Can the iPhone Popularize Fingerprint Readers? 356
Nerval's Lobster writes "Apple's iPhone 5S features a fingerprint scanner embedded in the home button. Of course, fingerprint-scanning technology isn't new: Bloomberg Terminals feature a built-in fingerprint reader to authenticate users, for example, and various manufacturers have experimented with laptops and smartphones that require a thumb to login. But the technology has thus far failed to become ubiquitous in the consumer realm, and it remains to be seen whether the new iPhone — which is all but guaranteed to sell millions of units — can popularize something that consumers don't seem to want. Security experts seem to be adopting a wait-and-see attitude with regard to Apple's newest trick. 'I'd caution right away, let's see how it tests and what people come up with to break it,' Brent Kennedy, an analyst with the U.S. Computer Emergency and Readiness Team, told Forbes. 'I wouldn't rely on it solely, just as I wouldn't with any new technology right off the bat.' And over at Wired, technologist Bruce Schneier is suggesting that biometric authentication could be hacked like anything else. 'I'm sure that someone with a good enough copy of your fingerprint and some rudimentary materials engineering capability — or maybe just a good enough printer — can authenticate his way into your iPhone,' he wrote. 'But, honestly, if some bad guy has your iPhone and your fingerprint, you've probably got bigger problems to worry about.'"
NSA (Score:0, Insightful)
And now the NSA will have a finger print database for all iphone users with minimum effort.
Re:To be honest (Score:2, Insightful)
Gee, now we have a nice fingerprint to user database.. and Apple didn't even have to try this time!
Re:Laptop fingerprint fad (Score:5, Insightful)
Look at how many mp3 players there were before the iPod...
"sub-epidermal skin layers" (Score:5, Insightful)
We'll have to wait to find out exactly what they're referring to, but if implemented well this should be resistant to fingerprint lifting. Only the outer layers of your finger's skin touch objects. You'd have to have somebody else touch a sensor like this one and then try to recreate the capacitive map.
Can we kill these fingerprint rumors? (Score:2, Insightful)
Re:if someone has your iPhone..... (Score:5, Insightful)
The iPhone 5s doesn't store the fingerprint itself, it just stores specific data points. Apple states that the fingerprint data is stored a secure portion of the A7, and it never uploaded to iCloud, or stored on Apple's servers, and never leaves the iPhone itself.
Also, I'd be very surprised if the stored data isn't hashed.
It does tend to store the fingerprints of everyone who's touched it recently on the surface of the device.
Wrong Question (Score:4, Insightful)
"But the technology has thus far failed to become ubiquitous in the consumer realm, and it remains to be seen whether the new iPhone — which is all but guaranteed to sell millions of units — can popularize something that consumers don't seem to want."
This is not how Apple thinks of design. Instead of asking people "Do you want a fingerprint scanner?" the question they ask themselves is "How do we make security easier if not completely transparent to the end user?" If you asked people if they wanted to be secure without having to do anything at all, your answer would be different. The fingerprint scanner just happens to be the right solution to the problem (in Apple's opinion).
Re:uhmmm (Score:3, Insightful)
Did someone just imply that fingerprint scanners are a new technology? I was under the impression that it was not a secure technology and thus not used widely. Maybe new for Apple but I've got a couple old junk notebooks with fingerprint scanners here somewhere...
Two big differences. 1) This reads living tissue under the skin, which is more secure than a simple fingerprint that can be found anywhere. 2) This is integrated into something you touch already, the home button. It doesn't add any additional steps for the user.
Another example of Apple taking an old idea and applying it in a very elegant fashion.
Re:NSA (Score:5, Insightful)
And now the NSA will have a finger print database for all iphone users with minimum effort.
Stop this. Stop it this very instant. The NSA (or any other nefarious creature / corporation / government entity / evil deity) is not interested in a user's fingerprint.
First, as has been mentioned ad nauseaum, you don't get a fingerprint - you get a hash of an output off a sensor that relates to a fingerprint.
Second, even if you could reconstruct the loops and whorls of the fingerprint then so what? You leave a veritable trail of fingerprints (and DNA and a host of other things we don't want to talk about here) everywhere you haul your ugly bit of meatspace around to. Nobody cares about a single fingerprint. The only valid concern is whether or not someone can take an existing copy of your fingerprint and gain access to the device. We shall see.
