Our devices are an important part of daily life, so a shattered smartphone screen or a broken headphone jack needs to be fixed—the quicker and cheaper the better. But if you have an iPhone and don’t go through Apple, you could be left with a hopeless brick.
On Friday, the Guardian published a troubling report about an iPhone problem called “Error 53.” Numerous anecdotes, discovered in forums online and gathered by the Guardian itself, describe the same issue: a bricked iPhone that will only display an “Error 53” message and can’t be restored. IPhones producing Error 53 run iOS 9 and contain a replaced part that is affecting either the device’s Touch ID sensor or motherboard.
Apparently Apple has iPhone motherboards and Touch IDs tied to special codes. Beginning with iOS 9, if a component gets replaced but doesn’t have the correct matching code, the phone will become a hopeless brick. This happens most commonly when a third-party does a home-button repair, but can also come from changing the motherboard during a cracked-screen replacement.
Reports of problems with Error 53 are becoming more frequent as iOS 9 adoption increases. A user who replaced her home button months or even years ago through a third party won’t notice a problem until she upgrades to iOS 9. The only way to fix the problem is to reunite the original parts. But Error 53 can even be triggered without any type of third-party repair. If a home button is broken, or the ribbon cable that connects it is loose, the phone may become a brick in error.
Apple says that this measure is meant to protect Touch IDs against tampering. A representative told the Guardian:
We protect fingerprint data using a secure enclave, which is uniquely paired to the touch ID sensor. When iPhone is serviced by an authorised Apple service provider or Apple retail store for changes that affect the touch ID sensor, the pairing is re-validated. … Without this unique pairing, a malicious touch ID sensor could be substituted, thereby gaining access to the secure enclave. When iOS detects that the pairing fails, touch ID, including Apple Pay, is disabled so the device remains secure.
It’s a pretty solid defense of the practice. You can easily imagine a crooked repair shop installing malware-ridden Touch IDs that steal fingerprints and other data. But there are some problems with Apple’s approach.
Apple products are increasingly available around the world, but there aren’t Apple Stores or official Apple repair sites in every region. Nonetheless, the company has always been adamant about discouraging third-party repairs. For years Apple Care warranties have warned that they could be voided by the presence of third-party parts in a device. This is Apple’s attempt to control all phases (money-making opportunities) of product life. It allows the company to charge what it wants for repairs by discouraging customers from seeking cheaper alternatives. And you can see how the Touch ID situation is a perfect opportunity to take this one step further. Apple offers major disincentives for criminals to tamper with Touch ID and Apple Pay while also scaring consumers into sticking to official company repairs.
Similar conflicts have arisen in the vehicle repair industry. Companies like John Deere and General Motors have argued that they should be the only ones who are allowed to tinker with the software in their vehicles, claiming that individuals or third-parties who accessed and altered the software by themselves would be violating copyright protections. This seems to be both an attempt to keep proprietary software a secret and a move to undermine third-party mechanics. As Kyle Wiens, the co-founder of the “right-to-repair” site iFixit, wrote on Slate last month, “I’m not a lawyer. I’m a repairman by trade and a software engineer by education. … When a farmer friend of mine wanted to know if there was a way to tweak the copyrighted software of his broken tractor, I knew it was going to be rough.”
Apple doesn’t have to leave Touch ID security this way. It could detect hardware changes and require extensive user reauthentication. It could offer third parties some type of parts-vetting process. It could give customers more leeway to choose what risks they want to take. Instead, Error 53 is excessively paternalistic. It’s good to help protect consumers by building in precautions and encouraging the use of high-quality parts, but Apple isn’t a parent. It shouldn’t literally take customer’s phones away if they do something it doesn’t like.