Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

Apple's New iPhones - with Fingerprint Biometrics - Expected Today

Apple's New iPhones - with Fingerprint Biometrics - Expected Today
Apple's New iPhones - with Fingerprint Biometrics - Expected Today

At a press conference at Cupertino planned for later today, Apple is expected to announce two new iPhone 5 models -- the 5C and the 5S. Two separate sources now claim that the more expensive of the two, the 5S, will include a fingerprint sensor.

Yesterday evening the Wall Street Journal announced, "People familiar with the matter said last week that Apple will include a fingerprint scanner on the more expensive of two iPhones it is expected to unveil Tuesday."

Separately, French site Nowhereelse.fr this morning published what it claims to be "an official illustration contained in the user guide for the iPhone 5S" that it received from 'a very reliable source.' The illustration clearly shows a round 'button' sited below the screen and labeled 'Home button / Touch ID sensor.'

If true, this may prove the kick-start to consumer biometric authentication that the market has always needed. While the arguments in favor of biometric-based access - especially for mobile phones - have long been accepted, it has needed the confirmation of a market-leading manufacturer. Apple's validation of the technology may force other manufacturers of mobile devices to provide a similar option.

The advantage of fingerprint access is its ease of use. And since the biometric template will almost certainly be stored solely on the device itself, user reluctance to let a third party have control of personal fingerprints - a reluctance likely to be heightened by the Prism revelations - is not likely to be an issue.

This reluctance will only be relevant if Apple decides to use the same fingerprint authentication to provide access to the iCloud. If this were the case, it would need to store the fingerprints centrally where they could become a target for both hackers and the NSA/GCHQ. "The centralized database required for that application," comments Bruce Schneier, "would create an enormous security risk."

That's not to say that local authentication to the iPhone alone is foolproof: "fingerprint readers have a long history of vulnerabilities as well," says Schneier. "The simplest ones just check the ridges of a finger; some of those can be fooled with a good photocopy. Others check for pores as well. The better ones verify pulse, or finger temperature. Fooling them with rubber fingers is harder, but often possible. A Japanese researcher had good luck doing this over a decade ago with the gelatin mixture that’s used to make Gummi bears."

Nevertheless, a fingerprint sensor on the iPhone 5S will provide additional security while remaining easy to use. Provided that the new access system works consistently well and doesn't fail and lock out its own users, then this could prove the start of a new era in the adoption of biometric authentication on consumer devices.

What’s Hot on Infosecurity Magazine?