Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Open sesame: How iOS 8 will unlock Touch ID's power

Marco Tabini | July 23, 2014
As iOS 8--and, presumably, new iPhone and iPad hardware--approaches its release day, big changes are on the horizon for Apple's Touch ID, a technology that has been met with less enthusiasm than it deserves.

I heard that Touch ID can be easily hacked. Is it really secure?

Allow us a slightly more nuanced answer than a simple yes or no.

If you don't currently lock your handset with a passcode, Touch ID is infinitely more secure than not having any protection at all. Unless all you do with your iPhone is play Flappy Bird, you're walking around with a veritable treasure trove of personal information that a thief could use to, quite literally, destroy your life.

If you do use a passcode, the answer is a little more complicated. In theory, someone could lift your fingerprint and use it to unlock your device without your finger being anywhere in the vicinity. There are also questions of whether using a biometric sensor could lead to unintended legal consequences should you ever run afoul of the authorities. We should point out, however, that the process required to lift a fingerprint is neither simple nor quick, requires specialized tools, chemicals, and a significant amount of good luck — and can only be performed by a very determined thief who has ready access to everything you touch.

And passcodes are not without their problems, either. As recent studies show, a determined criminal could use video surveillance in a public place to make pretty good guesses about your secret code — and without being anywhere physically near you — then steal your device and cause plenty of damage in a matter of minutes. Frankly, that seems easier than stealing your fingerprints.

Ultimately, in deciding whether Touch ID is right for you, you will have to balance your need for security with the convenience of not having to type in your passcode fifty times a day just so that you can check your email. In practice, we think that Apple's biometric solution is great for the vast majority of users. If you're worried about your spouse, friends, or colleagues going around your home or office playing Mission: Impossible with your fingerprints, you're probably overlooking much easier ways that they have to gain access to your personal information — like, say, waiting for you to take a trip to the kitchen for a cup of coffee and installing a key logger (or just taking a quick peek at your inbox) on your unlocked computer.

But I don't want to give Apple my fingerprints!

That's not really a question, but we've heard it often enough over the last few months that we're going to break the rules and answer it anyway.

Here's the good news: Your fingerprints are safe.

Touch ID doesn't actually store a picture of your fingers; instead, it computes a really large number, called a biometric hash, that can be used to identify the individual characteristics of your finger, but that cannot be used to reconstruct a visual representation of its features. Hashing is widely used throughout the computer industry and is considered very secure — in fact, if you feel so inclined, you can grab a coffee (or maybe something stronger) and spend a few hours going over some math that explains how these algorithms work.

 

Previous Page  1  2  3  Next Page 

Sign up for CIO Asia eNewsletters.