"The important thing about this announcement is that none of your biometric data is stored on that phone.

"It's not storing your fingerprints locally. It takes your fingerprint, encrypts it, sends it to PayPal, they decrypt it, checks it's the same, and then you're authenticated. It's very, very secure."

http://www.smh.com.au/it-pro/business-it/paypal-says-samsung-fingerprint-payments-very-secure-20140227-hve02.html

 

post #33 of 48
Quote:
Originally Posted by Rogifan View Post

Can someone explain how you use your fingerprint to unlock the S5 one handed? Every video I've seen so far the person is using two hands. Seems inconvenient. Also with Touch ID I don't have to wake my device before unlocking it. I just place my thumb on the home button and quickly push down for a second and it unlocks. With the S5 you have to first wake the device. Another inconvenience.

 

All the hands-on impressions say it's close to impossible. That's usability testing for you. 

post #34 of 48
Quote:
Originally Posted by johnb0529 View Post

If this news article from Sydney is accurate, the S5 will be encrypting your fingerprint and transmitting it to PayPal, which would mean that PalPal would also have a copy of your fingerprints on their servers...unless there is a dual-authentication model, or their scanner is impossible to spoof, seems to be a pretty big door for fraudulent use of PayPal...

As for concerns about privacy, Lunn says users shouldn't worry.



"The important thing about this announcement is that none of your biometric data is stored on that phone.



"It's not storing your fingerprints locally. It takes your fingerprint, encrypts it, sends it to PayPal, they decrypt it, checks it's the same, and then you're authenticated. It's very, very secure."



http://www.smh.com.au/it-pro/business-it/paypal-says-samsung-fingerprint-payments-very-secure-20140227-hve02.html



That suggests that the Samsung method is an open wound inviting virii.
post #35 of 48
Quote:
Originally Posted by johnb0529 View Post
 

If this news article from Sydney is accurate, the S5 will be encrypting your fingerprint and transmitting it to PayPal, which would mean that PalPal would also have a copy of your fingerprints on their servers...unless there is a dual-authentication model, or their scanner is impossible to spoof, seems to be a pretty big door for fraudulent use of PayPal...

 

As for concerns about privacy, Lunn says users shouldn't worry.

"The important thing about this announcement is that none of your biometric data is stored on that phone.

"It's not storing your fingerprints locally. It takes your fingerprint, encrypts it, sends it to PayPal, they decrypt it, checks it's the same, and then you're authenticated. It's very, very secure."

http://www.smh.com.au/it-pro/business-it/paypal-says-samsung-fingerprint-payments-very-secure-20140227-hve02.html

 

 

Yeah, thats what I thought. Sounds like a security nightmare. On the iPhone the fingerprint is NEVER transferred while making a purchase. But hey, who gives a **** about security, right? Nobody, when it comes to any company that isn't Apple. 

post #36 of 48
Quote:
Originally Posted by Slurpy View Post

All the hands-on impressions say it's close to impossible. That's usability testing for you. 

I thought the general impression is that the Samsung method doesn't function well with two hands either.
post #37 of 48
Quote:
Originally Posted by Slurpy View Post

Yeah, thats what I thought. Sounds like a security nightmare. On the iPhone the fingerprint is NEVER transferred while making a purchase. But hey, who gives a **** about security, right? Nobody, when it comes to any company that isn't Apple. 


The articles I have read just question the security aspects lightly while raving about the openness to developers.
post #38 of 48
More about Samsung/PayPal

WebProNews clarifies the concern as in a report. It says “the company (paypal) notes that all your financial information is stored in the cloud and never on your device. The fingerprint scanner instantly communicates with the cloud to authorize purchases and doesn’t store biometric data on the device or on PayPal’s servers. In short, the worst that can happen is hackers breaking into PayPal’s servers and stealing your financial information. While that’s certainly bad, they at least won’t have your biometric data which will one day be the most important identifier you have.”
post #39 of 48
Quote:
Originally Posted by johnb0529 View Post

If this news article from Sydney is accurate, the S5 will be encrypting your fingerprint and transmitting it to PayPal, which would mean that PalPal would also have a copy of your fingerprints on their servers...unless there is a dual-authentication model, or their scanner is impossible to spoof, seems to be a pretty big door for fraudulent use of PayPal...

As for concerns about privacy, Lunn says users shouldn't worry.

"The important thing about this announcement is that none of your biometric data is stored on that phone.

"It's not storing your fingerprints locally. It takes your fingerprint, encrypts it, sends it to PayPal, they decrypt it, checks it's the same, and then you're authenticated. It's very, very secure."

http://www.smh.com.au/it-pro/business-it/paypal-says-samsung-fingerprint-payments-very-secure-20140227-hve02.html

1) So how does the phone simply unlock your device? Does it have to check with PayPal to do that?

2) Having your fingerprint scanned on one device and then your biometrics sent over the internet to be checked by a copy sitting on a server controlled by a 3rd-party is not good security and users should worry if indeed that is how it works. That said, that is such a wretched design that I doubt that report is accurate.

3) Apple's setup is so far the best I've seen. They don't store your fingerprint anywhere. Not even on your phone. It's a hash that gets checked and even the path from the Touch ID sensor to the secure enclave millimeters away has a good deal of encryption in place. It's not impossible to break but as previously noted there are easier ways to gain access to one's device.

This bot has been removed from circulation due to a malfunctioning morality chip.

Reply

This bot has been removed from circulation due to a malfunctioning morality chip.

Reply
post #40 of 48
I read that Samsung are making their fingerprint scanner available to developers. If that is the case I fail to see how it can be secure.
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: iPhone
  • Apple details Touch ID and Secure Enclave tech in new security white paper
AppleInsider › Forums › Mobile › iPhone › Apple details Touch ID and Secure Enclave tech in new security white paper