Slashdot Mirror
German Data Protection Expert Warns Against Using iPhone5S Fingerprint Function
dryriver writes "Translated from Der Spiegel: Hamburg Data-Protection Specialist Johannes Caspar warns against using iPhone 5S's new Fingerprint ID function. 'The biometric features of your body, like your fingerprints, cannot be erased or deleted. They stay with you until the end of your life and stay constant — they cannot be changed. One should thus avoid using biometric ID technologies for non-vital or casual everyday uses like turning on a smartphone. This is especially true if a biometric ID, like your fingerprint, is stored in a data file on the electronic device you are using.' Caspar finds Apple's argument that 'your fingerprint is only stored on the iPhone, never transmitted over the network' weak and misleading. 'The average iPhone user is not capable of checking, on a technical level, what happens to his or her fingerprint once it is on the iPhone. He or she cannot tell with any certainty or ease what kind of private data applications downloaded onto the iPhone can or cannot access. The recent disclosure of spying programs like Prism makes it riskier than ever before to share important personal data with electronic devices.' Caspar adds: 'As a matter of principle, one should never hand over any biometric data when it isn't strictly needed. Handing over a non-changeable biometric feature like a fingerprint for no better reason than that it provides 'some convenience' in everyday use, is ill advised and foolish. One must always be extremely cautious where and for what reasons one hands over biometric features.'"
That your fingerprints are all over your phones.
I believe mythbusters showed how trivial it was to bypass fingerprint protections by making your own "finger" from said prints? (This time on an electronic door lock).
... uses such biometric data to "hand stamp" people entering their theme parks.
Better tell people to stop going to Disneyland/Disney World!
It was the back of my finger?
Basically, he is the guy legally overseeing German Privacy Laws in the State of Hamburg. He is not a privacy expert. The only two guys in Germany I would listen to (maybe three guys) is the Privacy Commissioner of the State of Schleswig-Holstein, the Federal Privacy Commissioner and someone from Chaos Computer Club.
That being said, the question rather should be how the fingerprint scanner is implemented. If it generates a hash that is stored on the device and never stores the finger-print itself outside of RAM, I wouldn't have a problem with that.
The devil usually is in the detail - and in this case in the details of implementation. I would assume that Apple generates a hash code, stores it on the device and compares only hashes and never has a finger-print picture stored on the device (which would be better in any case). One might even consider storing up to 3, 5 or 10 hashes in order to have some heuristics.
Also, one wouldn't generate a has of the picture but rather the relationship of certain finger-print lines in order to not rely on a picture that might be different every time. But the line-relation is not so much different. I'm not an expert in biometrics, but I believe this is the same approach for face-recognition (certain specific face-points and their relationship to each other is analyzed, a hash generated and stored and next time compared against a new hash).
Being myself a German, I sometimes worry about German "alarmism". As Sigmund Freud said: "some times, a cigar is only really a cigar..."
Aside from the fact the government and many institutions (like Banking in the US) already have your fingerprint...
Is there any evidence at all that the fingerprint data store in the A7 is even usable outside of iOS? There's no reason at all to store a raw image of the fingerprint. How would you recreate the fingerprint to make it usable to someone?
No one is going to trust these companies until they make it clear that they're standing up to the NSA and various governments around the world that want our data.
Till then... no trust. And this stuff really just puts a spike in the eye for the whole cloud notion.
If the centralized systems are not to be trusted then we'll just use centralized systems. Which means the walled garden is unacceptable.
I've decided to stop wasting my time responding to AC trolls/sockpuppets... so if you want a response from me... login.
Now it's us, the "tinfoil" neurotics who laugh saying: "We told you so." to all the "cool and normal" people (in reality, uninformed, naive, and ignorant). Thanks Mr Snowden, for helping us to set the record straight.
Don't you 'hand over' your fingerprints with everything you touch? Don't get me wrong - it's obviously complete crap from a security perspective because it's using data that others can already get, but for that very reason you shouldn't be worried about people getting access to your fingerprint data. How were you planning to stop them; wear gloves 100% of the time?
