Difference between revisions of "TouchID"

From iPhone Development Wiki
Jump to: navigation, search
 
(6 intermediate revisions by 3 users not shown)
Line 1: Line 1:
'''''This post is still in a 'beta' stage and more information will be added to it as we find out more about Touch ID.
+
'''Touch ID''' is Apple's name for its fingerprint sensor technology in the iPhone 5s (and higher) home button, an alternative to typing in a lock screen passcode. See also: [http://theiphonewiki.com/w/index.php?title=Touch_ID Touch ID on TheiPhoneWiki].
'''''
 
'''''Also see:''''' http://theiphonewiki.com/w/index.php?title=Touch_ID
 
  
Apple has embedded a fingerprint sensor into the iPhone 5s's Home Button as a way to bypass the lock screen's passcode. This is Touch ID.
+
All fingerprint information is encrypted and stored in the A7 chip. TouchID stores "mathematical representation" of fingerprints.  
  
All fingerprint information is encrypted and stored in the A7 chip. Touch ID it does stores "mathematical representation" of fingerprints.  
+
The iPhone 5s has a security architecture called Secure Enclave within the A7 chip, which protects and verifies fingerprint matches. Apple said the Secure Enclave is "walled off from the rest of A7 and as well as the rest of iOS", meaning only Touch ID has access to fingerprint data.  
  
The iPhone 5s has an advanced security architecture called the Secure Enclave - within the A7 chip that protects and verifies fingerprint matches. Apple said the Secure Enclave is "walled off from the rest of A7 and as well as the rest of iOS", meaning only Touch ID has access to fingerprint data.  
+
TouchID has 4 header files (which can all be found at [http://developer.limneos.net/ developer.limneos.net]):
 +
PSBiometricIdentity.h
 +
SBUIBiometricEventMonitor.h
 +
SBUIBiometricEventObserver.h
 +
BiometricKitDelegate.h
  
TouchID has 4 header files:
+
The main class is BiometricKit, which is a singleton class (+manager).
                                          PSBiometricIdentity.h
 
                                          SBUIBiometricEventMonitor.h
 
                                          SBUIBiometricEventObserver.h
 
                                          BiometricKitDelegate.h
 
  
Which can all be found at: developer.limneos.net.
+
<code>PSBiometricIdentity.h</code> is responsible for the settings of TouchID, which can be found in Settings > General > Touch ID & Passcode > Touch ID. The two SpringBoardUIServices headers are responsible for scanning and detecting the finger on the lock screen; they use the delegate methods to, for example, match the finger such as in the <code>-(void)matchResult:(id)arg1;</code> method.  
  
The main class is BiometricKit which is a singleton class (+manager).
+
If you log the argument of that method, you will get something around the lines of: <code>-[<SBUIBiometricEventMonitor: 0x17867c3c0> matchResult:<BiometricKitIdentity: 0x1782562f0>]</code> . That <code><BiometricKitIdentity: 0x1782562f0></code> is the name of the finger that was just scanned and verified. We know from Apple that Touch ID is stored on the A7 processor chip inside the 5s in a secure enclave. What do we not know? How much storage is their in this secure enclave? Is it variable?
  
The PSBiometricIdentity.h is responsible for the settings of TouchID which can be found in settings >General > TouchId & Passcode > Touch ID. The 2 SpringBoardUIServices headers are responsible for scanning and detecting the finger on the lock screen; they use the delegate methods to for example match the finger like in the -(void)matchResult:(id)arg1; method.
+
== Detecting taps ==
  
If you log the argument of that method you will get something around the lines of:  -[<SBUIBiometricEventMonitor: 0x17867c3c0> matchResult:<BiometricKitIdentity: 0x1782562f0>] .
+
You can detect taps using methods found in SBReachabilityTrigger.h
That <BiometricKitIdentity: 0x1782562f0> is the name of the finger that was just scanned and verified. Now we know from Apple that Touch ID is stored on the A7 Processor chip inside the 5s in a secure enclave. What do we not know? How much storage is their in this secure enclave? Is it variable?...
 
