It’s not the most obvious route for someone with bad intentions to take, but theoretically AirPods have a possible security loophole built in, in the form of Siri. Since the first generation of Apple’s true wireless earbuds, users have had access to Siri, which could potentially tell anyone the contents of the connected iPhone without unlocking it, as long as the wearer is close enough.
But a new patent application (opens in new tab), spotted by Patently Apple (opens in new tab), suggests the company is pondering ways of closing this possible exploit, and it has come up with two solutions.
The first would require a future set of earbuds to use ultrasonic signals to detect the shape of the wearer’s ear canal to ensure it matched the owner’s. “Various characteristics of the user’s ear provide an echo of the ultrasonic signal which is unique to the user,” the document explains. “Variations in the surface of the user’s ear canal may cause the ultrasonic signal to reflect off the surface and generate an echo having a signature that is associated with the user.”
This would presumably require a new sensor, but there is an alternative which sounds like it could be introduced to all models without an upgrade: gait information from a connected iPhone or Apple Watch to identify you by your walk. “The gait information may include, for example, information regarding a user’s walking and/or running characteristics, such as characteristics related to steps, pace, stride, and the like,” the patent says.
The advantage of both of these over, say, limiting Siri to those with a matching voice as explored elsewhere, is that they would prevent accidental privacy breaches where Siri reads out text messages or calendar appointments to someone who has innocently borrowed a set of AirPods with permission. If the ear or the gait doesn’t match, Siri could just stay silent. It’s quite an elegant solution, although doubtless some will be concerned about Apple having a record of how they walk or their ear canal’s dimensions.
For now, however, that’s a theoretical dilemma. This is, after all, just a patent, and patents aren’t always acted upon or indeed approved; there's no indication this could make it into the rumored AirPods Pro 2, for instance. All the same, it’s interesting to see that Apple is keen to explore its reputation for privacy, even in areas which probably have very limited real-world exploitation.