Connect with us

Hi, what are you looking for?

Apple

What security researchers think of iPhone 5S fingerprint scanner

While the API for the scanner is not currently open, the implications of the technology could be huge for the adoption of two factor authentication beyond the enterprise.

Apple has announced the long awaited iPhone 5S and iOS 7. The new smartphone packs a lot of new specs, but the star of the show from a security researcher’s perspective was undoubtedly the biometric fingerprint scanner, Touch ID . While the API for the scanner is not currently open, the implications of the technology could be huge for the adoption of two factor authentication beyond the enterprise. 

iPhone 5S

As mentioned in FortiGuard’s Midyear Threat Report, two-factor authentication (2FA) is expected to replace the single password sign on security model. While adoption of 2FA has seen some mainstream usage in applications like Twitter, Dropbox, Evernote, and Facebook, it has yet to fully replace the convenience of single factor.

After Apple’s announcement, what do threat research experts think of this biometric introduction?

Guillaume Lovet, senior manager, FortiGuard Threat Response had this to say: “From the point of view of a cybercriminal who has trojanized your phone, there is little difference between a fingerprint and a password. If the device is compromised, it can intercept and reuse the digital form of both (say, to complete a money transfer), which boils down to a series of 0s and 1s.”

Advertisement. Scroll to continue reading.

While Apple claims there to be a dedicated stronghold within the new A7 processor where this data will be stored, a breach into that secure layer would usher the biometric authentication method complete useless.

Guillaume added: “From a security point of view, it would be interesting to check if fingerprints carry enough information bits to be used more like a private key (likely protected by a password), that you cannot lose, don’t have to generate and is kind of universal.”

While the fingerprint scanner packs quite a punch at 170 micron thin 500 ppi resolution and the ability to scan sub epidermal skin layers, if the information is stolen, the possibility of using the data like a private key would be moot.

Richard Henderson, a security strategist for FortiGuard Labs, voiced some advice on the topic. “The reality here is that, while Apple is the first to implement a biometric method of authentication on such a wide scale, this is being sold and used strictly as a convenience – not as an additional layer of security,” he said.

Advertisement. Scroll to continue reading.
Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

ELECTRONICS

Philips EasyKey partnered with Megaworld and equipped their world-class properties with only the best-in-class smart locks we have on offer, the Philips EasyKey 9300.

HEADLINES

The PLDT wireless unit is also calling on customers to report these messages to Smart’s HULISCAM portal for further action.

HEADLINES

Here are some tips from Sophos for staying secure online during the cybersecurity awareness month.

Tablets

The ultraportable iPad mini is more capable and versatile than ever with the powerful A17 Pro chip and support for Apple Pencil Pro.

Biz Solutions

Any verified business can now create a consistent brand and location presence across apps that customers use every day, including Apple Maps, Wallet, and...

HEADLINES

While only 21% of hackers believed that AI technologies enhance the value of hacking in 2023, 71% reported it to have value in 2024....

HEADLINES

Kaspersky has enhanced its Kaspersky Industrial CyberSecurity (KICS), a native XDR Platform for industrial enterprises, and streamlined Managed Detection and Response (MDR) for Industrial...

HEADLINES

Apple Immersive Video is a remarkable media format that leverages ultra-high-resolution 3D video and Spatial Audio to put viewers in the center of the...

Advertisement