Apple iPhone 5s
Apple’s flagship iPhone 5s smartphone handset is now firmly bedded in, ably accompanied by its drastically refreshed iOS 7 mobile Operating System.
A cursory flick through discussion forums on the subject reveals a typically polarized response – with fans praising iOS 7’s clean, purposeful new look, and detractors suggesting the freshly designed apps look like they’ve been cobbled together from a spare parts bucket filled with bits of older Operating Systems.
This post side-steps a discussion of general features and aesthetics, and instead focuses on three noteworthy security additions that the iPhone 5S and iOS 7 have brought with them:
1) Touch ID. The iPhone 5s embraces biometric security and has a fingerprint scanner built into the home button which can be used to effortlessly authenticate the user in lieu of the passcode function. Touch ID can also be used for authentication within Apple apps e.g. iTunes purchases. This new convenience will hopefully encourage the large numbers of people who don’t bother using passcodes to start locking their iPhones and is far more secure than a potentially guessable number. Touch ID also makes the handset ideal for issue to employees by companies keen to see their devices locked.
An understandable, but perhaps far-fetched concern with the iPhone 5s is that it becomes so desirable to thieves that they’re willing to steal an owner’s finger along with a handset and carry it around like a rabbit’s foot keyring to access the device. However, available details on the fingerprint reader indicate that it uses RF capacitative technology, which looks beyond the surface layer of a fingerprint and is dependent on electrical signals found in live skin. So in other words, fingers that look like they belong in the prop cupboard for a zombie movie probably won’t work.
Apple has also tried to allay fears that fingerprints used with the reader could somehow be stolen, pointing out that a mathematical representation of prints (as opposed to actual images) are only stored in a “secure enclave” in each handset’s A7 processor chip – not in the iCloud or any other remote location.
2) Enterprise Single Sign-on (SSO). SSO has been used in industry for some time now by services such as Microsoft Active Directory. Apple has now applied Kerberos SSO technology to iOS 7, which can allow it to simultaneously sign a user into multiple apps that use the same resources. For example, it could be used to sign a user into several company apps that all use the same corporate network. In time, when businesses have been able to adapt their enterprise apps to utilise this SSO functionality, the added convenience should enhance security by encouraging use of account logins.
3) Activation Lock. In iOS 7 theft deterrence has been taken to a new level that builds upon the previous Find My iPhone feature and should help to further deter would-be phone thieves. With Activation Lock a stolen device can be remotely rendered useless until the owners iCloud credentials are entered – preventing a thief from switching off Find My iPhone, or wiping the device altogether.
The newly animated wallpaper and minimalist software design may or may not impress, but from a security perspective the iPhone 5s is an impressive step in the right direction.