How Safe Is Apple’s Touch ID, Really?

Now that the reviewers are done talking about what was missing from the iPhone 5s, some are taking a closer look at what the smartphone has that none of its competitors can claim: full-blown biometrics.

iPhone 5s introduces Touch ID, a James Bond-like way to securely unlock the device with your finger -- or, more accurately, fingerprint. Touch ID is built into the smartphone's home button and uses a laser cut sapphire crystal, together with the capacitive touch sensor, to take a high-resolution image of your fingerprint. The technology analyzes the fingerprint and promises accurate readings from any angle.

The Touch ID sensor recognizes the touch of a finger so the sensor is only activated when you mean to activate it. That preserves battery life. Addressing privacy concerns, Apple said fingerprint information is encrypted and stored securely in the Secure Enclave inside the A7 chip on the iPhone 5s. The data is never stored on Apple servers or backed up to iCloud. Beyond unlocking the device, Touch ID can also be used as a secure way to approve purchases from the iTunes Store, App Store or iBooks Store. Is this secure enough to be the future of smartphone security?

Reliability and Security

We caught up with Paul Henry, security and forensic analyst at Lumension, to get his take on Touch ID from a security perspective. He told us the fingerprint scanner has a potential to be a real game changer for personal device security -- if it's done right. As he sees it, there are two factors that will determine the real success of this new feature, which has undeniable potential: reliability and security.

"There's a lot riding on the reliability factor. Will it work if I go for a swim and try to use my phone with raisin hands? What if it's...

Comments are closed.