Trevor Stinson

talk to me on twitter / subscribe via email or rss

TidBITS: Q&A about Fingerprint Scanning

TidBITS has a good overview of fingerprint security in light of the new sensor on the iPhone 5s. The two quotes below provide answers to what I consider to be the most important questions. Read the full article for more detail on how fingerprint scanners work, and what to expect from the one on the iPhone.

On the possibility of your fingerprint being stolen:

The template is then stored in a database, ideally after being run through a cryptographic hashing function, just like your passwords. Passwords themselves are never stored in databases; instead they are converted by a one-way encryption algorithm, with the result being stored in the database. Done properly, this means your password can never be recovered, even if a bad guy gets the database.

Apple made it a point to note that your fingerprint will never be uploaded into iCloud or any Internet server. Instead, it will be encrypted and stored in what’s called the Secure Enclave within the A7 chip itself.

On whether or not fingerprints are actually more secure than passwords:

…using fingerprints creates better security through improved usability. Most people, if they use a passcode at all, stick with a simple four-digit passcode, which is easy for an attacker to circumvent with physical possession of your iPhone. Longer passphrases, like the obscure 16-character one I use, are far more secure, but a real pain to enter repeatedly. A fingerprint reader, if properly implemented, provides the security of a long passphrase, with more convenience than even a short passcode.