Technology pundits have often criticized Apple for being behind the curve when it comes to introducing innovative new features to the iPhone, aspersions that are sometimes understandable when you consider how many Android makers have gotten there first when it comes to things like multi-lens camera systems, and that’s really just the most recent example.
In fact, many of the features that Apple has introduced to the iPhone and iOS over the years technically came to the Android platform first, but it’s hard to argue that in almost every case, Apple has done a much better job with its implementations of those features. In short, Apple is more concerned about doing a feature well than it is about having that feature first, and for the most part, Apple’s approach gives credence to the old adage that “slow and steady wins the race.”
However, there are also still areas in which Apple very clearly leads the pack from far ahead, such as when it comes to the security and privacy of iOS and the iPhone platform. In fact, when Apple introduced the Secure Enclave back in 2013 with the debut of Touch ID on the iPhone 5s, there was nothing else in the consumer industry that came even close to offering this level of security, and it’s something that most other smartphone manufacturers are taking years to even begin to catch up with.
The Secure Enclave
As per Apple’s usual style, it doesn’t talk in much technical detail about the technology behind the Secure Enclave, since most iPhone users don’t really need to know anything beyond “it’s very secure.” For those who want to dive deeper, however, it’s fairly easy to find the details on Apple’s website.
In summary, however, the magic of the Secure Enclave is that Apple actually created a chip dedicated to securing data in such a way that even Apple itself wouldn’t be able to extract information. This was originally used to store fingerprint data when Touch ID was introduced, and later also became the repository for payment information for Apple Pay, and of course facial recognition data for Face ID.
Essentially, what Apple has done is partitioned off a section of its A-series chips and used it to store highly sensitive information. A customized operating system runs on this Secure Enclave coprocessor, completely separate from the rest of iOS, and its job is to encrypt and store the information that’s submitted to it, and then only verify that information when asked for comparison.
For example, when you set up Face ID or Touch ID on your iPhone, this data is handed off to the Secure Enclave, which stores it. Since the Secure Enclave is programmed to never give this information out under any circumstances, your biometric data is taking a one-way trip into the Secure Enclave. When you subsequently authenticate using Face ID or Touch ID, iOS simply hands your new biometric data to the Secure Enclave, basically asking “Does this match?” and the Secure Enclave replies with a yes or a no.
Apple’s Secure Enclave is in fact one of the main reasons why even law enforcement officials with millions of dollars in resources have a hard time getting into locked iPhones. In fact, the only option that’s generally available to them is simply to try and guess the user’s passcode by “brute force” — something that’s made considerably more difficult with longer passwords.
Apple Leads, Others Follow Slowly
A new report by Counterpoint Research highlights how most other smartphones have been trying to model their own hardware security after Apple’s Secure Enclave.
While Samsung and Google take slightly different technological approaches, others such as Huawei, Xiaomi, OnePlus, Oppo, Vivo, LG, and Sony can now take advantage of a “secure processing unit” (SPU) in Qualcomm’s latest Snapdragon processors. While Google, on the other hand, implements its own “Trust Platform Module” (TPM) in its Pixel phones, it’s still loosely based on Apple’s Secure Enclave technology.
According to Counterpoint, however, only one-third of global smartphones sold last year included this kind of embedded hardware security, meaning that Android makers are still playing catchup, and many haven’t yet taken full advantage of the secure elements that are already found in Qualcomm’s chips.
Of that one-third slice of secure smartphones sold last year, however, Apple enjoys a 42% market share, since of course every iPhone that Apple currently sells includes the Secure Enclave; in fact, there has not been an iPhone available without it since the iPhone 5c was discontinued in 2015.
In other words, 100 percent of the iPhones that Apple has sold for the past five years have included the kind of hardware security that most Android makers haven’t been able to offer on even a third of the smartphones that they sold in a single year.