Reprinted from TidBITS by permission; reuse governed by Creative Commons
license BY-NC-ND 3.0. TidBITS has offered years of thoughtful commentary
on Apple and Internet topics. For free email subscriptions and access to the
entire TidBITS archive, visit http://www.tidbits.com/


                   John Gruber Analyzes Apple's Secure Intent

   Josh Centers

   A recent update to Apple's Platform Security Guide describes the
   company's [1]Secure Intent technology, which lets you securely confirm
   an action without entering a password or passcode. It works through
   some sort of hardware trigger'Touch ID, Face ID, or an Apple Watch's
   side button'connected to a Secure Enclave. It's designed so that even
   if you have software running with root privileges or at the kernel
   level, the intent cannot be spoofed. Think about using Touch ID to sign
   into your Mac, double-pressing the side button on an Apple Watch to
   unlock System Preferences, or double-pressing the side button to
   confirm a purchase on a Face ID-equipped iPhone.

   [2]John Gruber of Daring Fireball analyzed Apple's statement to draw
   some conclusions. For instance, Secure Intent explains why Macs have
   stuck with Touch ID instead of making the seemingly obvious move to
   Face ID, since you would still need some sort of button connected to a
   Secure Enclave to support Secure Intent. Gruber suspects that the
   future of Apple's biometric authentication will be multi-sensor,
   combining both Face ID and Touch ID.

   [3]Read original article

References

   1. https://support.apple.com/guide/security/secure-intent-connections-enclave-sec7a94f7d1e/web
   2. https://daringfireball.net/2021/06/secure_intent_on_apple_devices
   3. https://daringfireball.net/2021/06/secure_intent_on_apple_devices

.