About Touch ID advanced security technology
Find out how Touch ID helps protect information on your iPhone, iPad and Mac.
Much of our digital lives is stored on our Apple devices, and we recommend that you always use a passcode or password to help protect this important information and your privacy. Using Touch ID on your iPhone, iPad and Mac is an easy way to use your fingerprint instead of a password for many common operations. With just a touch of your finger, the sensor reads your fingerprint quickly and unlocks your device automatically. You can use it to authorise purchases from the iTunes Store, App Store and Apple Books, as well as with Apple Pay. Developers can also allow you to use Touch ID to sign in to their apps.
Advanced technologies
The technology within Touch ID is some of the most advanced hardware and software that we’ve put into any device. The button is made from sapphire crystal – one of the clearest, hardest materials available. This protects the sensor and acts as a lens to precisely focus it on your finger. On iPhone and iPad, a steel ring surrounding the button detects your finger and tells Touch ID to start reading your fingerprint.
The sensor uses advanced capacitive touch to take a high-resolution image from small sections of your fingerprint from the subepidermal layers of your skin. Touch ID then intelligently analyses this information with a remarkable degree of detail and precision. It categorises your fingerprint as one of three basic types – arch, loop or whorl. It also maps out individual details in the ridges that are smaller than the human eye can see, and even inspects minor variations in ridge direction caused by pores and edge structures.
Touch ID can read multiple fingerprints, and it can read fingerprints in 360-degrees of orientation. It then creates a mathematical representation of your fingerprint and compares this to your enrolled fingerprint data to identify a match and unlock your device. It’s only this mathematical representation of your fingerprint that is stored – never images of your finger itself. Touch ID will incrementally update the mathematical representation of enrolled fingerprints over time to improve matching accuracy.
Security safeguards
Every fingerprint is unique, so it’s rare that even a small section of two separate fingerprints are alike enough to register as a match for Touch ID. The probability of this happening is 1 in 50,000 with a single, enrolled finger. And Touch ID only allows five unsuccessful fingerprint match attempts before you must enter your password. By comparison, the odds of guessing a typical 4-digit passcode are 1 in 10,000. Although some codes, such as “1234”, may be more easily guessed, there is no such thing as an easily guessable fingerprint pattern.
To start using Touch ID, you must first set up a passcode on your iPhone or iPad (or a password on your Mac). You must enter your passcode or password for additional security validation:
after you’ve restarted your iPhone, iPad or Mac;
when more than 48 hours have passed from the last time you unlocked your device;
to add or delete a fingerprint to use with Touch ID;
to change the iPhone or iPad passcode or Mac system password, and for other security settings such as FileVault on your Mac;
when there have been more than five unrecognised Touch ID authorisation attempts in a row; and
after you’ve logged out of your Mac.
To improve security, you can choose a long, complex alphanumeric password. On your iPhone or iPad, tap Passcode Options and select Custom Alphanumeric Code.
If your device is lost or stolen, you can prevent Touch ID from being used to unlock your device with Find My Lost Mode. Starting with iOS 7, your iPhone and iPad offer additional protection against theft with Activation Lock, which requires an Apple ID and password to turn off Find My on iPhone, erase data or reactivate your device. If your Mac with Touch ID is lost or stolen, erasing your Mac remotely will also disable Touch ID.
You can also use Touch ID to purchase content from the iTunes Store, App Store and Apple Books, instead of entering your Apple ID password.
Touch ID can be used by multiple users on a Mac, making it easy to share a system securely. Each user account can have up to three enrolled fingerprints, and a total of five fingerprints can be enrolled across the system.
Secure Enclave
The chip in your device includes an advanced security architecture called the Secure Enclave, which was developed to protect your passcode and fingerprint data. Touch ID doesn’t store any images of your fingerprint, and instead only relies on a mathematical representation. It isn't possible for someone to reverse engineer your actual fingerprint image from this stored data.
Your fingerprint data is encrypted, stored on disk and protected with a key only available to the Secure Enclave. Your fingerprint data is only used by the Secure Enclave to verify that your fingerprint matches the enrolled fingerprint data. It can’t be accessed by the OS on your device or by any applications running on it. It’s never stored on Apple servers, it’s never backed up to iCloud or anywhere else and it can’t be used to match against other fingerprint databases.
Learn more
Find out how to use Touch ID on your iPhone or iPad or your Mac.
Find out what to do if your device is lost or stolen.