Today consumers will be flocking to Apple stores and other retail outlets to get their smartphone-sweaty hands on the new iPhone 5s. But the flag is going up on another event today – a race to become the first to hack into the phone’s new fingerprint scanning feature. And that is where things are going to get interesting.
When Apple announced their latest version of the popular phone earlier this month in San Francisco, the fingerprint scanner received a great deal of attention for good reason. It marks the first time in the global mass consumer technology market that a user community of this size (300 million and counting) will get the chance to use biometrics to unlock their devices.
Apple has spent a lot of time over the past two weeks reassuring users that their fingerprint technology is truly secure. Once the fingerprint is captured, it’s stored on the phone’s chip and, according to Apple, cannot be accessed by any app or cloud server.
But a group of researchers and notable hackers have already challenged this presumption of security by promising a crowdfunded award in excess of $15,000 to the first person who can prove they cracked the fingerprint scanner. Based on the results presented at the Black Hat Conference a few weeks ago in Las Vegas where proof was shown that oil and chemical processing facilities can be hacked over a wireless network from 40 miles away, the betting here is that the iPhone 5s goes down hard and fast.
However, there may be hope for this technology yet. Biometrics is not new and a number of consumer tech devices have previously offered fingerprint authentication for many years. This includes laptop computers and airport fast-track security kiosks.
There are also a number of companies who are mindful of the security risks involved and have spent a lot of time and money to address that problem. One of them is Biogy, a San Francisco-based company that was founded three years ago by Michael Fiske, a Stanford graduate.
Fiske and his team have come up with what they characterize as “a next generation, biometric solution for computer and network security.” Their product, called True Identity, uses a sensor equipped token that verifies a user’s fingerprint. Once the fingerprint is matched, a one-time only unique passcode is randomly generated which then automatically unlocks the phone.
Biogy’s technology was demonstrated last week for this column and it worked pretty well. The key to what Fiske’s company has developed is that the fingerprint information is stored on the token, not inside the computer. Whether users can accept carrying around a separate token to protect their phones is another question, but once they see what happens when hackers get ahold of the built-in fingerprint scanner that Apple is rolling out today, they might learn to like it. As Fiske puts it, “People can be reluctant to accept this technology until something bad happens.”
By incorporating a fingerprint scanner in one of the most popular devices on the planet, Apple has opened the door to what will likely become a tidal wave of interest in biometrics. Stocks of biometric companies such as Sweden-based Precise Biometrics and Fingerprint Cards have been on the rise over the past month. And, it’s a sure bet that other mobile phone makers on the Android side will be coming out with their versions soon.
Ultimately, the biometric solution that wins will be the one that is the most user-friendly and truly secure. The race is on. Let the fingernail biting begin.