Connect with us

Hi, what are you looking for?

Apple

What security researchers think of iPhone 5S fingerprint scanner

While the API for the scanner is not currently open, the implications of the technology could be huge for the adoption of two factor authentication beyond the enterprise.

Apple has announced the long awaited iPhone 5S and iOS 7. The new smartphone packs a lot of new specs, but the star of the show from a security researcher’s perspective was undoubtedly the biometric fingerprint scanner, Touch ID . While the API for the scanner is not currently open, the implications of the technology could be huge for the adoption of two factor authentication beyond the enterprise. 

iPhone 5S

As mentioned in FortiGuard’s Midyear Threat Report, two-factor authentication (2FA) is expected to replace the single password sign on security model. While adoption of 2FA has seen some mainstream usage in applications like Twitter, Dropbox, Evernote, and Facebook, it has yet to fully replace the convenience of single factor.

After Apple’s announcement, what do threat research experts think of this biometric introduction?

Guillaume Lovet, senior manager, FortiGuard Threat Response had this to say: “From the point of view of a cybercriminal who has trojanized your phone, there is little difference between a fingerprint and a password. If the device is compromised, it can intercept and reuse the digital form of both (say, to complete a money transfer), which boils down to a series of 0s and 1s.”

Advertisement. Scroll to continue reading.

While Apple claims there to be a dedicated stronghold within the new A7 processor where this data will be stored, a breach into that secure layer would usher the biometric authentication method complete useless.

Guillaume added: “From a security point of view, it would be interesting to check if fingerprints carry enough information bits to be used more like a private key (likely protected by a password), that you cannot lose, don’t have to generate and is kind of universal.”

While the fingerprint scanner packs quite a punch at 170 micron thin 500 ppi resolution and the ability to scan sub epidermal skin layers, if the information is stolen, the possibility of using the data like a private key would be moot.

Richard Henderson, a security strategist for FortiGuard Labs, voiced some advice on the topic. “The reality here is that, while Apple is the first to implement a biometric method of authentication on such a wide scale, this is being sold and used strictly as a convenience – not as an additional layer of security,” he said.

Advertisement. Scroll to continue reading.

You May Also Like

COMPUTERS

With Thunderbolt 5, up to 512GB of unified memory, and an up to 16TB SSD, all in a compact design, the ultimate pro desktop...

GAMING

On April 3, Katamari Damacy Rolling LIVE — the Katamari franchise’s first original game in nearly eight years — launches exclusively on Apple Arcade. In this...

HEADLINES

At the end of 2023, Sophos X-Ops noted a significant increase in ‘remote encryption’ attacks – where ransomware attackers breach a compromised and often...

HEADLINES

With the launch of KATA 7.0, organizations can now benefit from enhanced Network Detection and Response (NDR) capabilities with deeper network visibility, internal threats...

Laptops

It also offers support for up to two external displays in addition to the built-in display, 16GB of starting unified memory, and the incredible...

HEADLINES

Ultra is built using Apple’s innovative UltraFusion packaging architecture, which links two M3 Max dies over 10,000 high-speed connections that offer low latency and...

HEADLINES

In 2024, Globe blocked 3,096 child pornography domains or those containing child sexual abuse and exploitation materials (CSAEM), a slight increase from 3,047 domains restricted...

HEADLINES

During a recent webinar on Building Resilience Against Online Scams, hosted by fiber broadband and technology provider Converge ICT Solutions Inc., its Chief Executive...

Advertisement