IF it works (big if) then it's a fine bit of biometrics to allow you to play Angry Birds. If you are carrying more sensitive information on your iPhone and you don't have it encrypted separately from phone access, sucks to be you.
Not every bit of security has to be able to foil three letter government agencies.
Re:To be honest (Score:4, Insightful)
Well, it should come in handy when the Feds are investigating "terrorists."
Re:i can always wipe my phone remotely (Score:5, Insightful)
if you have some super secret corporate info on your iphone you should be relying on a lot more than a consumer level fingerprint scanner for security
Especially when it's on a glass device that's covered with your fingerprints....
Re:How do you change your fingerprints (Score:4, Insightful)
Re:To be honest (Score:5, Insightful)
Yes, they did *claim* that.
Re:The real concern .. the real fear .. (Score:4, Insightful)
Um, so I have to comment on this.
Again Apple has stated this information is not stored on a cloud or server. It also doesn't send your fingerprint scan to a server, your fingerprint generates a data key that is compared against data stored in an encrypted section of the CPU. So there is no centralized "data" to send to the NSA, court approved or otherwise. Apple is not consolidating a list of user profiles with fingerprint scans that the NSA or any policing agency could then demand access too.
Leaving a fingerprint on a cup at Starbucks is not going to lead to the NSA hacking into your iTunes account to profile your taste in music and movies to find out if you are a suspect terrorist.
You have the audacity to ask people to learn by the news, but when the news is spreading FUD and garbage all you are asking, and contributing to, is an increase in social ignorance.
The only thing I fear these days is a growing lack of common sense and outright stupidity of the Idiot Elite that would rather believe in Hollywood fictitious level of government conspiracy, and "report" on it, rather than actually trying to understand the science of the technology they are using.
Re:uhmmm (Score:5, Insightful)
It's how you apply the tech, and what you do with it. The ATRIX 4G had a fingerprint sensor, but it was definitely a less elegant implementation, having to swipe your finger down across a sensor on the back of the phone. Apple puts it right where you always touch to activate the phone anyway, and dooesn't even make you change your behavior -- just touch. It also allows touch from any orientation and tilt of your finger so you don't have to worry about getting the touch perfect.
Fingerprint scanning while allowing the user to not do anything special to scan the fingerprint. That's the elegance. That's what's going to get it used in large numbers as opposed to the ATRIX, where it ended up being a rarely used gimmick.
Re: To be honest (Score:4, Insightful)
People will absolutely find out if their prints are indeed uploaded or stored on their device. Apple knows this, they've learned it the hard way when someone found out about the storing of geo-data and made an app to show the travel log of any iPhone user a few years ago.
I don't think Apple would make these claims (without anyone asking no less) if they weren't true. If they were storing this data, they would have been quiet about it, don't you think?
Re: To be honest (Score:5, Insightful)
I don't think Apple would make these claims (without anyone asking no less) if they weren't true. If they were storing this data, they would have been quiet about it, don't you think?
No, I don't think so. I don't have any reason to trust Apple, and you shouldn't either. You have to realize that you don't have the whole story when an agency like the NSA refers to Apple as "Big Brother" [iclarified.com]. If the NSA thinks Apple is Big Brother and its customers are zombies, then why would you put any level of trust into Apple to not use your personal data however they please? Both Apple and the NSA know that Apple's customers don't care about things like that, what they care about is owning the newest Apple device, regardless of what that entails. Apple can quietly push out any update they want and people won't care once it leaves the news cycle.
Re:Not so fast... (Score:5, Insightful)
And that's really the point of the fingerprint sensor. Because if you look at statistics, most users do not use a PIN or other locking mechanism on their phone. They use the default keylock. That's it. No PIN, no swipe, no face recognition, no password (both iOS and Android support "complex" authentication that goes beyond a PIN). And it's understandable because a user interacts with their phone hundreds of times a day and it gets old quick.
So basically to amp up security, the 5S lets you replace the PIN with a fingerprint, because it's better if most users enable a PIN than half of them (or less!) do. Hell, I might want to use a complex password if it means I don't have to enter it every 5 minutes because I look something up, then re-lock the phone only to need it a few minutes later to look up something else (or answer a phone call, or text, or whatever).
And yes, until it broke, I loved the fingerprint sensor on my laptop.