iPhone 5s: About Touch ID security
Learn about Touch ID advanced technology and security benefits.
Much of our digital lives are stored on our iPhones, and everyone should use a passcode to help protect this important information and their privacy. Unfortunately, not everyone does; more than 50 percent of smartphone users don't use a passcode. Touch ID is a seamless way to use your fingerprint as a passcode. Your fingerprint is one of the best passcodes in the world. It's always with you, and no two are exactly alike. With just a touch of the Home button of your iPhone 5s, the Touch ID sensor quickly reads your fingerprint and automatically unlocks your phone. You can even use it to authorize purchases from the iTunes Store, App Store, and iBooks Store.
Find information on using Touch ID.
The technology within Touch ID is some of the most advanced hardware and software we've put in any device. To fit within the Home button, the Touch ID sensor is only 170 microns thin, not much thicker than a human hair. This high-resolution 500 ppi sensor can read extremely fine details of your fingerprint. The button itself is made from sapphire crystal—one of the clearest, hardest materials available. This protects the sensor and acts as a lens to precisely focus it on your finger.
The steel ring surrounding the button detects your finger and tells Touch ID to start reading your fingerprint. The sensor uses advanced capacitive touch to take a high-resolution image from small sections of your fingerprint from the subepidermal layers of your skin. Touch ID then intelligently analyzes this information with a remarkable degree of detail and precision. It categorizes your fingerprint as one of three basic types—arch, loop, or whorl. It also maps out individual details in the ridges that are smaller than the human eye can see and even inspects minor variations in ridge direction caused by pores and edge structures.
Touch ID can even read multiple fingerprints, and it can read fingerprints in 360-degrees of orientation. It then creates a mathematical representation of your fingerprint and compares this to your enrolled fingerprint data to identify a match and unlock your iPhone. Touch ID will incrementally add new sections of your fingerprint to your enrolled fingerprint data to improve matching accuracy over time. Touch ID uses all of this to provide an accurate match and a very high level of security.
Every fingerprint is unique, so it is rare that even a small section of two separate fingerprints are alike enough to register as a match for Touch ID. The probability of this happening is 1 in 50,000 for one enrolled finger. This is much better than the 1 in 10,000 odds of guessing a typical 4-digit passcode. Although some passcodes, like "1234", may be more easily guessed, there is no such thing as an easily guessable fingerprint pattern. Instead, the 1 in 50,000 probability means it requires trying up to 50,000 different fingerprints until potentially finding a random match. But Touch ID only allows five unsuccessful fingerprint match attempts before you must enter your passcode, and you can't proceed until doing so.
To configure Touch ID, you must first set up a passcode. Touch ID is designed to minimize the input of your passcode; but your passcode will be needed for additional security validation:
- After restarting your iPhone 5s
- When more than 48 hours have elapsed from the last time you unlocked your iPhone 5s
- To enter the Touch ID & Passcode setting
Since security is only as secure as its weakest point, you can choose to increase the security of a 4-digit passcode by using a complex alphanumeric passcode. To do this, go to Settings > Touch ID & Passcode and turn Simple Passcode off. This will allow you to create a longer, more complex passcode that is inherently more secure. Security is further strengthened by using a mixture of uppercase and lowercase letters, numbers, and symbols.
You can also use Touch ID instead of entering your Apple ID password to purchase content from the iTunes Store, App Store, and iBooks Store. You will be asked to scan your fingerprint with each purchase. If Touch ID doesn't recognize your finger, you'll be asked to try again. After five failed attempts, you'll be given the option of entering your Apple ID password. In addition, you will need to enter your Apple ID password after:
- Restarting your iPhone 5s
- Enrolling or deleting fingers
If your iPhone is lost or stolen, you can immediately disable Touch ID from being used to unlock your iPhone with Find My iPhone Lost Mode. iOS 7 offers additional protection against theft with Activation Lock, which requires an Apple ID and password to turn off Find My iPhone, erase data, or reactivate your device.
Touch ID doesn't store any images of your fingerprint. It stores only a mathematical representation of your fingerprint. It isn't possible for your actual fingerprint image to be reverse-engineered from this mathematical representation. iPhone 5s also includes a new advanced security architecture called the Secure Enclave within the A7 chip, which was developed to protect passcode and fingerprint data. Fingerprint data is encrypted and protected with a key available only to the Secure Enclave. Fingerprint data is used only by the Secure Enclave to verify that your fingerprint matches the enrolled fingerprint data. The Secure Enclave is walled off from the rest of A7 and the rest of iOS. Therefore, your fingerprint data is never accessed by iOS or other apps, never stored on Apple servers, and never backed up to iCloud or anywhere else. Only Touch ID uses it, and it can't be used to match against other fingerprint databases.