Apple is working on a feature that allows multiple users to share the iPhone. This way, the family can share an iPhone or rather an iPad while each one gets to keep their information private. Apple is working on Secure Enclave technology to enable multiple users.
There is no mention of iOS in the patent. However, Mac’s already supports multi-user, and this means the new feature is aimed at iOS. Most importantly, Apple is developing ways to make it as secure as possible. For this, the device uses multiple passcodes and encryption keys unique to each user account. The user is required to authenticate on the login screen before accessing their profile.
It is very important that the data is encrypted, if not then a user can access data without knowing the password.
A malicious attacker may be able to extract data directly from the memory,” continues the patent. “If the attacker has physical access to the computing system, the attacker can remove one or more storage devices from the system and access those devices via a different system.
The catch here is that certain features remain common for all the users while others are exclusive. In the case of the iPhone, all the details, including Apple Pay, App Store login, iCloud, and others will be unique for each profile. It also applies to App Subscriptions and certain app-specific settings. Apple’s patent details the use of a peripheral processor that works separately from the system processors. The peripheral processor “is a system on a chip (SoC) integrated circuit that enables various secure peripheral and input/output (I/O) operations.”
Multi-user Support for Face ID, TouchID, Passcode
Interestingly Apple has not mentioned T2 Chip and perhaps is working on a different version of the chip. The feature is likely to include a variation of a secure enclave processor. Furthermore, the patent also explains how SEP will limit access to a particular user while giving the administrator the right to grant access to other users.
The users will still be able to log in via Face ID, TouchID, and even Passcode. Apple has also devised a mechanism wherein the system will slow down after multiple failed login attempts. This is called Passcode throttling and used “to limit the rate in which an unauthorized user can attempt to enter incorrect passcodes.”
Alternately, the passcode throttling can be set to activate after a certain number of failed attempts. It reduces the possibility of brute-force passcode attacks and frustrations associated with accidental lockout.[via AppleInsider]