Digirati Hub

The iPhone 5 and the great fingerprint authentication debate

The iPhone 5 is about to be delivered to a store near you and even if you have no desire to keep up with the Joneses the security question raised by its fingerprint recognition capabilities is universal. So has convenience gone rogue into major security risk territory or are some people just fear-mongers who’re a little behind the times?

The Bad News

This technology is by no means new, in fact the Motorola Atrix had fingerprint authentication capabilities and laptops have used this method of identifying users as well. Despite the technology floating around for years this will be the first time it’s rolled out in such large numbers, making it mainstream. Consumers definitely have their concerns – buggy software that makes the device more difficult to use rather than making it quicker, safer and easier. There has to be a reason why fingerprint scanning hasn’t caught on yet and security fears are a big part of that. There are worries about the storing of the prints in question – how will your unique print be stored and how easy would it be to crack that biometric code and gain access to prints not belonging to you?

As with Android’s facial recognition authentication, there is a worry that a picture of the print could be used to scan into a stolen device. This is particularly concerning now that Cloud computing is so prominent and user’s devices are essentially linked to their whole lives . The simple swipe of a copied print could help hackers gain access to not just your contacts and messages but a great deal of all your information across the services you subscribe to.  Of course the data will be encrypted but time will tell how well this was done.

The Good News

On the plus side, there seems to be a general consensus that fingerprint authentication is still much more secure than the traditional four digit method. It should also be quicker and last but not least of all, it will feel better. Apple’s big on user experience and this method of user identification certainly feels like the kind of thing we’ll enjoy doing on our shiny new phones. If the scan system malfunctions (or you burn off your fingerprints) you will still be able to enter a code the old fashioned way.

Assuming that the system works as planned with next to no issues this will absolutely put pressure on other manufacturers to get with the program. iOS certainly has a lot of industry sway and this could be the big break that this technology needed to go mainstream. However if it fails then it could be years before anyone dares try this again. Paul Henry, a forensic and security analyst at IT security company Lumension had this to say of the technology’s viability – “There are two factors that will determine the real success of this new feature, which has undeniable potential,” he says. “First, reliability and second, security—though as a security researcher, I have to say it should really be security first.”

 

Leave a Reply