Apple Publishes iOS Security Guide with Apple Pay Details

Apple has published a 48 page PDF entitled "iOS Security," dated October 2014. Not only does it have a broad overview of iOS security in general, but it was also recently updated to include details of the Apple Pay technology and transaction security.


This document will be of interest to corporations who deploy a large number of iOS devices, Apple customers and technical writers who want to understand how Apple implements security in iOS. From the introduction:

Apple designed the iOS platform with security at its core. When we set experience to build an entirely new architecture. We thought about the security hazards of the desktop environment, and established a new approach to security in the design of iOS. We developed and incorporated innovative features that tighten mobile security and protect the entire system by default. As a result, iOS is a major leap forward in security for mobile devices.

Here's what the table of contents looks like.

Apple Pay Details

Of particular interest will be the section, starting on page 24, that outlines how Apple Pay has been implemented. For example, here's an excerpt from the payment authorizaton section.

Communication between the Secure Enclave and the Secure Element takes place over a serial interface, with the Secure Element connected to the NFC controller, which in turn is connected to the application processor. Even though not directly connected, the Secure Enclave and Secure Element can communicate securely using a shared pairing key that is provisioned during the manufacturing process. The pairing key is generated inside the Secure Enclave from its UID key and the Secure Element’s unique identifier. The pairing key is then securely transferred from the Secure Enclave to a hardware security module (HSM) in the factory, which has the key material required to then inject the pairing key into the Secure Element. The encryption and authentication of the communication is based on AES, with cryptographic nonces used by both sides to protect against replay attacks.

Part of the discussion above is referencing how Apple has designed the iPhone's security such that it cannot be compromised during manufacture in the factory.

Overall Architecture

In the introduction, Apple provides a schematic diagram of various technologies discussed in the document. Diagrams like this often provide a conceptual feel for the flow of secure or encrypyted information in an iPhone, put terms like "Secure Enclave" into context and make the iOD device feel less like a black box in which everything is a mystery, often the subject of conjecture or just plain mythology.

For example, have you ever wondered what's happening during the iPhone's start up process? All we see is a spinning gear, but there's a lot going on inside. For example:

"Each step of the startup process contains components that are cryptographically signed by Apple to ensure integrity and that proceed only after verifying the chain of trust. This includes the bootloaders, kernel, kernel extensions, and baseband firmware. When an iOS device is turned on, its application processor immediately executes code from read-only memory known as the Boot ROM. This immutable code, known as the hardware root of trust, is laid down during chip fabrication, and is implicitly trusted. The Boot ROM code contains the Apple Root CA public key, which is used to verify that the Low-Level Bootloader (LLB) is signed by Apple before allowing it to load. This is the first step in the chain of trust where each step ensures that the next is signed by Apple. When the LLB finishes its tasks, it verifies and runs the next-stage bootloader, iBoot, which in turn verifies and runs the iOS kernel. This secure boot chain helps ensure that the lowest levels of software are not tampered with and allows iOS to run only on validated Apple devices."

While the level of discussion in this document may introduce some nomenclature and concepts not familiar to the average customer, careful readers will be able to learn a lot about the processes involved in Apple Pay and gain a lot of confidence in how Apple has throught through the overall security architecture of iOS.