[Updated]Protect your iPhone from “Error 53”

[Update] Apple has released an update that will help users recover from Error 53.  You can read Apple's recommended repair steps here.

A client just asked me about a news article she saw on the internet. People across the globe have been updating their new iPhones to iOS 9, which then seems to lock the phone permanently. The only recourse at this time is to buy a new phone. When you try to restore the phone in iTunes, the following "Error 53" message is displayed. So what's going on?

Apple Error 53

This is the iTunes error message when the phone detects an unauthorized fingerprint reader.

This error only affects iPhone 6 and 6s model phones (including the Plus versions) that have been upgraded to iOS 9 after they have had their screen AND home button replaced at an unauthorized repair shop. These repair shops replace the damaged screen and button with after-market parts, usually from China. The button has a fingerprint reader built into it. The reader is used to authenticate all sorts of security features on the iPhone- everything from logging into the phone to paying with ApplePay.  The images of the fingerprints are transmitted from the reader to a "Secure Enclave" built into the processor (or "brains") of the phone where it is determined if the fingerprint is valid for unlocking the phone.

This technology has huge security implications and Apple has become very aware of user security. Apple has had a string of security breaches in the past. Users have seen their phones remotely wiped by hackers who guessed an iCloud password. One technology journalist even had all of his Apple devices remotely wiped out, losing all of his family photos and other important documents (it cost him nearly $2,000 to recover his data). So Apple has started to take security and data encryption very seriously.  Here is what Apple has to say about their encryption process:

The Secure Enclave uses encrypted memory ... Each Secure Enclave is provisioned during fabrication with its own UID (Unique ID) that is not accessible to other parts of the system and is not known to Apple. When the device starts up, an ephemeral key is created, entangled with its UID, and used to encrypt the Secure Enclave’s portion of the device’s memory space.
Additionally, data that is saved to the file system by the Secure Enclave is encrypted with a key entangled with the UID ...
The Secure Enclave is responsible for processing fingerprint data from the Touch ID sensor, determining if there is a match against registered fingerprints, and then enabling access or purchases on behalf of the user... It’s encrypted and authenticated with a session key that is negotiated using the device’s shared key that is provisioned for the Touch ID sensor and the Secure Enclave.

What does all that even mean?  Basically, encryption is a way of locking data in such a way as to prevent unauthorized users from accessing that data. You can think of encryption like a secret code. You have to have a key to decipher the code. Likewise, to access your encrypted information, you must have a decryption key. To transfer encrypted data from one person (or device) to another, both the sender and the recipient must have the same key. This is called a "pre-shared key". The hardware in the rest of the phone shares the same key with the fingerprint reader.

When the button is replaced by an unauthorized repair shop, the trust relationship is broken.  The brains of the phone recognizes that it no longer shares the same key with the fingerprint reader and assumes that someone is trying to "hack" the device.  Starting with iOS 9, Apple decided to permanently lock (or "brick") any phones that have been "compromised" to protect the data stored on the device.

Right or wrong, Apple is currently standing by the policy.  So, for now, the best way to avoid this issue is to speak with Apple Support before you have your phone repaired.  If your phone has recently been repaired by a company not authorized by Apple, you should hold off on upgrading to iOS 9 until this issue has been sorted out.  Additionally, some users are reporting that disabling Touch ID in the settings before upgrading to iOS 9 will prevent this issue, but I wouldn't recommend relying on this method.  You can't ever re-enable Touch ID and if it were to accidentally be re-enabled, your phone would stop working.

As always, you can contact us if you have questions about any of the Apple devices in your business.