Thoughts on Apple’s Touch ID Fingerprint Reader

Publish date:

I’ve been using my new Apple iPhone 5S for long enough now to form an opinion about Touch ID, it’s built-in fingerprint reader. As a security person, I feel the need to set an example when securing my personal data.  For that reason, I set a complex (6-digit)  PIM on my iPhone.  That’s great, but […]

I’ve been using my new Apple iPhone 5S for long enough now to form an opinion about Touch ID, it’s built-in fingerprint reader.

As a security person, I feel the need to set an example when securing my personal data.  For that reason, I set a complex (6-digit)  PIM on my iPhone.  That’s great, but I have to re-enter it every time I pick up my phone (about once every 5 minutes, throughout my working life!).  That’s a big nuisance, and it’s probably why roughly 50% of iPhone users pre-5S didn’t set a PIN.  But with the fingerprint reader, I can unlock my iPhone quickly and easily.  Now, about 80% of iPhone 5S users set a PIN and register themselves to use the fingerprint reader.  That’s a significant security improvement.

How secure is Touch ID?  In theory, it can be broken: if you have a fingerprint image for the correct finger, you can create a fingerprint overlay for someone else to use.  That’s not trivial to do however (see this link to understand just how difficult it is).  To succeed, you’d need to execute a targeted, carefully-planned military-style operation.  Touch ID may not be good enough for nuclear launch codes, but is good enough for my photographs of cats.

Touch ID doesn’t store fingerprint images in the cloud; it stores them in a special location on the iPhone’s A7 chip, called a secure enclave.  It doesn’t store the image in an externally usable form, it stores a mathematical representation, derived from it, from which it shouldn’t be possible to reconstruct the original image.  Apple claim that even they have no access to this.

Related Posts

Customer Experience

Do you have the right model in place for Segregation of Duties?

Tanya Anand
Date icon October 31, 2018

Cyber Security Risk is a major focus for every major organization today. Much is being made...

Customer Experience

Over-The-Top Providers: how have they revolutionized the customer experience?

Janika Parmar
Date icon October 9, 2018

Who else has paused their social life to be fully engrossed in Netflix or Amazon Prime...

cookies.

By continuing to navigate on this website, you accept the use of cookies.

For more information and to change the setting of cookies on your computer, please read our Privacy Policy.

Close

Close cookie information