Smartphones let us bring our photos, email and social media everywhere we go.
Many of us use smartphones for mobile banking, shopping and storing important, private information. Despite that wealth of stored data, Apple reports that half of all iPhone users ignore the passcode lock feature. Many users say it’s just too cumbersome to tap in a passcode every time they need their phones.
But that leaves information vulnerable if their phones are lost or stolen.
So Apple’s iPhone 5S includes fingerprint-scanning technology called Touch ID to unlock the phone and make iTunes purchases. Some are calling it a key development: a more secure way to authenticate mobile transactions and protect your data. Others are concerned about privacy, worried that users’ fingerprints will be kept on record at Apple or made available to third-party software developers.
The biggest benefit of using a fingerprint scan to unlock your phone is its simplicity. While critics insist that even fingerprint security is vulnerable to hacking, it’s certainly more of a theft deterrent than having no lock on your phone at all.
Could a thief lift your fingerprint from elsewhere on the phone and use it to unlock the device? Touch ID uses a sensor in the steel ring around the home button to ensure that only materials of certain conductivity will register. The sensor uses data from your finger’s sub-epidermal layer, not just the surface, making it much more difficult to replicate.
Could someone hack your phone and get access to your fingerprint data? Instead of just using a photo of your fingerprint, Touch ID “creates a mathematical representation of your fingerprint and compares this to your enrolled fingerprint data to identify a match and unlock your iPhone,” Apple’s website says.
Touch ID doesn’t store any fingerprint photos, nor could your fingerprint be reverse-engineered from this mathematical equation.
Could a hacker get access to my fingerprint data on Apple’s servers? Fingerprint data is encrypted and is stored in a unique area of the phone’s memory chip, walled off from the rest of the operating system. According to Apple, “your fingerprint data is never accessed by iOS or other apps, never stored on Apple servers, and never backed up to iCloud or anywhere else.”
Could this fingerprint data be used to identify me through other fingerprint databases? Because it’s a mathematical equation, not an actual fingerprint, only Touch ID can use the data. Apple assures users that it can’t be used to match a consumer’s fingerprint against another fingerprint database.
Apple insists that the company has no immediate plans to allow third-party app developers access to Touch ID to incorporate fingerprint authentication in their programs.
However, having the fingerprint scanner built into the phone offers some intriguing future-use security. Passwords or passcodes are relatively easy to hack, and many users allow their device to auto-login to avoid entering a password every time. If it proves reliable, fingerprints would be a much safer way to authenticate your identity for mobile banking, online purchases or any app that maintains your personal data.
The implications for using your smartphone as a mobile wallet are also promising. No more easily stolen credit card numbers – use your smartphone to pay for purchases both online and in person while trusting that only you can access your money.
As a form of personal identification and transaction authentication, fingerprint scanning could be the future of mobile security. For now, it makes securing your iPhone from thieves easier than ever.
Andrea Eldridge is CEO of Nerds on Call, a company based in Redding, Calif., that offers onsite computer and home theater setup and repair. Contact her at www.callnerds.com/andrea. Distributed by Scripps Howard News Service, www.shns.com.
Evansville Courier & Press (IN)