Touch ID and A7 Secure Enclave Detailed in Updated Apple Security Document

by

Apple today posted an updated security document [PDF] on its iPhone in Business site, offering details on the inner workings of both Touch ID and the "Secure Enclave" built into Apple's A7 processor (via TechCrunch).

Since its 2013 release, Touch ID has faced scrutiny over privacy concerns from both users and government officials, and while Apple has previously offered few details on how Secure Enclave works, it has assured users that the system stores only fingerprint data rather than images.

touchid
According to the updated security document, Secure Enclave is a coprocessor within the A7 chip that uses a secure boot process to ensure that its separate software is both verified and signed by Apple. All Secure Enclaves can function independently even if a kernel is compromised and each one contains a unique ID inaccessible to other parts of the system and unknown to Apple, preventing the company or any other third parties from accessing data contained within.

Each Secure Enclave is provisioned during fabrication with its own UID (Unique ID) that is not accessible to other parts of the system and is not known to Apple. When the device starts up, an ephemeral key is created, tangled with its UID, and used to encrypt the Secure Enclave's portion of the device's memory space.

Additionally, data that is saved to the file system by the Secure Enclave is encrypted with a key tangled with the UID and an anti-replay counter.

Fingerprint data collected from Touch ID is stored within the Secure Enclave, which is used to determine a match and then enable a purchase. While the A7 processor collects data from the Touch ID sensor, it is unable to read it because it is encrypted and authenticated with a session key built into Touch ID and the Secure Enclave.

It's encrypted and authenticated with a session key that is negotiated using the device's shared key that is built into the Touch ID sensor and the Secure Enclave. The session key exchange uses AES key wrap- ping with both sides providing a random key that establishes the session key and uses AES-CCM transport encryption.

Along with details on the function and security of the Secure Enclave, the document contains details on Touch ID, most of which have been previously published by Apple in other documents and literature on the feature. It also offers some specifics on the security of fingerprint capturing and a reminder that fingerprint data is accessible only to the Secure Enclave and never sent to Apple or backed up to iTunes or iCloud.

The document's section on Touch ID and the Secure Enclave ends with a detailed description of how both Secure Enclave and Touch ID work together to unlock an iPhone 5s, which is well worth a read for users interested in how the technology functions.

Apple's updated security document has been added as part of a larger redesign of the IT section of its iPhone in Business site, which now features a cleaner design with navigation icons at the top of the page.

Related Forum: iOS 7

Popular Stories

apple music chatgpt

ChatGPT's Apple Music Integration Is Now Live

Wednesday December 17, 2025 3:50 pm PST by
There's now a dedicated Apple Music app for ChatGPT, which allows ChatGPT to make music recommendations and build playlists. Apple Music can be added to ChatGPT through the Settings section in the Mac app, website, or iOS app. Apple Music is listed under the apps option, and connecting to it requires signing in with your Apple Account for authorization purposes. ChatGPT can be used to...
Read Full Article51 comments
iPhone Top Left Hole Punch Face ID Feature Purple

iPhone 18 Pro Features Leaked in New Report, Including Under-Screen Face ID

Tuesday December 16, 2025 8:44 am PST by
Next year's iPhone 18 Pro and iPhone 18 Pro Max will be equipped with under-screen Face ID, and the front camera will be moved to the top-left corner of the screen, according to a new report from The Information's Wayne Ma and Qianer Liu. As a result of these changes, the report said the iPhone 18 Pro models will not have a pill-shaped Dynamic Island cutout at the top of the screen....
Read Full Article60 comments
airpods pro 3 new blue

AirPods Pro 3's Static and Noise Issues Haven't Been Resolved

Thursday December 18, 2025 3:44 pm PST by
Since the AirPods Pro 3 launched, there have been complaints from users who have noticed a static-like sound or a crackling issue when using the earbuds, particularly when Active Noise Cancellation is on but no media is playing. Users have also run into strange high-pitched whistling sounds that happen intermittently. We shared the issues back in late October, and despite two subsequent...
Read Full Article90 comments
iOS 26 Maps Glass

