The passage of time makes the evolution of iOS and iPadOS go according to user requests. The division of the operating system for iPhone and iPad meant a before and after at the software level because it allowed expanding the software of an iPad that demanded much more than what Apple offered. In the same way, some specific functions of iOS for iPhone can be amplified thanks to the fork suffered a few years ago. One of the aspects that many users demand is the arrival of support for multi-user accounts that allow the device to be used with multiple accounts. Thanks to a new Apple patent we could be closer to this option for iOS and iPadOS.
Secure Enclave, the key to multi-user accounts
The patent registered by Apple has the name 'Provision of domains in secure enclave to support multiple users'. This complex name has a simple description that could be summarized in that the device must have a first processor to receive the credentials of each of the user accounts. A second processor to ensure the security to receive the request from the first processor. And finally, a third processor to authenticate the user and block the first one in case the access method is mis-inserted multiple times.
Throughout the patent much is said about Secure Enclave. This coprocessor is manufactured by Apple and integrated into the system and provides 'all cryptographic operations for data protection key management and maintains data protection integrity even if the kernel has been compromised'. That is to say, is the key tool to keep the following services safe, among others:
- Unlocking the device or account (password and biometric)
- Hardware encryption / data protection / FileVault (data at rest)
- Secure boot (firmware and OS trust and integrity)
- Camera Hardware Control (FaceTime)
The complexity of assigning specific keys to each user
But problem resides in Secure Enclave. This chip is designed for encrypt device storage with the access method that the user executes to unlock the device. If this layer of security cannot be overcome, the files on the device cannot be accessed. The problem is that Secure Enclave he would have to know how to differentiate which files belong to each user and encrypt them with independent keys.
It's clear that the hardware, including the Secure Enclave chip, the software (iOS and iPadOS), and the devices themselves are ready to receive multi-user account support. What's more, Apple works and continues to register technical patents to allow defining the best strategy to implement this technology. However, we are not certain that we will see multi-user accounts on iOS and iPadOS 15, rather the patent indicates that they are working on and exploring the idea. We will see what happens. Meanwhile, we can enjoy it concepts who can imagine what the integration of multi-user accounts would be like on iOS and iPadOS.
I see it more oriented for desktop, such as macbook and imac with ARM chips and have FaceID or fingerprint, which have multi-user accounts, but on the iphone I doubt it a lot, but iPad pro could be a reality, although Apple would lose sales of 1 ipad for user, 1 ipad per family. I don't think it will be profitable for them.