Some recent uses of my fingerprints in which I had no real say:
1. Passport check at CDG airport
2. Applying for a Speedpass for CA toll roads
3. Getting some papers notarized
So, there are many current uses of fingerprinting in routine life that one has to comply with, and who can say how secure any of it is? But, trust Apple? This is a worthy debate and I trust my fellows slashdotters will post good comments on both sides. Me? I want better security on my phone, as I use it for purchases and banking. I think biometrics is a move in the right direction, what do you think?
sigs are for losers (except to point out that sigs are for losers)
While there are good reasons for paranoia when it comes to the NSA, I think this paranoia is over the top. Firstly, if Apple is lying, and the fingerprint information is not stuck inside the chip like they say, hackers WILL discover it. Then Apple will have bad publicity from here to eternity. So I don't think Apple would lie. Secondly the government has lots of better and easier ways to harvest fingerprints if they really want to. Thirdly, I don't think fingerprints will really do the government much good, except in crime investigations. If you're worried about that, then you've probably got bigger problems.
Android used to store your wi-fi password locally and never transmit it anywhere. Then came Gingerbread, and all your local data got helpfully "backed up" to google servers. Setting turned on by default, probably before you had a chance to learn it's there. They say they delete your stuff when you turn off the setting, but, naturally, there is no way to really know. Suddenly, google has all your wi-fi passwords, whether you like it or not. It would be naive to assume Apple would behave differently.
If you check the design, the fingerprint image itself is never stored anywhere. The fingerprint profile is only stored on silicon in the A7 chip. There is no API to access that data, only flags to tell you that it exists (so the OS can discover there are four stored prints and their names, but nothing about the actual fingerprints themselves).
Apple touts the fact that the fingerprint is never sent over the network as a feature but in reality it can't send it over the network even if it wants to, nor can any application access it.
If you think Apple is lying... well... There must be some level of trust somewhere or we may as well give up. I tend to draw the line at the CPU because if that is compromised or includes back doors, we are all screwed anyway.
Natural != (nontoxic || beneficial)
...crying wolf.
Biometric data does not have to be secret.
Your photograph on your driver's license is a biometric in effect. It works even if you don't keep your face a secret. It works because if someone holds a copy of your face up to a traffic officer, the traffic officer won't be fooled.
Password security is all about secrecy because anyone can use a password. The only way for it to be secure is if nobody else knows it. Biometric security is about having an adequately intelligent verification system which reacts like the traffic cop would if someone brings in a duplicate, a hostage, or a severed body part. Doing that right is Not Cheap, which is the real objection to biometrics when security counts.
Back in 2005 some car thieves in Malaysia tried to steal a Merc S Class with some kind of biometric immobilizer. When they realized they couldn't get the darn thing running without a finger print, they merely chopped the owner's finger off with a machete (I swear it's true: BBC Article).
I wonder who will be the first to lose an iPhone along with a finger.
My own government/EU has it on file.
and the USA government has it on file already too, since when I visited they took it.
so uh, what the fuck, it's not very useful. it's not that useful even for tracking me. opening a phone with it is just for ease of use. in fact, I would argue that something like opening the phone with it is the only fucking thing it's good for as an authentication as it gets around the problem of inputting a pin in public 100 times a day...
but you wouldn't want your banking for example just behind it. that would be stupid, especially if you might pass out somewhere..
world was created 5 seconds before this post as it is.
Instead of rushing to get your comment out there as quickly as possible, take a few minutes to think about what you want to say. I'm not suggesting that you need to spend an hour on it. Just take 5 or 6 minutes, think through what you want to say, and then write it out in a single comment. Then you can submit that single comment, without replying to yourself again and again and again.
And since the NSA will intercept any communications, the fingerprint will never be sent. Crisis averted.
Of course news about a fake are Fake News.
The US government has my fingerprints because in my country we're obliged to give such biometric data when we get a passport.
As the first poster said: You leave your fingerprints everywhere.
On the iPhone, the fingerprint is analysed (in case of Apple in quite sophisticated way), the resulting algorithm resulting in some string. This string is only meaningful to the phone. In a next scan, is the string the substantially the same or not. The string itself does not convey information as it is useless without the algorithm.
IF there is an algorithm that can work the opposite way to generate the fingerprint, then what? BTW, I doubt that this is possible because apple uses interrupts in lines (where pores are) and while a particular interrupt in a line of my fingerprint is a datapoint, it doesn't say anything about the direction in which the line runs.
