Linked by Thom Holwerda on Wed 11th Sep 2013 22:16 UTC

Apple's new iPhone 5S, which comes with a fingerprint scanner, won't store actual images of users' fingerprints on the device, a company spokesman confirmed Wednesday, a decision that could ease concerns from privacy hawks.

Rather, Apple's new Touch ID system only stores "fingerprint data", which remains encrypted within the iPhone's processor, a company representative said Wednesday. The phone then uses the digital signature to unlock itself or make purchases in Apple's iTunes, iBooks or App stores.

In practice, this means that even if someone cracked an iPhone's encrypted chip, they likely wouldn't be able to reverse engineer someone's fingerprint.

This seems relatively safe - but then again, only if you trust that government agencies don't have some sort of backdoor access anyway. This used to be tinfoil hat stuff, but those days are long gone.

I dislike the characterisation of privacy "hawks", though. It reminds me of how warmongering politicians in Washington are referred to as 'hawks", and at least in my view, it has a very negative connotation.

Permalink for comment 571909
To read all comments associated with this story, please click here.
You don't have to cut the finger
by orsg on Thu 12th Sep 2013 07:40 UTC
Member since:

The easiest way is to spot a glass you have been drinking from, take a strip of adhesive foil and you're done "reverse engineering" the fingerprint. Once you have it, it's trivial to create a "model" of this fingerprint, that you can just stick to your finger to spoof a fingerprint reader. The German CCC actually demonstrated this with the then current minister Schäuble.

And the problem is: Once you know a fingerprint has been compromised, you only have 9 fingers left. You cannot change them unlimited times like a password.

Edited 2013-09-12 07:41 UTC

Reply Score: 4