If Apple’s new iPhone 5S has fingerprint authentication, can it be hacked?

“When Apple bought AuthenTec for its biometrics technology — reported as one of its most expensive purchases — there was a lot of speculation about how the company would incorporate biometrics in its product line,” Bruce Schneier writes for Wired. “Many speculate that the new Apple iPhone to be announced tomorrow will come with a fingerprint authentication system, and there are several ways it could work, such as swiping your finger over a slit-sized reader to have the phone recognize you.”

“Apple would be smart to add biometric technology to the iPhone. Fingerprint authentication is a good balance between convenience and security for a mobile device,” Schneier writes. “Biometric systems are seductive, but the reality isn’t that simple. They have complicated security properties. For example, they are not keys. Your fingerprint isn’t a secret; you leave it everywhere you touch.”

Schneier writes, “I’m sure that someone with a good enough copy of your fingerprint and some rudimentary materials engineering capability — or maybe just a good enough printer — can authenticate his way into your iPhone. But, honestly, if some bad guy has your iPhone and your fingerprint, you’ve probably got bigger problems to worry about.”

Read more in the full article here.

Related articles:
Apple patent filing reveals fingerprint scanner with advanced NFC application built into the Home Button – September 7, 2013
Leaked iPhone 5S home button images strongly suggest fingerprint scanner – September 5, 2013
Photos claim to show iPhone 5S packaging featuring Home Button fingerprint sensor – September 6, 2013
Apple ‘iPhone 5S’ to feature sapphire crystal capacitive touch Home button with fingerprint sensor, says source – May 14, 2013
Analyst: Apple’s next-gen iPhone’s Home button fingerprint sensor would be difficult for rivals to copy – January 16, 2013

23 Comments

  1. The idiot doesn’t know that the AuthenTec solution does not read surface fingerprints but sub-surface characteristics including thermal sensing. IOW they need your live body to get verification.

  2. I’m sure we’ll hear more details tomorrow, but from what I’ve read of AuthenTec’s technology, it scans the subdermal patterns of your fingerprint which may or may not match the surface whorls and patterns of your skin. Thus, it does NOT save a physical image of your fingerprint. So, a scotch tape dusted copy of your fingerprint won’t work. It the sensors also detect temperature, even your detached finger wouldn’t work. I look forward to the presentation to see exactly how it does work.

  3. Interregator: Every minute you don’t tell us why you are here, I cut off a finger.

    Emmett Fitz-Hume: Mine or yours?

    Interregator: Yours.

    Emmett Fitz-Hume: Damn!

  4. If there is no option to ignore finger print scanning, it’ll take longer for adoption.

    Allowing multiple fingerprints for multiple users is not always a good choice.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.