If you have my string, and you manage to put it on your iPhone, then you've managed to make your iPhone suitable for use by me. Now that is a great hack! Thanks!
Bert
This guy makes one huge mistake in his reasoning. He assumes that we aren't constantly littering the world with our finger prints for anyone to retrieve. Dude. Finger prints are as easily obtained as taking out the garbage.
Finger prints are not something that we need to protect from being proliferated, because we proliferate them ALL THE TIME.
Idiocy.
More important to me are my legal protections from the authorities if they wish to use my fingerprint to unlock my phone. I don't have to give them my pin code to unlock my device (at least in most states in the U.S.) but my fingerprints are on almost anything I touch. Would it be legal for the police to hand me a glass of water, take prints from the glass, and then use those prints to unlock my phone without my consent?
Some recent uses of my fingerprints in which I had no real say:
1. Passport check at CDG airport
2. Applying for a Speedpass for CA toll roads
3. Getting some papers notarized
You have quite a lot of say over all those things.
1) There is nothing forcing you to travel to Paris or if there is something actually that important forcing you to travel there, it is probably more important than your fingerprints. (like something relating to your family's well being etc)
2) You don't have to have a Speedpass and I certainly wouldn't give anyone my fingerprints to save a few bucks on toll roads.
3) I happen to be a Notary Public and there is no requirement whatsoever that you give a fingerprint to have a document notarized in most jurisdictions. (It is required for certain property transactions in some places like California) There certainly is no requirement in the state I live in so if you don't want to give up the fingerprint you do have the option of moving.
That your fingerprints are all over your phones.
I believe mythbusters showed how trivial it was to bypass fingerprint protections by making your own "finger" from said prints? (This time on an electronic door lock).
Except that various people have already been investigating the fingerprint reading technology Apple is using, and they seem to think that it's really not that easy, because they're using a more robust technique than the classic scan-the-surface-optically method.
Dan Aris
Fun. Free. Online. RPG. BattleMaster.
The recent disclosure of spying programs like Prism makes it riskier than ever before to share important personal data with electronic devices.
This may seem like nitpicking, but it is not the disclosure of spying programs that makes it risky, it is the existence of spying programs that makes it risky. Disclosure just highlights the risk that was already there. If anything, disclosure makes it less risky because people are less likely to pull such shit when users are more aware of the possibility (i.e. more likely to notice).
Biometric data does not have to be secret.
For some uses it does need to be secret or at least reasonably private. For others it does not. Part of what makes my fingerprint a reasonably secure means of identifying me is that very few people have access to it. It is NOT hard to copy fingerprint data and use it for purposes which the owner of that fingerprint does not approve.
It works because if someone holds a copy of your face up to a traffic officer, the traffic officer won't be fooled.
Unless the name used to match with that photo is not your name. People make fake IDs all the time. Furthermore it is quite possible for someone to use biometric data of yours for identity theft. You could even be framed for some crime using such data. My Social Security Number technically is publicly available but only a fool would believe that distributing it more widely than absolutely necessary would be a good idea. While you are correct that the secrecy requirements for biometric data are not the same as those for passwords it does not follow that there is no need for privacy for biometric data.
Tell that to the biometric clocking machines I used to have to use. They work brilliantly until you get dirt on your finger, or water (having just scrubbed said dirt off) or cuts. Then there was that belt sander incident...
So apple say that they wont transmit the biometric id. That they can control. However, id bet that within months if not weeks someone will find a way to abuse and hijack this on jailbroken devices. The same protection doesn't apply to them...
Also eventually im sure the normal iphone will be abused too. Look at the debacle over the ease of extracting the users location history from iphones...
So the point is biometric scanning like finger prints and iris scans can be copied and be out in the wild. If you used that identity in other places too then others can also potentially use them and steal your identity.
What do you do when your account has been accessed unauthorised? You would change your password, you can't change your finger prints or eyeballs.
I can only apologise for the drivel he and his ilk are spewing out.
They are a constant annoyance.
There is a german word for it called : Bedenkenträger. People who's passion and job is to constantly fear the worst, know nothing, want to live in the past, regard themselves as important (despite being not so), make others people miserable and are generally opposed to progress. In a nutshell : scum. Their favourite word is "but"
They capture metrics based on your fingerprints
These are not cameras, that take an optical image; or collect data that can be used to reproduce your fingerprints.
