Once compromised, no way back
In addition, people usually don't communicate their fingerprints to third parties. Our fingerprints are in biometric passports, so they are known to our own governments, but that's usually about all. With Apple's Touch ID, aren't we making it easier for cyber criminals to get our fingerprints (and re-sell them on the black market for whatever nefarious intent)? Additionally, our fingerprints are not replaceable: once they have been compromised, there is no way back, it's not like a key pair, we can't just generate a new one...
While Apple's biometric approach is not foolproof, the good news is that the iPhone 5s has elicited mass interest in the possibility of moving away from typical single-factor authentication and into multi-factor authentication. In its Mid-Year Threat Report, Fortinet's FortiGuard Labs has mentioned two-factor authentication will be expected to replace the single password sign on security model. While adoption of two-factor authentication has seen some mainstream usage in applications like Twitter, Dropbox, Evernote, and Facebook, it has yet to fully replace the convenience of single factor.
Guillaume Lovet is Senior Manager, FortiGuard Threat Response Team, Fortinet.
Sign up for CIO Asia eNewsletters.