An Eye for an Eye, A Finger for an iPhone

The launch of Apple’s new iPhone 5S has been dominated by talk of its fingerprint scanner. So, will this technology become more commonplace now or will security concerns stamp out Apple’s handiwork?

The reaction to the iPhone 5S has been mixed to say the least. Fans of the technology are claiming that its biometrics technology will solve the problem of easily hacked passwords. Critics, however, argue that fingerprint scanning technology can be easily spoofed when it takes residence in a consumer device such as the iPhone.

Fingerprint scanning is not a new idea; let’s not forget that Motorola did this in 2011 with the Atrix 4G. Sadly, it just wasn’t very effective as the feature didn’t always work. The scanner on the iPhone 5S works by using a camera to take an image of your fingerprint. It then encrypts and stores fingerprint data on the phone’s own hardware. The phone can then be unlocked using this “digital signature” by comparing the stored image to the one taken by the scanner. This signature can also be used to make purchases in the iTunes, iBooks or App stores. A traditional passcode is also needed but only if the phone hasn’t been touched for 48 hours or if it has undergone a recent reboot.

Stuart Coulson, head of security at Secarma said: “This new scanner is supposed to read between the dermis and epidermis, in theory making this more secure. However, it depends if it is a good scanner.  Remember, we are taking corporate security and trying to shoehorn it onto a tiny consumer device. There will have been compromises made in order to do this and as such these compromises may weaken the security.”

Risk Factors:

• Physical Attack: Let’s start with the most macabre, because that’s how we roll. This is not the first finger print scanning technology that we have seen. In 2005, a man’s fingertip was cut off by thieves who stole his Mercedes S-Class, a car that was “protected” by a fingerprint recognition system!
• Privacy Concerns: Apple have said that they will not upload fingerprint images to their servers, including the iCloud but many people remain to be convinced and are worried that the NSA will be able to access their private data if it is stored in the iCloud. Apple is a company that has allegedly taken location data without user consent in the past so some people remain sceptical.
• Cybercrims: Cybercriminals love a challenge and will be trying to spoof this feature now.  There is the chance that they will simply get smarter and develop ways to work around the fingerprint scanner and perhaps even other fingerprint scanners too.

So, what do you make of the new iPhone? Will it bolster the security of these devices or put all of our thumbs at risk?