The readers provide only enough data to authenticate the ridge pattern, by taking some simplified metrics that represent your pattern with a relatively high fraction of uniqueness.
See the citeworld article for more information about the iPhone's reader; apparently, this reader will be harder to trick than most laptop readers from Authentec have been in the past.
If they were worthwhile; then this seems worthwhile.
It's certainly a better idea to have fingerprint + 4-digit passphrase than a 4-digit passphrase.
Long passphrases are inconvenient; more convenient security means the bar is raised: people's risk will go down.
Also, since the reader requires live skin, it cannot be faked easily ---- it may reduce thefts of these devices by pickpockets and the like.
If anyone in this article actually was an expert of any sort, they'd understand that a raw fingerprint image is never actually stored as a part of this process. Rather, a set of features, called minutiae, are extracted from an image of your fingerprint. These are things like ridge flows, bifurcations, gaps/short ridges, etc. Then a descriptive template is generated for those features that can be used and extended with new features as more of your fingerprint is scanned. At no point in the actual matching process (since Apple is likely using a derivative of the Authentec matcher, due to their buying Authentec to kill off the fingerprint sensor market for other vendors) is the raw image actually used, but rather a set of these descriptive features is generated, then matched against the template stored in memory.
There is no way to reconstruct an actual fingerprint from this, the best you could hope for is to feed the matcher a stolen template to match against a stored template, but even then this is a pretty far-fetched attack.
This could be easily foiled if you had two touchscreen phones. Just hold the iPhone 5s's fingerprint scanner up to the other's touchscreen, which will no doubt be covered in smudgy fingerprints, and be warm enough to simulate body temperature if need be.
In Soviet Russia, dot slashes YOU!
Fingerprint forgery is now a well established technology, with numerous articles such as http://www.stdot.com/pub/ffs_article_asten_akaseva.pdf explaining the basic technology. That publication is 10 years old, and I've seen no evidence of any real improvement in the scanners themselves since then.
Commonplace scanning with the inevitable consumer applications storing it locally, and badly, will unfortunately contribute to the forgery problem by making the replicable fingerprints even more available to thieves and fraudsters. That sidesteps the "digital hash" storage problems, but takes more work to get complete fingerprint scans, such as those stored by the police or military databases for reference matching.
>"Handing over a non-changeable biometric feature like a fingerprint for no better reason than that it provides 'some convenience' in everyday use, is ill advised and foolish. One must always be extremely cautious where and for what reasons one hands over biometric features.'"
This is much more important for biometric features that are "left behind" or can be remotely monitored. Those include:
* Fingerprints
* DNA
* Facial recognition
* Voice recognition
Other biometrics are far safer for the owner because they [theoretically] can't be collected or used to track the owner without knowledge and consent each time:
* Retinal scan
* Vein pattern
For example, without my permission, my fingerprints can be collected. Without my permission my latent prints can be analyzed and used for searches. And because they (and DNA) are left all over the place, it is far easier for someone to make copies, too- then use those for tracking, breaking into things, or framing the owner for a crime.
I don't have special knowledge about how the Apple print scanner works but what I've read makes me believe it uses infrared sub dermal imaging. That is it seems below the surface. If so it's seeing more than just your finger surface print. That should make it harder to forge from lifted surface prints. It also will mean that it will work for people who have worn their finger prints off (apparently some types of labor do this--they grow back)
Moreover I would say this so called "expert" has it backwards. If you fingerprints really are a one-shot biometric that can't be unspoiled then we want to use them for casual things not critical things.
This finger print scanner is not eliminating passwords, it's just a second factor. I'ts a great idea used well.
Some drink at the fountain of knowledge. Others just gargle.
I predict a day in the not-to-distant future where lazy consumers will tire of having to touch their devices to unlock them and will demand a DNA sensor that lets you unlock phones by spitting at them. I wouldn't want to be sitting in the front row of that Apple media event.
one should stop driving cars because most people are unable to independently explain how the internal combustion engine works.
me, i pour gas into the gas tank, and the thing just fucking works. it's a goddamned miracle i tell you!
Remember kids, if you're not paying for the service, YOU ARE THE PRODUCT THAT IS BEING SOLD.
Biometric features of your body, like your fingerprints, cannot be erased or deleted. They stay with you until the end of your life and stay constant — they cannot be changed.
