How iPhone 5S makes your finger into a password
(CNN) — The most impressive feature of the new iPhone 5S may be its ability to turn your finger into a password.
Touch ID is Apple’s name for a new fingerprint scanner that would act as a security tool for log-ins and for making purchases from iTunes and other Apple stores.
“Your fingerprint is one of the best passwords in the world,” said Dan Riccio, a senior vice president for hardware design at Apple, in a promotional video. “It’s always with you and no two are exactly alike.”
Apple unveiled the iPhone 5S, along with a cheaper, simpler iPhone 5C, at an event Tuesday at the company’s California headquarters.
On the new 5S, the Home button will be made of sapphire crystal and act as a reader. According to Apple a fingerprint — up to five prints from different users, depending on who else shares your phone — can be read by the sensor from any angle to give access the same way a password does currently.
The fingerprint data is encrypted, Riccio said, and stored internally on the phone.
“It’s never available to other software and it’s never stored on Apple’s servers or backed up to iCloud,” he said.
The iPhone isn’t the first phone to have a fingerprint sensor. In 2011, the Motorola ATRIX 4G included one, though adoption among users wasn’t particularly high and the company eventually discontinued the feature. And at least one Android phone to be released this year also will have the technology, according to a Wall Street Journal report.
Some laptops and PCs have had fingerprint readers for several years now. But the technology has never really caught on, with users often complaining about them being balky and unreliable.
Maybe Apple can change that.
“Fingerprint sensors have come a long way,” said Michael Barrett, president of the Fast Identity Online Alliance, an industry group advocating for universal security authentication tools. “They are by and large much better quality now and very readily able to detect ‘Is this just an image of a finger or a real-life finger?'”
But while he called Touch ID “an exciting announcement,” Barrett still sees some problems.
First, he said, fingerprint scanning still isn’t perfect. He mentioned his wife, an artist, who has trouble accessing her PC with a fingerprint scanner when she’s been working with plaster, which dries out her hands.
“Like many biometrics, it falls slightly into ‘your mileage may vary,'” he said. “If it works for you, great. But it may not work for you all the time.”
The former chief information security officer at PayPal, Barrett also sees limitations to using the system for online purchases. While it may work fine on iTunes or in the App Store, it’s not likely other Web retailers are going to spend millions of dollars to make their systems accommodate an Apple feature used on fewer than 17 percent of the world’s smartphones.
That means iPhone 5S owners who used Touch ID for purchases inside Apple’s “walled garden” would still need to use other security tools to shop elsewhere with the same phone.
David Rogers, director of the Columbia Business School’s Digital Marketing program and executive director of its Center for Global Brand Leadership, called Touch ID one of several “nice,” but ultimately underwhelming, features on the iPhone 5S.
“Touch ID … could have been that killer app. But so far, it’s just a feature that saves you a couple seconds logging in,” he said.
“If they can manage to link it to multiple profiles on a device, like the new Google Nexus tablets, or make it a password to controlling smart devices in the home — your stereo, thermostat, etc. — that could make for a truly killer feature. But they just didn’t get there today.”
Paco Hope, principal consultant at software security firm Cigital, said that, if nothing else, Apple will widely expand the public’s understanding of the use of biometrics in the digital world.
“People’s ideas about biometrics were as informed by Hollywood as they were by real products and experiences,” he said. “Now, when someone asks the value of a fingerprint scanner, we can point to the iPhone and use it as a reference, for better or worse.
“Esoteric and academic theories of usability, reliability, false positives, false negatives, and so on will suddenly be tested by millions of real users in real situations.”