Newsletters
News & Information for Technology Purchasers NewsFactor Sites:       NewsFactor.com     Enterprise Security Today     CRM Daily     Business Report     Sci-Tech Today  
   
This ad will display for the next 20 seconds. Click for more information, or
Home Enterprise I.T. Cloud Computing Applications Hardware More Topics...
Apple/Mac
24/7/365 Network Uptime!
Average Rating:
Rate this article:  
How Safe Is Apple
How Safe Is Apple's Touch ID, Really?

By Jennifer LeClaire
September 12, 2013 10:17AM

    Bookmark and Share
Apple has probably erred on the side of usability before considering security when it comes to biometrics. Still, Touch ID has to be more secure than a four-digit password, which could easily be cracked in older iPhones. But, then again, how safe is your fingerprint? asked security analyst Paul Henry.
 



Now that the reviewers are done talking about what was missing from the iPhone 5s, some are taking a closer look at what the smartphone has that none of its competitors can claim: full-blown biometrics.

iPhone 5s introduces Touch ID, a James Bond-like way to securely unlock the device with your finger -- or, more accurately, fingerprint. Touch ID is built into the smartphone's home button and uses a laser cut sapphire crystal, together with the capacitive touch sensor, to take a high-resolution image of your fingerprint. The technology analyzes the fingerprint and promises accurate readings from any angle.

The Touch ID sensor recognizes the touch of a finger so the sensor is only activated when you mean to activate it. That preserves battery life. Addressing privacy concerns, Apple said fingerprint information is encrypted and stored securely in the Secure Enclave inside the A7 chip on the iPhone 5s. The data is never stored on Apple servers or backed up to iCloud. Beyond unlocking the device, Touch ID can also be used as a secure way to approve purchases from the iTunes Store, App Store or iBooks Store. Is this secure enough to be the future of smartphone security?

Reliability and Security

We caught up with Paul Henry, security and forensic analyst at Lumension, to get his take on Touch ID from a security perspective. He told us the fingerprint scanner has a potential to be a real game changer for personal device security -- if it's done right. As he sees it, there are two factors that will determine the real success of this new feature, which has undeniable potential: reliability and security.

"There's a lot riding on the reliability factor. Will it work if I go for a swim and try to use my phone with raisin hands? What if it's cold outside and my fingers have shriveled a bit? Can I use my phone then? he asked. "People aren't going to be happy if they're locked out of their phones because of environmental factors."

If it's not both reliable and convenient, users will turn it off, Henry said. He also questions the longevity. The Guardian posted a rumor that there will be a 500-scan limit, which could be used up in six months. Apple could not immediately be reached for comment, but that seems unlikely.

The Jury Is Out

On the security front, Henry is betting that Apple has erred on the side of usability before considering security. Still, Touch ID has to be more secure than a four-digit password, which could easily be cracked in older iPhones. But, then again, how safe is your fingerprint? Think about it for a minute. We leave our fingerprints everywhere -- and they are certainly all over the phone, Henry noted.

Next, Apple said it's securing the biometric data, but is it really safe? "They say it's encrypted and not shared with other applications, but we'll have to wait and see how it works in practice. We also need to know if it's a single sign-on approach. If a single fingerprint grants access to other services -- particularly iCloud -- that's a frightening prospect if Apple hasn't done a truly expert job at securing that local credential," Henry said. "Naturally, we'll continue to have more questions than answers until we can get our hands on some phones later this month to do some testing."

Henry's conclusion: right now all we have is hype. He's waiting for the facts that will inform him whether or not the iPhone 5s will truly be a game changer.
 

