While many in the press have hailed the fingerprint reader on Apple AAPL -1.04%’s new iPhone-5s as a step forward for mobile security, there are serious issues related to using fingerprint authentication on a smartphone.
The most obvious concern is that the system may not work as well as people expect; fingerprint analysis technology is simply not as accurate as is portrayed in many movies and on television. Time will tell how significantly inaccuracy impacts iPhones, but, in general, either legitimate users are going to occasionally be denied access, or inappropriate users are going to sometimes gain unauthorized access.
Criminals might also be able to undermine fingerprint authentication and unlock stolen phones by somehow impersonating prints (for example, by leveraging information garnered from the fingerprints of the owners of stolen iPhones which are invariably all over their devices) or by exploiting some weakness in the actual fingerprint authentication software or hardware. Not that long ago, the “Myth Busters” show on the Discovery Channel demonstrated how simple defeating fingerprint authentication systems can be. While Apple seems to have addressed the easier methods by leveraging sub-dermal analysis (analyzing three dimensional unique aspects of fingerprints rather than just two-dimensional surface images), only time will tell how well iPhones withstand the inevitable search for exploitable vulnerabilities that criminals are strongly incented to find.
Another risk of relying on fingerprint authentication is the issue of malware, which, despite Apple’s arguments about general apps being precluded from communicating with the fingerprint sensor (at least for now), could potentially be written to read the user’s fingerprint and transmit the information to a criminal. While malware also poses issues with password authentication, there is fundamental difference: passwords can be reset, but fingerprints are for life; if a criminal obtains a fingerprint along with the user’s identification information he can potentially use it to steal the user’s identity and commit crimes for decades. Even if the fingerprint reader hardware were to allow software to read only a hash of the print, users whose smartphones are compromised with malware might have to destroy their devices and get new ones in order to be safe. Since people trust the fingerprint reader, criminals could also potentially sell slightly modified-internally iPhones on the secondary market and capture actual fingerprints.
Of course, even phones sold by Apple and the cellphone carriers themselves pose risks; besides the possibility of rogue employees, consider what would happen if some government “asked” either party to store or send it fingerprint information, and to lie to the public with denials of the existence of such a program. Recent news reports should make us wonder.
There is also a fear that some users who currently protect their phones with strong passwords may stop doing so once easier-to-use fingerprint authentication is available, potentially increasing the risk to themselves of having their data – and their identities – stolen. Also, Apple says that fingerprints will be used to authenticate to iTunes – meaning that some representation of prints, or a piece of data indicating that prints were validated, might be transmitted across the Internet – raising concerns about potential capturing and replaying of such data.
Humans identify people based on visual biometrics, but people know to be skeptical of the veracity of pictures transmitted across the internet. Fingerprint authentication is similar; it is designed to be used when the person authenticating can fully trust the party demanding the authentication, and the party demanding the authentication knows that the person authenticating is actually supplying the biometric information rather than replaying someone else’s. There is an obvious difference between a bank employee inside a secure building signing on to her Internet-disconnected terminal with a fingerprint while bring watched by security cameras, and a user logging onto an Internet-connected iPhone running software written by unknown parties with nobody else seeing what is actually placed onto the fingerprint reader. Perhaps future iPhones will use their cameras to analyze the face of a user as she places her finger upon the fingerprint reader, but, for now, no such security check exists.
New features may be “cool” and simplify life, but consider the risks before using the “latest and greatest.”
-forbes.com
Friday, September 13, 2013
Your New iPhone Can Put Your Identity At Risk
Subscribe to:
Post Comments (Atom)
No comments:
Write commentsNote: Only a member of this blog may post a comment.