In the 14 months since Touch ID launched, it has become a standout feature of the iPhone and iPad line of devices. It makes paying for apps easier than ever, it’s a shift toward enhanced mobile security and it was the key to making Apple Pay a reality… but it still has its limitations.
Reddit user Xenon808 asked a question this week that many of us have probably pondered in the past:
“Why do you have to type in your PIN after rebooting your phone or after a certain amount of time?”
“Touch ID doesn’t store any images of your fingerprint. It stores only a mathematical representation of your fingerprint. It isn’t possible for your actual fingerprint image to be reverse-engineered from this mathematical representation. iPhone 5s also includes a new advanced security architecture called the Secure Enclave within the A7 chip, which was developed to protect passcode and fingerprint data. Fingerprint data is encrypted and protected with a key available only to the Secure Enclave. Fingerprint data is used only by the Secure Enclave to verify that your fingerprint matches the enrolled fingerprint data. The Secure Enclave is walled off from the rest of A7 and the rest of iOS. Therefore, your fingerprint data is never accessed by iOS or other apps, never stored on Apple servers, and never backed up to iCloud or anywhere else. Only Touch ID uses it, and it can’t be used to match against other fingerprint databases.”
So there you have it. Until you are logged back in to your phone, Touch ID can’t communicate with the Secure Enclave, making password entry a necessity.