Biometrics need to be evaluated on a separate computer for security reasons. Sending them to the main CPU is a non-starter.
When you do this, the parts must be securely linked otherwise you can swap the biometric system with one that is already unlocked.
And, they want to ensure the Face ID dot projection and image captures come from a real camera and projector system, not some device that spoofs them. And in reverse, to prevent intercepting and capturing biometric data.
> Biometrics need to be evaluated on a separate computer for security reasons.
But why? What's the algorithm/architecture here? I am genuinely curios here.
I guess we can generalize finger/face readers as multichannel cameras. What do you gain by computing a "hash" of the data (and the associated machinery to send that hash securely) versus simply sending raw data for evaluation at CPU level? In the end the CPU has to trust the data sent by peripheral anyway.
I understand the use of separate compute unit when extraction of secrets must be protected, but in this case it is the CPU that protects those secrets anyway.
The validation is done outside the CPU I believe too, that’s certainly what happens with the fingerprint reader. I think the process is documented in the secure enclave white paper
When you do this, the parts must be securely linked otherwise you can swap the biometric system with one that is already unlocked.
And, they want to ensure the Face ID dot projection and image captures come from a real camera and projector system, not some device that spoofs them. And in reverse, to prevent intercepting and capturing biometric data.