Touch screen

The next generation of Android phones will reportedly have native fingerprint scanning. Apple has had the technology on its smartphones since the release of the iPhone 5S in late 2013. And of course, fingerprint scanning has been around for much longer in police, medical and government applications. But now that the technology has entered the smartphone realm, regular people can pretend they’re spies infiltrating a high-security government base when they unlock their phone to check Facebook.
Other than enabling you to fulfill your secret agent fantasies, what good is this technology?

The TouchID system can be used to unlock your phone with a touch and make wallet-less purchases using the company’s Apple Pay service. You can also use apps like Authy to add fingerprint authenticatation to other apps, creating an additional level of security for your email or Facebook accounts.
 

How it works

The Touch ID sensor essentially takes a picture of your fingertip. Apple says it gets better at reading your fingerprint every time you use it, and it can scan sub-epidermal layers of the skin to improve the resolution of the scan. The software categorizes the print in one of three well-established major categories: arch, loop or whorl.

A user can set up more than one finger in Touch ID, and — importantly — the prints are stored and encrypted on the iPhone A7 chip. Every time the sensor scans a finger, it compares the scan with the stored image, matching individual details that are “smaller than the human eye can see,” Apple says.
 

Safe and secure?

As much as TouchID was heralded and marketed as a security feature, not everyone is sure fingerprint authentication is as safe as it’s reputed to be. Upon release, the TouchID fingerprint authentication system had serious flaws. Of course, the number one concern is security.

The Apple community expressed some trepidation about the new gadgetry. Their concerns ranged from fears that, based on recent government surveillance revelations, the government might now collect all iPhone user fingerprints, to the notion that a person’s fingerprint might be lifted from a surface and used to hack into the device. Apple decided against storing fingerprint data in its cloud, so your specific fingerprint stays on your phone — not on Apple’s server.

But anyone who has used a smartphone for more than two minutes knows how many fingerprint smears coat that expensive glass screen. Hackers claimed to have defeated the TouchID system less than two days after it was released, gaining unauthorized access to users’ data by exploiting the fingerprint authentication system.

Joseph Steinberg, cybersecurity expert, executive and consultant, has written at length about the issue for Forbes. He says that while Apple seems to have addressed the easier methods of breaking the system by leveraging sub-dermal analysis (analyzing three dimensional unique aspects of fingerprints rather than just two-dimensional surface images), only time will tell how well iPhones withstand the inevitable search for exploitable vulnerabilities.

The horror movie scenario

So what if an unsavory individual wants to access your data through your smartphone, but needs your fingerprint to do it. What if they really, really want that data? Some imaginative people who have seen a few movies wondered if the finger needed to be attached to its owner for the authentication system to work. In short, yes. Your fingers are safe.

Biometric security experts have confirmed that the gruesome possibility of accessing a fingerprint-locked phone via severed finger would not work.

Fingerprint scanning security was even a topic on the popular TV show “MythBusters” http://bit.ly/mythPrints.

Show hosts Jamie Hyneman and Adam Savage tried to dupe a high-tech fingerprint scanner. These security gadgets use optical sensors to read finger or thumbprint patterns and match them against patterns stored in their computer memories. Jamie and Adam picked a reportedly unbeatable scanner model that detects thumbprints, along with body temperature, pulse rate and skin conductance. You can check the link for more, but the crew conclusively busted the myth of the infallible scanner.