; Date: August 8, 2019
Last fall while traveling outside the USA, the battery in my iPhone 6 suddenly stopped holding a charge. The battery health app had shown troubling results for awhile, so I jumped to the conclusion that the battery had died. A search online located a cell phone repair shop nearby, and I went there for them to swap the battery. Afterward the new battery - the shop technician said it was a new battery that was perfectly fine - showed a battery health of 92%. So.. maybe the technician lied and sold me a bum battery. I don't know.
I tell this story because a similar scenario applies to the iPhone XR, XS and XS Max.
What would be your response to a similar situation? You've gone to a shop, had the battery replaced, and now the iPhone built-in Battery Health app gives a message like this:
Wouldn't you think the shop that had replaced the battery had pulled a fast one on you? I sure would, as demonstrated by my story above.
I apologize that the first screen capture is a little blurry - it came from the attached video at the bottom of the screen. But what's clear is this says Service and then on the next screen we're told this iPhone cannot be verified to have a genuine Apple battery.
What's shown in the attached video is a fellow in Shenzen China, going into a market where it's possible to buy used iPhone parts. He bought a genuine Apple iPhone battery that matched his phone. The battery not only had the Apple logo's, but was built the way Apple builds batteries, and not like the cheap knockoffs.
So... He has an official genuine Apple battery, which he inserted into an iPhone. And the iPhone shows such a warning message.
The demonstration goes a step further. He also has a blank no-name battery which the iPhone recognizes as being absolutely genuine. How did he do this?
What's going on is that Apple has closed off the possibility for an independent repair shop to replace iPhone batteries.
Cryptographic authentication of the fuel gauge chip
How did Apple do this? For the explanation the fellow turns to documentation for the Texas Instruments bq27546 Single-Cell Li-Ion Battery Fuel Gauge chip. Apple uses a kissing cousin to this chip, but as there is no documentation for Apple's chip the fellow can only show us information for this chip.
This is a chip for which it is possible to add cryptographic signing for authentication. Apple has used this (or similar) chips for several years, and has seemingly now begun implementing this feature.
This authentication feature is a perfect explanation for why the iPhone battery health app describes a genuine Apple battery as if it is a bogus battery.
Namely - for the iPhone to recognize the battery as being legitimate, the battery has to be paired with something on the iPhone logic board.
No-name blank battery recognized as legitimate? Huh?
Let's return to the puzzle of how the blank non-name battery is recognized as a genuine battery. What he did was to remove the "fuel gauge" board from the battery that originally came with that iPhone, and spot welded that board onto a blank non-name battery.
Therefore - whatever the iPhone is checking is on that fuel gauge board. And as we've seen the fuel gauge chip has a feature allowing for cryptographic authentication.
Cryptographically authenticated computer innards impedes Right to Repair
This is exactly what we've been discussing for Mac's with the T2 Security Chip over the last few days.
On Mac's, Apple has inserted the T2 Security Chip (see What is the T2 Security Chip on modern MacBook's) which contains cryptographically signed authentication keys. Apple is using this to authenticate Mac's against both hardware and software. See these articles for details:
- Can a MacBook or other Apple computer with broken T2 security chip be repaired?
- Apple possibly preparing to eliminate hackintoshing via T2 Security Chip
Apple has a similar chip in place in iPhones for some time. For example it's well known that the Touch ID button is cryptographically paired with the iPhone for security reasons.
We can easily understand why a Touch ID button is cryptographically paired. There are serious security reasons for that. We get that, and Apple is making a big show of helping us out with security features.
But -- a battery? Is there any legitimate security reason to implement this for batteries? Nope.
Bottom line is this is yet another infringement by Apple upon The Right To Repair.