Apple’s Secure Enclave encrypts and holds sensitive data such as passwords and biometric logins for Touch ID and Face ID. For security, the system is designed so that the data remains on the device, and is never synced with iCloud or other network services.
Now, however, a group of Chinese hackers from Pangu Team claim they have found a security flaw in the hardware for the Secure Enclave in all Apple chips from A7 to A11 Bionic, reports 9to5Mac. This means millions of devices are affected: from the iPhone 5s to the iPhone X, and from the iPad mini 2 to the iPad 10.2in (2019).
Hardware issues mean Apple cannot send out a software update to fix the flaw. The precise nature of the vulnerability is not clear, but its seriousness will become clear in the coming months.
Security flaws such as these often require physical access to the hardware in order to be exploited. This means that for most people, it won’t pose a serious risk – but it may give authorities and others an opportunity to access sensitive data if devices are confiscated.
For advice on keeping your device safe, read our iPhone security tips.
This article originally appeared on Macworld Sweden. Translation by David Price.