Researchers criticise the iPhone's PIN storing practice
Apple's iPhone smartphones permanently store the PIN number from an installed SIM card in a keychain. According to Jens Heider from the Fraunhofer Institute for Secure Information Technologoy (SIT), this Apple policy not only goes against the relevant standards, it also puts users' security at risk because the PIN can be quite easily retrieved even from a locked device.
The H's associates at heise Security were able to easily and quickly locate the SIM_PIN entry with the 4 correct digits in the keychain. The entry remains in the keychain until the device is fully powered down. This fact is also documented in Apple's recent security overview; apparently, Apple uses the entries to avoid having to request the SIM card's PIN code from users after a crash.
The problem with this approach is that the SIM_PIN can be reconstructed if, say, a thief gets hold of a locked iPhone. The keychain entry isn't protected by the iPhone's code lock and can be retrieved directly (protection class
In his iOS Keychain Weakness FAQ, Heider says that Apple's approach is in breach of the ETSI/3GPP SIM card specification. Section 5.3 of this specification states that "user related security codes such as PIN and Unblock PIN" may only be stored by the mobile equipment (ME) "during the procedures involving such a code" and unequivocally continues by saying that they must be "discarded by the ME immediately after completion of the procedure."
In view of the fact that even security-conscious users don't want to have to memorise two PINs for their mobile, and therefore tend to choose the same lock code for their iPhone and SIM card, these concerns may seem rather theoretical in nature; however, they gain in importance when considering that some mobile telephony providers' such as Orange in France and T-Mobile in Germany are developing new NFC-based payment methods for smartphones that identify users by their SIM cards.