New Patent Reveals Apple is Taking Touch ID to the Cloud

A new Apple patent has been published by the USPTO which reveals the transfer of Touch ID information via iCloud, as reported by AppleInsider. The patent shows a system where Touch ID information can be collected on a primary device and then transferred to a secondary device via iCloud for authentication. This new system has a profound usage in Apple Pay as well. This system can allow Apple Pay terminals, integrated with their own Touch ID sensors, to perform biometric authentication and process transactions without the need for presence of the primary device.

In the earlier Touch ID system, the biometric information was stored only on the device. But the new system, according to the patent, will offer new options to maintain security. This not only includes the transfer of Touch ID information, but there is also the option that the secondary device can send gathered information to the primary device for authorization. The patent reveals that the data will be transferred over wireless technologies like NFC, Bluetooth or an ad-hoc WiFi connection between the two devices.

The patent also talks of an Apple Pay based use case. The use case shows the secondary device in the Touch ID info transfer being an Apple Pay based terminal equipped with a fingerprint sensor itself. Users can use Apple Pay at such terminal locations without having to carry their iPhones. The information gathered on the terminal can be sent to the primary device, encrypted with a unique code. The authentication can then take place at the primary device ensuring more security for the user information.

The original Touch ID system was established with the prospect of keeping the sensitive biometric information on the device itself. Moreover, we are all aware of the iCloud hack that took place a while ago, resulting in the leaking of loads of cloud data. Although this new cloud based Touch ID sounds more convenient, the actual established system would indeed have to go through rigorous tests to ensure the absence of any security gaps.