We regularly talk about smartphone security and how it protects your personal data and privacy, but Apple and iOS security isn’t as frequently discussed as say, Android security. Additionally, mobile security breaches are usually software based hacks rather than hardware or silicon vulnerabilities. There are numerous occasions where software weaknesses have been found and exploited by hackers.
Today however, we’re reporting on a new potential security risk that has surfaced, but this time it appears to involve a particular part of Apple’s iPhone hardware.
What do the tech experts believe they have uncovered?
It’s seated in what is known as Apple’s Secure Enclave Chip. Essentially this piece of hardware operates entirely independently from everything outside of the phone and separately from Apps. It also does not interact in anyway with iCloud. The chip provides an additional level of security by managing the storage of keys protecting factors such as passwords, biometrics and your credit card details. It means that apps need to request access decryption in order activate.
Whilst this current smartphone hardware security breach is coming to light, there is little know about the actual details of what the risks are. What is known is that the flaw affects the A7 and A11 bionic chips.
However, it stands to reason that, if the hackers have gained full access to the Secure Enclave chip, it does not bode well for the security and privacy including as we’ve mentioned passwords and credit card details.
This is not the first time that hackers have been able to gain access to elements of the Secure Enclave chip. Back in 2017, hackers were able to take look at how the chip actually works. Although, during this particular attack, they were not successful in gaining access to any private data or information. Despite this being the case, it shows that the hardware itself is not entirely secure.
This current issue can only happen if the hacker had direct and physical access to the handset. So, if the smartphone has been stolen, lost or confiscated, the technique could be used to gain access to the sensitive data and information. This particular hack cannot take place remotely.
It is worth noting that the Blackphone PRIVY has never been hacked. The Blackphone PRIVY has had neither the software nor the hardware hacked, highlighting how the Blackphone PRIVY is one of the most secure smartphones available on the market today.
Even if the Blackphone PRIVY ended up in the hands of a hacker, the technology prevents them from being able to hack it. There is a highly modified locked down bootloader preventing any hacker gaining access at OS level.
There is a password duress feature and encrypted storage. Couple this with separate sandbox areas that separate all the data, apps and files, it means the hackers will not be able to successful retrieve any sensitive personal data or information.
In March 2020 we wrote an article entitled “Mobile Security – The Importance of Trust”. It detailed how trust in both the hardware and software is an important influencer in the purchase of a smartphone. This latest hack is yet another example of why choosing the Blackphone PRIVY over some of the more common smartphones is the real smart move.
This latest hack shows that smartphone users that want to keep their personal data and communications both private and secure, need to consider both the hardware and software security before purchasing their next handset.
If you would like to find out more details about how the Blackphone PRIVY can help secure your sensitive information, then please get in touch. We will be delighted to be able to help you.