  
You can also Google "Biokit.h", and from the Gist you can see the headers of the BiometricKit.framework. (You can also dump them yourselves, it is shipped with the iPhoneOS 7.0 SDK on Xcode and of course on an iPhone 5s.) You will find more interesting classes, such as:
+
== BiometricKit.framework ==
#<tt>BiometricKitIdentity</tt> (representing the enrolled fingerprints with name, UUID, etc.)
+
{{ main|BiometricKit.framework }}
#<tt>BiometricKitMatchInfo</tt> (contains presumably the actual fingerprint digital representation with up to 15 "topology nodes", returned from <tt>BiometricKitDelegate</tt>'s <tt>- (void)matchResult:(BiometricKitIdentity *) withDetails:(BiometricKitMatchInfo *)</tt>)
 
#<tt>BiometricKit</tt>, its delegates and other XPC stuff
 
  
<tt>- (void)biometricEventMonitor:(SBUIBiometricEventMonitor *) handleBiometricEvent:(unsigned)</tt> from <tt>SBLockScreenManager</tt> would be invoked always after the screen is on and a fingerprint is registered. One exception is when the user enters the TouchID settings under <tt>Preferences.app</tt>, where the app took control of all the callbacks, and we have to lock and unlock the screen again in order to receive messages from the aforementioned callback again.
+
== References ==
  
The same issue happens if you hook up to the <tt>BiometricKitXPCClient</tt>'s <tt>- (void)matchResult:(BiometricKitIdentity *) withDictionary:(NSDictionary *);</tt>; or use the good old delegate way with <tt>[BiometricKit manager]</tt>. I'm still trying to figure out how to revive that, if you found any way around this please do share with us.
+
#http://www.pocket-lint.com/news/123832-apple-s-touch-id-fingerprint-sensor-explained-here-s-what-you-need-to-know
 
 
''REFERENCES:''
 
 
 
http://www.pocket-lint.com/news/123832-apple-s-touch-id-fingerprint-sensor-explained-here-s-what-you-need-to-know
 

Latest revision as of 22:52, 30 December 2014

Touch ID is Apple's name for its fingerprint sensor technology in the iPhone 5s (and higher) home button, an alternative to typing in a lock screen passcode. See also: Touch ID on TheiPhoneWiki.

All fingerprint information is encrypted and stored in the A7 chip. TouchID stores "mathematical representation" of fingerprints.

The iPhone 5s has a security architecture called Secure Enclave within the A7 chip, which protects and verifies fingerprint matches. Apple said the Secure Enclave is "walled off from the rest of A7 and as well as the rest of iOS", meaning only Touch ID has access to fingerprint data.

TouchID has 4 header files (which can all be found at developer.limneos.net):

PSBiometricIdentity.h 
SBUIBiometricEventMonitor.h
SBUIBiometricEventObserver.h
BiometricKitDelegate.h

The main class is BiometricKit, which is a singleton class (+manager).

PSBiometricIdentity.h is responsible for the settings of TouchID, which can be found in Settings > General > Touch ID & Passcode > Touch ID. The two SpringBoardUIServices headers are responsible for scanning and detecting the finger on the lock screen; they use the delegate methods to, for example, match the finger such as in the -(void)matchResult:(id)arg1; method.

If you log the argument of that method, you will get something around the lines of: -[<SBUIBiometricEventMonitor: 0x17867c3c0> matchResult:<BiometricKitIdentity: 0x1782562f0>] . That <BiometricKitIdentity: 0x1782562f0> is the name of the finger that was just scanned and verified. We know from Apple that Touch ID is stored on the A7 processor chip inside the 5s in a secure enclave. What do we not know? How much storage is their in this secure enclave? Is it variable?

Detecting taps

You can detect taps using methods found in SBReachabilityTrigger.h

BiometricKit.framework

References

  1. http://www.pocket-lint.com/news/123832-apple-s-touch-id-fingerprint-sensor-explained-here-s-what-you-need-to-know