Apple Platform Security
- Welcome
- Intro to Apple platform security
-
- System security overview
- Signed system volume security
- Secure software updates
- Operating system integrity
- Activating data connections securely
- Verifying accessories
- BlastDoor for Messages and IDS
- Lockdown Mode security
- System security for watchOS
- Random number generation
- Apple Security Research Device
-
- Services security overview
-
- Apple Pay security overview
- Apple Pay component security
- How Apple Pay keeps users’ purchases protected
- Payment authorization with Apple Pay
- Paying with cards using Apple Pay
- Contactless passes in Apple Pay
- Rendering cards unusable with Apple Pay
- Apple Card security
- Apple Cash security
- Tap to Pay on iPhone
- Secure Apple Messages for Business
- FaceTime security
- Glossary
- Document revision history
- Copyright
Verifying accessories for iPhone and iPad
The Made for iPhone and iPad (MFi) licensing program provides vetted accessory manufacturers access to the iPod Accessories Protocol (iAP) and the necessary supporting hardware components.
When an MFi accessory communicates with an iPhone or iPad, the accessory must prove to Apple that it’s been vetted. (The accessory-device connection is with Thunderbolt, Lightning, Bluetooth, or—for specific devices—USB-C.) As proof of authorization, the accessory sends an Apple-provided certificate to the device, which the device then verifies. The device then sends a challenge, which the accessory must answer with a signed response. This process is entirely handled by a custom integrated circuit (IC) that Apple provides to approved accessory manufacturers and is transparent to the accessory itself.
Verified MFi accessories can request access to different transport methods and functionality—for example, access to digital audio streams over the Thunderbolt cable, or location information provided over Bluetooth. An authentication IC is designed to help ensure that only approved MFi accessories are granted full access to the device. If an accessory doesn’t support authentication, its access is limited to analog audio and a small subset of serial (UART) audio playback controls.
AirPlay also uses the authentication IC to verify that receivers have been approved by Apple. AirPlay audio and CarPlay video streams use the MFi-SAP (Secure Association Protocol), which encrypts communication between the accessory and device using AES128 in counter (CTR) mode. Ephemeral keys are exchanged using ECDH key exchange (Curve25519) and signed using the authentication IC’s 1024-bit RSA key as part of the Station-to-Station (STS) protocol.