Tell Us What You Think
Comment:

Name:

Teen with crazy mom:

Posted: 2013-09-25 @ 9:28am PT
I am worried about my mom using my finger while I sleep to unlock my phone

Steven James:

Posted: 2013-09-14 @ 12:31pm PT
Jennifer, Henry and a lot of other folks are really missing the point. You said it yourself. #1, it is more secure than the passcode #2, it is highly usable .. Apple has taken relatively old technology that often worked terribly, and has made it so that it works.. will there be cases in which it does not work (e.g. raisin hands from soaking in water?) .. SURE... but guess what, I bet there is some other way to access the phone in that case.. .challenge questions or some other way. I guarantee it. That is why the touch ID *must* be used in conjunction with a passcode. If I were CIO of a company, I would insist that all mobile devices we purchase from now on be iOS devices for two reasons: 1. iOS devices are MUCH MUCH less prone to viruses and malware than Windows, Symbian and of course the virus-laden Android (aka Herpes of the mobile operating systems), and 2. with something like Touch ID, Apple is making real attempts and strides at making our devices MORE SECURE and it is making the devices less desirable to steal. Sounds like an awesome bit of technology to me.





 Apple/Mac
1.   Will Next OS X Bring New Apple Grief?
2.   Apple and Samsung Feel the Heat
3.   Apple Faces Suit Over Work Breaks
4.   Earnings, Excitement Grow for Apple
5.   Mac OS Yosemite Beta 4 Released


advertisement
Apple Digital Book Settlement Set
But company still appealing decision.
Average Rating:
Earnings, Excitement Grow for Apple
Momentum mounts as rumors swirl.
Average Rating:
Mac OS Yosemite Beta 4 Released
Public preview could be coming soon.
Average Rating:
Product Information and Resources for Technology You Can Use To Boost Your Business

Network Security Spotlight
Researchers Working To Fix Tor Security Exploit
Developers for the Tor privacy browser are scrambling to fix a bug revealed Monday that researchers say could allow hackers, or government surveillance agencies, to track users online.
 
Wall Street Journal Hacked Again
Hacked again. That’s the story at the Wall Street Journal this week as the newspaper reports that the computer systems housing some of its news graphics were breached. Customers not affected -- yet.
 
Dropbox for Business Beefs Up Security
Dropbox is upping its game for business users. The cloud-based storage and sharing company has rolled out new security, search and other features to boost its appeal for businesses.
 

Enterprise Hardware Spotlight
Watson Gets His First Customer Service Gig
Since appearing on Jeopardy, IBM's Watson supercomputer has been making a living using his super-intelligent knowledge base for business verticals. Now, Watson's been hired for his first customer service job.
 
Tablet Giants Apple and Samsung Feel the Heat
When a company saturates its home market with a once-hot product, expect it to pump up efforts elsewhere. Apple, for its part, is now pushing iPads to big corporations and the enterprise market.
 
Microsoft Makes Design Central to Its Future
Over the last four years, Microsoft has doubled the number of designers it employs, putting a priority on fashioning devices that work around people's lives -- and that are attractive and cool.
 

Mobile Technology Spotlight
T-Mobile Calls 'BS' on AT&T's New Promotion
While Verizon Wireless is moving to throttle bandwidth hogs, a scrappy T-Mobile is taking on the giants with a limited-time promotion it hopes will drive up the churn rates of its wireless rivals.
 
Microsoft Update to Windows Phone 8.1 Already Coming
An update to Windows Phone 8.1 is on the way just weeks after the release of the product itself. Microsoft has begun detailing some of the update features to phone manufacturers.
 
Stanford Researchers Report Battery Breakthrough
Stanford researchers have found a way to use lithium in a battery's anode, a breakthrough that could triple capacity and has been described as the "holy grail of battery science."
 

Navigation
NewsFactor Network
Home/Top News | Enterprise I.T. | Cloud Computing | Applications | Hardware | Mobile Tech | Big Data | Communications
World Wide Web | Network Security | Data Storage | CRM Systems | Microsoft/Windows | Apple/Mac | Linux/Open Source | Personal Tech
Press Releases
NewsFactor Network Enterprise I.T. Sites
NewsFactor Technology News | Enterprise Security Today | CRM Daily

NewsFactor Business and Innovation Sites
Sci-Tech Today | NewsFactor Business Report

NewsFactor Services
FreeNewsFeed | Free Newsletters

About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2014 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.