What is Apple’s Secure Enclave?

Key Takeaways

  • Secure Enclave is a specialized hardware part of Apple’s system on chip (SoC).
  • The Secure Enclave is used for the creation and storage of unique encryption keys.
  • It ensures that stored keys and the OS remain separate, making it challenging for bad actors to access stored data.



Security is a core part of Apple’s corporate DNA. So much so, the company doesn’t shy away from featuring privacy and security in its marketing campaigns. A recurring feature of the company’s platform security strategy is the Secure Enclave. The Secure Enclave sounds impressive, but it can be unclear what it actually does. Let alone what makes it actually secure — or even an enclave.

Related

The iPhone’s Ultra Wideband chip does more than you might think

Every iPhone since 2019 features a U1 or U2 chip, but have you ever wondered what it does?

What is the Secure Enclave?

Specialized hardware

The Apple lock icon next to the word privacy on the black background.

Apple

The Secure Enclave is a specialized part of Apple’s system on chip (SoC) dedicated to creating and storing unique, on-device encryption keys for the operating system (OS) and third-party applications installed on the device. The Secure Enclave has a dedicated processor, memory, and storage to encrypt and decrypt data when asked by apps or the OS.


The encryption keys stay local and only accessible to the Secure Enclave.

What makes the Secure Enclave uniquely secure is that while the OS and apps can request data to be encrypted and decrypted using the stored keys, they cannot access the keys themselves. The encryption keys stay local and only accessible to the Secure Enclave. Stored keys are also never stored on iCloud or any other cloud service — everything is always kept on the device. This deep separation between the OS and the keys stored on the isolated Secure Enclave is what makes it incredibly challenging for bad actors to access it and ensures its security.

Devices with a Secure Enclave include:


  • iPhone 5S and later
  • iPad Air and later
  • Apple TV HD and later
  • Apple Watch Series 1 and later
  • HomePod and HomePod mini
  • Apple Vision Pro
  • All Macs with Apple silicon
  • MacBook Pros with Touch Bar from 2016 and 2017 that contain the Apple T1 Chip
  • Intel-based Macs with an Apple T2 Security Chip

Apple outlines the technical details of the Secure Enclave in its Platform Security guide.

Related

Apple’s Passwords app isn’t a 1Password replacement

Even with Apple releasing a dedicated Passwords app in iOS 18, 1Password continues to reign supreme in the password management space.

What is the Secure Enclave used for?

Protecting sensitive data

Face ID setup on the left and Apple Pay on the right.

Apple / Pocket-lint

Apple’s Secure Enclave is an impressive piece of technology. It’s essential for keeping Apple devices secure and preserving the company as an industry leader in platform security. Still, you may want to know which services the Secure Enclave actually affects. While the Secure Enclave is a processor for encrypting and decrypting data, not a storage bucket, it supports securing a user’s most sensitive personal data.


Here’s a list of what the Secure Enclave helps secure:

Related

Where is Apple’s Self Service Repair program available?

Apple’s Self Service Repair program now spans 33 countries, offering manuals and parts for 42 products.


Trending Products

0
Add to compare
Corsair 5000D Airflow Tempered Glass Mid-Tower ATX PC Case – Black

Corsair 5000D Airflow Tempered Glass Mid-Tower ATX PC Case – Black

$174.99
0
Add to compare
CORSAIR 7000D AIRFLOW Full-Tower ATX PC Case, Black

CORSAIR 7000D AIRFLOW Full-Tower ATX PC Case, Black

$269.99
.

We will be happy to hear your thoughts

Leave a reply

SunQuest11
Logo
Register New Account
Compare items
  • Total (0)
Compare
0
Shopping cart