Perhaps, but the passwords of your average user stay with them until the end of their life and are constant -- so what's the difference?
Is there anyone in the USA that doesn't have their fingerprints already stored in some FBI controlled database? It's nearly universal as far as I can tell to have children's finger prints taken officially at school "to protect against kidnapping" type mentality. It has been happening at least since the early 80s when I was that age and was prodded into sticking my small child fingers into the ink and rolled onto an official paper - with a spot for each finger.
Does that appear to you, that every time you enter *certain* countries they ask for your full fingerprint? Then as we know they swap this data with other governments for no good reason.
You cannot use your fingerprint for anything.... it is almost like tattooing a QR code on your forehead and using that for authentication purposes...
OK. maybe not that bad, but pretty close. Did I just watch to much mission impossible and think that they can take my fingerprint, then 3d print it to a condom and use it to unlock my whatever they want to unlock?
already has my finger print on file since I traveled to the US.
Is that you can't KNOW for sure what actually happens. Essentially, vendors that utize closed-source firmware/software (basically almost everyone), like Apple, are asking their users to "just trust us that we aren't doing anything really stupid or malicious". After all the Snowden revelations, I find it pretty hard to trust ANYBODY with ANYTHING. Reassureances are not good enough, I want actual tangible PROOF.
A hash is usefull when you want to differentiate dataset ins uch a way that a very small difference make a huge difference in the hash. With fingerprint this is not what you want. You want to have enough detail to diferentiate print, but also be able to not always have a lot of false negative, while avoid as much as possible false positive. So you have to have "points" or small structure of the print scanned and evaluated and given a recognizable value, and compare against the same zone scanned for the fingerprint you want to scan. A hash would give you a lot of false negative and make the system useless. OTOH scanning 20 points of the fingerprint, evaluating the image for structure, saving those in a small format, and comparing against the one scanned, then you have a rating, say 8 of the structure match then you got your user. Naturally there will be false positive.
Taking the 10,000 foot view for a moment, Apple has, sadly, lost their leadership, and appears to be starting to make the same kind of mistakes that a leaderless Microsoft has been making for some time. The backlash has been very entertaining. I may make popcorn.
I guess the real question becomes, what company is positioned to take advantage when the big two falter? (And has the intelligence to capitalize on it?)
No, don't say Linux on the Desktop. Just don't.
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
I believe mythbusters showed how trivial it was to bypass fingerprint protections by making your own "finger" from said prints?
It is not an image scanner, it is an RF scanner.
With the new sensors you don't have to move your finger, just press it against the reader. And like the sensor in the iPhone 5S, the sensors that will be in laptops and keyboards and other phones can detect the ridge and valley pattern of your fingerprint not from the layer of dead skin on the outside of your finger (which a fake finger can easily replicate), but from the living layer of skin under the surface of your finger, using an RF signal. That only works on a live finger; not one that's been severed from your body.
This will protect you from thieves trying to chop off your finger when they mug you for your phone (assuming they're tech-literate thieves, of course), as well as from people with fake fingers using the fingerprint they lifted from your phone screen.
Why the iPhone's fingerprint sensor is better than the ones on older laptops
The Feds already have my prints. I gave them up voluntarily. The Feds have my SSN. What could Apple or any other company do with my prints that could hurt me? What's next? Wear rubber gloves to WalMart?
Give Apple, Inc. and the commercial world a database of all our fingerprints!
What could go wrong?
You think the Luddites originated on the continent instead of England form the anti-technology whines of some Europeans.
The biometric features of your body, like your fingerprints, cannot be erased or deleted. They stay with you until the end of your life and stay constant — they cannot be changed. One should thus avoid using biometric ID technologies for non-vital or casual everyday uses like turning on a smartphone. ... 'The average iPhone user is not capable of checking, on a technical level, what happens to his or her fingerprint once it is on the iPhone
I'll flip this around...
You should avoid using biometric ID technologies except for non-vital or casual everyday uses.
Since it's so easy to gather that information and it'll always be valid, you can never trust that it isn't out there and therefore for anything vital it cannot be trusted.
You can't hash fingerprints, so forget about keeping privacy that way.
