One of the iPhone’s security mechanisms, the Touch ID, may have been breached in the last few hours. A hacker claims to have broken the Secure Enclave and has published his encryption keys, although Apple has already confirmed that we don’t have to worry because they are already working on solving this problem.
The Touch ID has been hacked: a major blow to Apple’s security
As you may know, the Touch ID is the mechanism that allows us to unlock our iPhone mobiles through fingerprint recognition. The news is received precisely now that there are rumors about the location of this unlocking sensor on the iPhone 8, and without wanting to create alarm, the truth is that it is not unreasonable to imagine that can be a bump in terms of security for Apple.
The Touch ID is the mechanism in charge of unlocking our terminals by means of fingerprint.
For those of you who are not sure how Touch ID works, here’s a brief explanation: This fingerprint-based unlocking mechanism works thanks to the Secure Enclave Processor (SEP), which has its own operating system independent of iOS and is responsible for unlocking the mobile device in order to access the software on it. The interesting thing about the Secure Enclave is that it generates a unique code for each device that changes every time we restart our iPhone in order to maximize security. Nevertheless, a hacker claims to have circumvented this security system and has published his encryption keys, as we mentioned at the beginning of the article. This is something that according to Apple should not worry users, but when you find out that your mobile phone’s security system has been breached, it’s hard not to worry.
Apple, you must take action
What is at least curious is that the hacker himself has claimed that the leakage of the Touch ID encryption keys has a purpose: to make Apple react and take the security of its devices more seriously. Although in this case the hacker did not want to take over the personal data of the users, he did make it clear that it is possible to ‘break’ the security systems that Cupertino’s devices incorporate in his iPhone.
After this leak of the Touch ID security codes, it is clear that Apple is not immune to the dangers that lurk on the Internet.
After the news was released, a spokesman for the company said the following: “There are many layers of security involved in the SEP, and access to the firmware in no way provides access to user data.” Anyway, and even though this is true, it is possible to access the SEP and thus jeopardize security mechanisms such as Touch ID, so now it is Apple’s turn to start working on polishing details and loopholes that allow things like this to happen.
Are you concerned about the security of your device after learning that it’s not as hard as it seems to circumvent the security of the Touch ID?
We also recommend this article on the Apple Watch.