If you’ve ever wondered why you have to type in your password after rebooting your iPhone with Touch ID, Jacob Siegal figured it out after checking with Apple.
Touch ID doesn’t store any images of your fingerprint. It stores only a mathematical representation of your fingerprint. It isn’t possible for your actual fingerprint image to be reverse-engineered from this mathematical representation. iPhone 5s also includes a new advanced security architecture called the Secure Enclave within the A7 chip, which was developed to protect passcode and fingerprint data. Fingerprint data is encrypted and protected with a key available only to the Secure Enclave. Fingerprint data is used only by the Secure Enclave to verify that your fingerprint matches the enrolled fingerprint data. The Secure Enclave is walled off from the rest of A7 and the rest of iOS. Therefore, your fingerprint data is never accessed by iOS or other apps, never stored on Apple servers, and never backed up to iCloud or anywhere else. Only Touch ID uses it, and it can’t be used to match against other fingerprint databases.
I love Touch ID and Apple Pay.