Much of our digital lives is stored on our iPhone and iPad, and everyone should use a passcode to help protect this important information and their privacy. Unfortunately, many smartphone users don't use a passcode. Touch ID is a seamless way to use your fingerprint as a passcode. Your fingerprint is one of the best passcodes in the world. It's always with you, and no two are exactly alike. With just a touch of your device's Home button, the Touch ID sensor quickly reads your fingerprint and automatically unlocks your phone. You can even use it to authorize purchases from the iTunes Store, App Store, and iBooks Store, and Apple Pay.
Advanced technologies
The technology within Touch ID is some of the most advanced hardware and software we've put in any device. The button is made from sapphire crystal—one of the clearest, hardest materials available. This protects the sensor and acts as a lens to precisely focus it on your finger.
The steel ring surrounding the button detects your finger and tells Touch ID to start reading your fingerprint. The sensor uses advanced capacitive touch to take a high-resolution image from small sections of your fingerprint from the subepidermal layers of your skin. Touch ID then intelligently analyzes this information with a remarkable degree of detail and precision. It categorizes your fingerprint as one of three basic types—arch, loop, or whorl. It also maps out individual details in the ridges that are smaller than the human eye can see and even inspects minor variations in ridge direction caused by pores and edge structures.
Touch ID can even read multiple fingerprints, and it can read fingerprints in 360-degrees of orientation. It then creates a mathematical representation of your fingerprint and compares this to your enrolled fingerprint data to identify a match and unlock your device. Touch ID will incrementally add new sections of your fingerprint to your enrolled fingerprint data to improve matching accuracy over time. Touch ID uses all of this to provide an accurate match and a very high level of security.
Security safeguards
Every fingerprint is unique, so it is rare that even a small section of two separate fingerprints are alike enough to register as a match for Touch ID. The probability of this happening is 1 in 50,000 for one enrolled finger. This is much better than the 1 in 10,000 odds of guessing a typical 4-digit passcode. Although some passcodes, like "1234", may be more easily guessed, there is no such thing as an easily guessable fingerprint pattern. Instead, the 1 in 50,000 probability means it requires trying up to 50,000 different fingerprints until potentially finding a random match. But Touch ID only allows five unsuccessful fingerprint match attempts before you must enter your passcode, and you can't proceed until doing so.
To configure Touch ID, you must first set up a passcode. Touch ID is designed to minimize the input of your passcode; but your passcode will be needed for additional security validation:
- After restarting your device
- When more than 48 hours have elapsed from the last time you unlocked your device
- To enter the Touch ID & Passcode setting
Since security is only as secure as its weakest point, you can choose to increase the security of a 4 or 6-digit passcode by using a complex alphanumeric passcode. You can do this when creating a passcode by tapping ‘Passcode Options’ and selecting Custom Alphanumeric Code.
You can also use Touch ID instead of entering your Apple ID password to purchase content from the iTunes Store, App Store, and iBooks Store. You will be asked to scan your fingerprint with each purchase. If Touch ID doesn't recognize your finger, you'll be asked to try again. After five failed attempts, you'll be given the option of entering your Apple ID password. In addition, you will need to enter your Apple ID password after:
- Restarting your device
- Enrolling or deleting fingers
If your device is lost or stolen, you can immediately disable Touch ID from being used to unlock your device with Find My iPhone Lost Mode. iOS 7 (or later) offers additional protection against theft with Activation Lock, which requires an Apple ID and password to turn off Find My iPhone, erase data, or reactivate your device.
Secure Enclave
Touch ID doesn't store any images of your fingerprint. It stores only a mathematical representation of your fingerprint. It isn't possible for someone to reverse engineer your actual fingerprint image from this mathematical representation. The chip in your device also includes an advanced security architecture called the Secure Enclave which was developed to protect passcode and fingerprint data. Fingerprint data is encrypted and protected with a key available only to the Secure Enclave. Fingerprint data is used only by the Secure Enclave to verify that your fingerprint matches the enrolled fingerprint data. The Secure Enclave is walled off from the rest of the chip and the rest of iOS. Therefore, iOS and other apps never access your fingerprint data, it's never stored on Apple servers, and it's never backed up to iCloud or anywhere else. Only Touch ID uses it, and it can't be used to match against other fingerprint databases.
Learn More
To learn more about iOS security, read the Security Configuration Guides.
Learn more about privacy and Location Services.