There is no such thing as "The complete fingerprint, and nothing but the fingerprint". Fingerprints are identified by the pattern - in particular "characteristic points". I.e. points where ridges are broken or split up or ends. A print has many of those, just how many you get will vary. (Angle of the finger, how hard it is pressed down, is it slightly rotated, ...)
So each time you scan a finger, a different set of characteristic points appear. But if some mathematically determined number of points matches your original, then it is the "same" print. The number of points that must match, is set so that it is extremely unlikely that two different persons on earth will match each other.
Now you see why you cannot hash? You won't get the same characteristic points today as you did when scanning the finger for the first time. But the two scans will have a large common subset. If it is large enough, you have a match. But that mean you cannot use the one-way encryption a hash is, because you will never ever have an exact match. Unless your hash supports subset matching. MD5/SHA certainly doesn't!
Also, it is not only the varying number of characteristic points you get. It is the distance and angle between them, but measurements vary a bit with finger pressure. Fingers deform slightly under pressure. So when comparing fingerprints, you need some tolerance. Again, the concept of hashing=>exact match fails miserably. I have tried matching fingerprints with algorithms implemented in hardware - for speed. If you want to hash, you better find a hash that works with varying measurements and a varying subset of points. If you can even find such a hash, chances are it allows reconstruction of the original print also.
Lenovo has been doing fingerprint auth for years on their laptops.
News outlets are making it sound like this is some new-fangled tech.
Yes, i know in light of recent NSA developments.. but I still feel this is a non-story.
When I first moved to California I tried to get a California drivers license so I could start the clock on in-state tuition. That is, "I tried to" until I found out that the DMV takes fingerprints before they will issue a license. They use an ultrasonic scanning technology called "LiveScan" and the claim is that it is designed to fight illegal immigration.
Suffice it to say, 2 years later I have not gotten a California drivers license and would leave the state before I would ever allow a traffic court to coerce me in to it.
The joke may be on me though: My state of residence uses facial recognition bio-metrics from the license photo. They started this Real-ID compliance bullshit after I moved to California and I was presented with the "sophie's choice" of losing my face or my fingers to the Gestapo. I decided the face was inevitable with CCTV everywhere, and somewhat easier to conceal. This may have been a mistake because fingerprints can be changed more easily than reconstructive surgery allows.
In a century when people wonder why people were so easily cowed in to submitting to Biometric Databases, hopefully this post will provide an example of an attempt to resist. It's much easier in hindsight to say "I would have gone without a drivers license" when you have the benefit of knowledge of the horrors the information will be used for. When you cannot get to work or pay your bills without a Drivers License, anything more than a whimper of compliance is extraordinary. You justify the decision by allowing yourself to believe that history is not about to repeat itself. It's simply a question of "how long?" until this information is used to restrain the poor and unwashed masses from slipping their noose.
Any sensible security person will not rely on just finger print (alone) for security purposes. Especially, after the Snowden leak!
Have the finger-print scanner feature on my Motorola Atrix (built over 3 years ago -- yeah, Apple late to the game again). I think this is a perfect application for such technology. Fingerprints announce that "I was here", for things like crime-scene investigations. Having a finger-print scanner on your phone to unlock the device is announcing "I (the owner) am here". Of course, these things can easily be hacked, so I wouldn't want to use a finger-print scanner to protect anything of importance -- but who puts anything of importance on a phone?
He's European and if he's a security expert probably he already travelled to United States for a convention or something like that. Well every time we (europeans) travel to US they take a picture of us and all out fingerprints at the border... so where's the point in the Apple Touch ID?
That publication is 10 years old, and I've seen no evidence of any real improvement in the scanners themselves since then.
That's because you don't work in the biometrics field or have much interest in it. Check out these improved scanners used by Japanese ATMs http://spectrum.ieee.org/biomedical/imaging/the-biometric-wallet that were put into use more than 5 years ago.
The best readers arent small enough or cheap enough to put in a smartphone, but they are out there in commercial use.
I am relieved that the biometric data will remain on the phone and not be sent anywhere. I would be even more relieved if tech companies didn't have a history of being forced to put backdoors into their security and also being forbidden to talk about the matter.
Traveling to Paris is not what requires a finger-print. The only country that requires finger-prints is the US, as long as you stay out of the US you do not need fingerprints for traveling.
Just yesterday, I picked up a water glass in a restaurant. I also used the silverware.
