updated 12:14 am EDT, Tue September 10, 2013
Security feature will be left out of cheaper iPhone 5C, paper says
On the eve of Apple's announcement of new iPhones, the Wall Street Journal is reporting that the long-rumored home button fingerprint scanner will become a feature of the iPhone 5S, the company's next model of premium smartphone. The fingerprint sensor will likely be used in addition to standard security measures such as PIN numbers or passcodes, but add a significant extra layer of security which could push e-commerce, banking and other high-security applications forward, in addition to making iPhones less valuable to thieves.
As with many things Apple has added, reinvented or made mainstream, biometric technology has been around for years, but outside of some government and enterprise use it is rarely seen due to cost or poor reliability. Apple's purchase of Florida-based AuthenTec in 2012 has made it possible for the company to nearly-invisibly incorporate the fingerprint scanner directly into the iPhone's home button. Others have tried the same path, but AuthenTec's technology is reported by the Journal to be more accurate and intuitive than previous approaches, using RF field attenuation to map the identifying fingerprint.
If true, the implementation would be as simple as normal use of the home button, and could have all manner of applications, from unlocking the home screen to preventing unauthorized in-app purchases by family members, or preventing thieves from opening or resetting the iPhone, making it far less valuable when stolen. The biggest gain to be had from the technology if it gets widely adopted is to close one of the biggest consumer loopholes: buyers' insistence on using simple, easy-to-remember passwords rather than unmemorable, strong ones. Apple already has an option for strong passcodes in its iOS devices, but very few users rely on it, preferring the simpler four-digit passcode -- or none at all.
Previous attempts at fingerprint technology in smartphones -- such as the pre-Google Motorola Atrix 4G in 2011 -- failed because the technology wasn't reliable, leading customers to avoid the feature. Ironically, there are reports that at least one Android-based smartphone will likely adopt a similar fingerprint home button technique in a future release this year or early next year -- thought by many to be from Samsung, which may (given its patent issues with Apple) not sell that particular model in the US.
In combination with strong passwords, enterprise networks, financial and medical information or other sensitive data could become far more to break, dramatically reducing attacks on online databases. It remains to be seen if Apple will incorporate its fingerprint security implementation into an API for third-party developers, or whether it will still require passcodes or other forms of security in addition to the fingerprint, using the scanner as a "final check" rather than a bypass of other traditional methods.
Also unknown at this point is whether Apple's identity verification system will overcome the common methods of defeating previous fingerprint-scanning technologies, including making a mold of the fingerprint or hacking the scanner itself to allow a false positive. Changes in the finger itself, such as moisture or dirt, may also need to be taken into account to assess how well AuthenTec's technology will really work in real-world usage situations.