Apple’s New iPhone – Fingerprint ID? Can it Be Hacked?

fingerprint-1Rumor has it that Apple is launching its new iPhone Tuesday with fingerprint authentication, a major new technology that should give Apple a leading edge in big markets like enterprise computing and mobile payments.

It is possible that the fingerprint tech will be near the home button at the bottom of the device, the most logical place since it is the first place users touch when they open their phones.  Once the print has been verified, the full screen will automatically display without the user having to swipe and enter a four-digit PIN.

This is clearly the wave of the future providing much greater security than passwords and PINS and strikes a good balance between convenience and security for a mobile device.

But How Secure is it Really?

Your fingerprint isn’t a secret; it is imprinted on almost everything you touch.  And, according to Bruce Schneier, security technologist,  fingerprint readers are known to have a long history of vulnerabilities.  Some are better than others.  The simplest ones only check the ridges of a finger, some of which can be fooled with a decent photocopy.  Other readers check for pores as well.  The more sophisticated ones verify pulse or finger temperature.  Although fooling them with rubber fingers is harder, it is possible. About ten years ago, a  Japanese researcher had success doing this with the gelatin mixture that’s used to make Gummy Bears. Tasty and effective!

Can it Fail?

Authentication can fail in two ways.  It can mistakenly allow an unauthorized person access, or it can mistakenly deny access to an authorized person.

If Apple’s new iPhone has biometric security, and it may, it seems reasonable that the designers will have created a way for the user to always get in.  Failures are likely to be more common in cold weather and when fingers are water logged from swimming or showering.  But, there will likely be the traditional PIN system to fall back on.

Schneier also states that the final problem with biometric systems is the database.  A centralized system, with a large database of biometric information, will be vulnerable to hacking.  He believes a system by Apple will almost certainly be local — you will be able to authenticate yourself to the phone but not to any network — eliminatng the need for a centralized fingerprint database.

I am a luxury real estate professional.  If you would like to schedule a buyer or seller meeting, feel free to call me directly at 305-898-1852 or email me at Wellins.D@ewm.com.

Let’s Connect