Apple’s latest unveiling of iPhone 5s/5c created a big buzz among geeks and techies around the world. The product which is set to release on September 20 earned various feedbacks and reviews with its fresh and surprising features. But what really stood out during the launching event was the controversial Touch ID fingerprint reader.
Considered as one of the popular forms of biometrics, fingerprint scanning is inexpensive and easy to implement compared to other forms of body feature scanning, and it is more excellent than voice recognition. However, by itself, it is not a remedy for weak passwords and highly delicate information. That is why the birth of Touch ID with Apple’s iPhone 5s is both a nice idea and just one level of device security.
Biometrics-based access controls determine a physical feature produced by human entity. Common forms generated by human action are fingerprint characteristics, typing analysis and voice recognition.
The fingerprint and other attributes are not themselves stored. Instead, these fingerprint features are converted to a numeric value, which is stored in a safe location. This is performed during registering a user with a biometrics solution. Once the user presents his or her measured characteristics to a sensor for prospective admission, the algorithm converts again the data to a value and compares the new value to the saved value. If they match, identity verification follows and authentication is successful.
Touch ID in iPhone 5s
Security is always a concern for IT admins. It’s a thing to worry for; the more technology gets high end, the more security remedies should come up. While iPhone, like its Android correspondents, allows for remote swiping of devices, iPhone security steps up via biometric protection. No need to worry about someone watching over your shoulder when you key in your password because with the iPhone 5s, passwords will become a thing of the past.
Consumers who usually give their iPhones to kids will also discover the extra protection that Touch ID provides them when it comes to reassuring in-app products. You can hand your glossy new 5s to your little John and Jane happy knowing that they can’t damage you by blowing away thousands of bucks on in-app purchases.
Another good thing about Touch ID is that it brings two-factor authentication to the iPhone, combining a passcode (something you know), and your fingerprint (something you have) to radically boost security. This upgrades the level of security between the corporate network and the users for both enterprise and BYOD.
Apple announced that about half of iPhone users are not bothered with passcodes, and this means that the iPhone is an easy target for thieves looking for a device that enables them to make a quick few bucks. The installation of fingerprint authentication plus the new features in iOS 7 tying an iPhone to a specific Apple ID is such an innovative way to be far less tempting to swindlers and miscreants.
Who Benefits Touch ID the Most?
While consumers will definitely benefit from the ease and convenience of using a fingerprint sensor as opposed to tapping in their passcode to unpack their iPhones, the real market that benefits from this are enterprise purchasers and BYOD. BYOD refers to employees who bring their personal devices to the workplace and connect it to the corporate network.
However, the Fast Identity Online (FIDO) Alliance warned that Apple is required to use open standards for interoperability. “No matter how good an authentication solution may be–Apple’s or any others–until there are open standards for interoperability, the backend and the need for federated identity cannot be addressed, and nothing really changes, FIDO added.
Spotting the Downside
Apple does the exact thing by keeping the converted biometrics measurement in the new A7 chip, a secure location on the iPhone. It is never shared outside the smartphone. Although this is an excellent report, it still doesn’t stop fingerprint forgery. The idea of how will iPhone control forgeries is still an unknown matter. However, we can expect how easy or difficult it will be for hackers to respond aggressively to this new opportunity.
IT professionals claimed that none of Apple’s Touch ID controls performs well when the phone is actually in the hands of an invader. The combination of fingerprint biometrics with the passcode is no replacement for data destruction services and internet-based device location, just like McAfee’s Mobile Security and Apple’s Find My Phone. It is not also a substitute for controlling automated policy enforcement what users can do and store with their iPhones. And lastly, the Touch ID feature does not unseat layered mobile security controls.
Touch ID provides the ways to shelter user iPhones while providing a fast access. Security controls backing up Apple’s fingerprint biometrics consist of fingerprint value encryption, prerequisite for a PIN during registration, and storage of Touch ID data in the A7 chip. Despite the fact that Touch ID is an innovative leap toward mobile device security, it suffers from the same weaknesses as other fingerprint identification solutions: sensor challenges, forgery issues and user resistance.