Apple recently announced their latest iPhone — the 5S — and among the new features that has created a fair amount of buzz is a built-in biometric fingerprint reader, which can be used to unlock the phone or confirm iTunes purchases in place of a PIN or passcode.
That’s probably true but there is another side to consider. There’s a reason (in fact, there are many) why biometric systems haven’t replaced passwords universally and one of those is the potential for impersonation. One would think that since fingerprints are unique that this would be a great way to authenticate people but it turns out that they can also be faked.
This is not new news. In May 2002 (that’s over a decade ago for those of you keeping score at home), Tsutomu Matsumoto, a researcher from Yokohama National University, demonstrated how he could fool fingerprint readers about 80% of the time using $10’s worth of commonly available materials. Here’s a link to the presentation with some nice graphics:
http://web.mit.edu/6.857/OldStuff/Fall03/ref/gummy-slides.pdf
Fast forward to September 2013 and Apple’s Touch ID comes onto the scene and I begin the countdown clock to when someone will pull off a similar attack. Not surprisingly, it didn’t take long. Within 2 weeks this video from the Chaos Computer Club (CCC) surfaced which shows a successful impersonation attack.
I won’t go into the details here but here’s a quick description from macworld.com. And if you’re wondering just where someone might be able to get the fingerprints from the authorized user in order to duplicate them, take a closer look at the CCC video and pay close attention to what the iPhone’s screen looks like when it’s turned off — fingerprint heaven.
So, should we give up on biometrics and declare Touch ID a failure. Maybe not. Apple says that roughly half of iPhone owners don’t even bother to set up a PIN to protect their devices due to the inconvenience of having to enter it (which is great news for thieves). So, even if Touch ID isn’t perfect (and no biometric system ever will be), the fact that it is so much simpler to use than passcodes means that, hopefully, more people will use it and, therefore, security will be improved since even a relatively weak biometric is more secure than a stock phone with no PIN at all.