Multi-user accounts on iPadOS

The passage of time makes iOS and iPadOS evolve based on user demands. The division of the operating system for iPhone and iPad meant a before and after at the software level as it allowed to extend the software of an iPad that required much more than what Apple offered. Likewise, some specific functions of iOS for iPhone can be amplified thanks to the fork suffered a few years ago. One of the aspects demanded by many users it’s the arrival of support for multi-user accounts that allow the device to be used with multiple accounts. Thanks to a new Apple patent we could get closer to this option for iOS and iPadOS.

Associated article:

81% of iPhones released in the past four years already have iOS 14

Secure Enclave, the key to multi-user accounts

The patent filed by Apple is called “Providing Domains in a Secure Enclave to Support Multiple Users.” This complex name has a simple description that could be summed up as what the device must have a first processor to receive the credentials of each user account. A second processor to provide security to receive the request from the first processor. And finally, a third processor to authenticate the user and block the first in case the access method is incorrectly inserted several times.

Throughout the patent, there is a lot of talk about Secure Enclave. This coprocessor is manufactured by Apple and integrated into the system and provides “all cryptographic operations for the management of data protection keys and maintains the integrity of data protection even if the kernel has been compromised.” That is to say, is the key tool to ensure the security of the following services, among others:

  • Unlocking the device or account (password and biometric)
  • Hardware encryption / Data protection / FileVault (data at rest)
  • Secure boot (trust and integrity of firmware and operating system)
  • Camera hardware control (FaceTime)

Apple A14 Chip

The complexity of assigning specific keys to each user

But the problem lies with the Secure Enclave. This chip is designed for encrypt device storage with the access method that the user performs to unlock the device. If this layer of security cannot be overcome, the files on the device cannot be accessed. The problem is that Secure Enclave he should know how to differentiate the files belonging to each user and encrypt them with independent keys.

It’s clear that the hardware, including the Secure Enclave chip, the software (iOS and iPadOS), and the devices themselves are all set to receive multi-user account support. In addition, Apple operates and continues to register technical patents to help define the best strategy to implement this technology. However, we’re not sure we’ll see multi-user accounts on iOS and iPadOS 15, but instead the patent says they’re working and exploring the idea. We’ll see what happens. In the meantime, we can take advantage of the concepts that imagine what the integration of multi-user accounts in iOS and iPadOS would be.