Apple Quietly Discontinued Flyover City Tours in Apple Maps

Thursday December 18, 2025 1:31 pm PST by
Apple Maps no longer offers a Flyover feature that provides users with automated tours of notable landmarks in major cities. The Flyover option appears to have been nixed around when iOS 26 launched, but its removal went largely unnoticed. Flyover city tours were introduced in 2014 with iOS 8 and OS X Yosemite, using Flyover imagery to generate an aerial tour. Most cities with Flyover...
Read Full Article63 comments
apple beta 26 lineup

Apple's 2026 and 2027 Product Roadmap: Foldable iPhone, iPhone 18 Pro, M5 Macs, and More

Tuesday December 16, 2025 4:42 pm PST by
There has been a whirlwind of rumors over the last few days, sourced from leaked internal software designed for the iPhone and the Mac, and news sites like The Information. Below, we have a quick recap of everything we've heard this week, which serves as a guide to Apple's product plans in 2026 and beyond. We've organized the info by likely release date, though there are some products that...
Read Full Article43 comments
top stories 2025 12 20

Top Stories: iOS 26.3 Beta, Major Apple Leaks, and More

Saturday December 20, 2025 6:00 am PST by
You'd think things would be slowing down heading into the holidays, but this week saw a whirlwind of Apple leaks and rumors while Apple started its next cycle of betas following last week's release of iOS 26.2 and related updates. This week also saw the release of a new Apple Music integration with ChatGPT, so read on below for all the details on this week's biggest stories! Top Stories i...
Read Full Article8 comments
iOS 26

Apple Releases First iOS 26.3 and iPadOS 26.3 Public Betas

Wednesday December 17, 2025 10:06 am PST by
Apple today provided beta testers with the first releases of upcoming iOS 26.3, iPadOS 26.3, tvOS 26.3, and watchOS 26.3 updates for testing purposes. The public betas come a couple of days after Apple provided the betas to developers. Anyone can download and install public betas, and all that's required is to sign up on Apple's beta site. Once you've opted in, the software can be...
Read Full Article23 comments

Top Rated Comments

Klae17 Avatar
Klae17
154 months ago
Good timing with the new Samsung S5 Touch-wipe-button. Hey how come no one cares about security when Samsung does it yet when Apple does it we all FLIP?
Score: 34 Votes (Like | Disagree)
taptic Avatar
taptic
154 months ago
And the new Galaxy S5, in cooperation with Android, immediately sends your fingerprint to Google headquarters! No hassle guaranteed!
Score: 23 Votes (Like | Disagree)
Nunyabinez Avatar
Nunyabinez
154 months ago
I would have preferred that they called it the "Fortress of Solitude" rather than the "Secure Enclave."
Score: 20 Votes (Like | Disagree)
DaveN Avatar
DaveN
154 months ago
Because you're on an Apple-based website?

I posted a question concerning obvious Android fanaticism on the Android Police site some months ago. The amount of hate posts received in response to what was a simple and honest question was astounding. Bottom line is that Apple Fanbois are much more civilized and even tempered than are Fandroids, IMHO.
Score: 12 Votes (Like | Disagree)
seamer Avatar
seamer
154 months ago
Good timing with the new Samsung S5 Touch-wipe-button. Hey how come no one cares about security when Samsung does it yet when Apple does it we all FLIP?

Samsung will fix it when Apple shows them how.
Score: 11 Votes (Like | Disagree)
\-V-/ Avatar
\-V-/
154 months ago
Good timing with the new Samsung S5 Touch-wipe-button. Hey how come no one cares about security when Samsung does it yet when Apple does it we all FLIP?
Because you're on an Apple-based website?
Score: 11 Votes (Like | Disagree)
Read All Comments