New iPhone 5S Fingerprint Scanner: How Secure Is It?

October 2013: The new iPhone’s Touch ID unlocks your phone using your fingerprint — super convenient! It’s also super controversial. Hackers have already found a way around it by creating a fake latex fingerprint.

So is a fingerprint scanner really any safer than a four-digit PIN? Here’s what every smart frog should know about what’s convenient, secure and risky about Touch ID:

The hacking group that lifted a fingerprint and recreated it in latex not only won an online contest, they proved that biometrics, or body-based passcodes, work best when they’re layered with other authentication factors. A fingerprint alone isn’t foolproof.

Although someone needs CSI-level skills to pull off the hack! Is the information on your iPhone worth the trouble? Only you know for sure.

What’s convenient about Touch ID:

  • It’s easy. No swiping or typing, just touching. Hold your finger on the Home button and you’re in. Apple’s video shows how it works.
  • You always have your finger with you. (Well, unless there’s some unspeakable catastrophe.)
  • Exact finger placement is not required. Your finger can be a little crooked or even sideways and Touch ID will still recognize it.
  • It’s optional. You can still use the four-digit passcode if you prefer. And you can switch back and forth.
  • You can use more than one finger (or even a toe) because Touch ID stores five different fingerprints. Which means you can also share access with a friend.

What’s secure about Touch ID:

  • Something is definitely more secure than nothing. Only about half of iPhone users bother with passcodes, so more convenience means you might be more likely to lock your phone.
  • No one else has your fingerprint.
  • Fingerprint information is encrypted and stored inside the phone where it’s not available to other apps or on iCloud.
  • Someone can’t cut off your finger and use it to get in your iPhone. Apple says the technology reads the living layer directly underneath your skin.
  • Someone can’t use a picture of a fingerprint, a technique used to thwart some facial recognition software, because the data isn’t stored as an optical representation.
  • A backup passcode is required.

What’s risky about Touch ID:

  • If someone figures out how to un-encrypt your fingerprint information on your iPhone and steal it, your fingerprint is compromised…forever.
  • Someone can “sleephack” you by using your sleeping finger to unlock your phone, either as a joke (this image went viral just after the iPhone 5S release) or not so much.
  • You may not be protected under the Fifth Amendment if law enforcement wants to compel you to open your phone with something you have (your finger) as opposed to something you know (a passcode).
  • Not answering Senator Al Franken’s questions, if you’re Apple. He sent a letter to Tim Cook, Apple’s CEO, asking 12 important privacy questions.
  • Assigning one of your saved fingerprints, er…pawprints, to your cat. They’ve been known to hold grudges.

Also, if you’re sweaty or lotion-y, you may have trouble using Touch ID. So either wipe your hand really well or use the passcode. But whatever you do, smart frog, keep your smartphone locked!

You may also be interested in: