Verifying accessories in iOS and iPadOS
The Made for iPhone, iPad, and iPod touch (MFi) licensing program provides vetted accessory manufacturers access to the iPod Accessories Protocol (iAP) and the necessary supporting hardware components.
When an MFi accessory communicates with an iOS or iPadOS device using a Lightning or USB-C connector or through Bluetooth, the device asks the accessory to prove it’s been authorized by Apple by responding with an Apple-provided certificate, which is verified by the device. The device then sends a challenge, which the accessory must answer with a signed response. This process is entirely handled by a custom integrated circuit (IC) that Apple provides to approved accessory manufacturers and is transparent to the accessory itself.
Accessories can request access to different transport methods and functionality—for example, access to digital audio streams over the Lightning or USB-C cable, or location information provided over Bluetooth. An authentication IC is designed to ensure that only approved accessories are granted full access to the device. If an accessory doesn’t support authentication, its access is limited to analog audio and a small subset of serial (UART) audio playback controls.
AirPlay also uses the authentication IC to verify that receivers have been approved by Apple. AirPlay audio and CarPlay video streams use the MFi-SAP (Secure Association Protocol), which encrypts communication between the accessory and device using AES128 in counter (CTR) mode. Ephemeral keys are exchanged using ECDH key exchange (Curve25519) and signed using the authentication IC’s 1024-bit RSA key as part of the Station-to-Station (STS) protocol.