Apple explained in detail how the Touch ID

Apple has published a document on how to operate Touch ID and Secure Enclave (in the A7 processor, which stores fingerprints) to ensure the safety of users of the technology.

It all starts with A7 chip production. Secure Enclave Each has its own unique ID (Unique ID), who do not even know at Apple. For communication with the Touch ID Secure Enclave creates a one-time key that is "bound" to the UID.

Although the A7 processor and is the vehicle for the safety of the system, it can not pass the information to any other place, even the company itself. All that is available in the Apple - analysis of the operation of sensors.

The paper reported that neither Apple's, or the user can not save the information at Secure Enclave information. It is not written in backup iTunes, iCloud, the company's servers or any other source. This was done in order to prevent theft of the fingerprint data.

Putting a finger on Touch ID user generates a unique key that only works with a strictly defined the UID, after which allows access to the Secure Enclave, and already he compares fingerprints, and only then gives a command to unlock iOS device.

By the user entering the password protection is limited, but it goes the same way as the Touch ID. This allows you to build an additional level of data protection. If your fingerprint is not recognized Touch ID, you will be prompted to enter a password.

Apple has not stinted and told how the security system is a bunch of keys iCloud.

In order to use a bunch of keys, it is necessary to authenticate a password, which is sent to the account tied to the telephone number, or another device associated with the same account. In the case of multiple input incorrect password account is locked for a while, or until the connection with tehpoderzhkoy company. It all depends on the number of failed attempts.

If you are interested in this topic and want to learn more, I recommend reading the entire document.