5 bucks to a busboy, and someone could have gotten a pretty clear set of my prints. Oops.
Worried about someone getting YOUR fingerprints? Wear gloves everywhere. Bring along a handkerchief to wipe everything down if you momentarily have the gloves off.
Low tech doesn't mean no tech.
So to turn it off, you have to be careful to never hit the home button before you disable the function.
I predict a day in the not-to-distant future where lazy consumers will tire of having to touch their devices to unlock them and will demand a DNA sensor that lets you unlock phones by spitting at them.
Even better, a DNA analyzer that requires a semen sample. Just to make things more secure, an image of the owner's choice will be displayed on the access screen to "inspire" them to produce the sample. If it's not your cup of tea, then it will just be an extra security feature, making things more more difficult to produce a sample.
Fingerprint unlock on my ThinkPad: Good.
Fingerprint unlock on my iPhone: Bad.
Why all the fear around the fingerprint reader? Geez, the phone will simply take a pic of the users face with the front facing camera and send it off to the NSA with the persons details, wifi passwords, etc.
If fingerprints become regularly stolen like SS#s then eventually, fingerprints will be as relied upon as SS#s (won't be).
The only country that requires finger-prints is the US, as long as you stay out of the US you do not need fingerprints for traveling.
Many countries require fingerprints for entry. See, for example: http://www.cic.gc.ca/english/department/biometrics-international.asp
And the above list is certainly not exhaustive. Malaysia fingerprints everyone. China has evidently recently started. etc. etc.
I'm sorry. Reading these comments leads me to believe very few of you have actually used hash algorithms. Most hash algorithms are one way functions. You put some data in and a set of numbers and or letters comes out. The only guarantee is that for the same input the algorithm will always produce the same output and that the output will be unique across potential inputs. Meaning only one set of input will ever result in the same hash. These days most hash algorithms also require a second input, a private key. The private key is also hashed for storage and verification and is usually a pass phrase. In the case of the iPhone 5s fingerprint reader the only secure method would be for the fingerprint or some part of it to be dynamically digitized into a string of data. That data would then be passed through the hash algorithm to produce the hash code using a private key as secondary input. Since the original data from the fingerprint read is only dynamically created at the time the users fingerprint activates the reader, never being physically stored, and is dynamically passed to the hash function, and since the hash output can not be reversed into the original data given that the function is one way and a private key is required I don't understand how it is conceivable that the hash output can be used to identify the user on any other device, especially if the private key is dynamically generated for each device. It would also be near impossible to regenerate the original fingerprint data for use on another device. Worst case for added security is to pass the hash output through yet another cycle or two of the hash algorithm each time using a different dynamic private key for the device. By this time the original data is so far removed from the hash output as to have no logical relevance to each other.
While I share the basic sentiment, I must also say that our (I live in Hamburg) former office holder knew more about what he was talking about. The current guy is a lawyer by profession.
If you are worried about your fingerprints making the rounds, there are several hundred other things more dangerous than your mobile phone, because frankly, you leave your fingerprint everywhere.
What is worrying about the digital thing is that theoretically a hacker in China could get it without travelling to your location and lifting your fingerprints of something you touched.
But - that would only work if the device actually stored a fingerprint, and not just what is essentially the hash sum of one.
My advise would be the exact opposite (and contrary to Caspar, I am a security expert). Do use your fingerprint for casual stuff like unlocking your phone. Do not use it for important things like your car, house or bank account.
Assorted stuff I do sometimes: Lemuria.org
Getting fingerprint data is easy for a determined attacker, you are leaving them all over the place, and yes, obviously, you can't change them. That's the inherant weaknes of biometrics.
That's why, for high security, you have to combine it with another factor, which might be a physical key or/and a password.
Those are for visas not for visa free travel. Holiday traveling between EU and USA is usually visa free. From your list only the US and Japan seem to require it for visa free travel.
All they have to do is make a fingerprint mandatory for an essential service. If they require it for drivers licenses and public transportation passes, they have over 99% of the population covered.
I've been secretly using Jude Law's biometrics. Eventually I'll be on that ship to outer space.
Nobody said a single word about the cloud sucking up your details, passwords, contacts, calendars etc. Now crazy people are jumping on the phone having your finger print. People need a reality check! What exactly do you think anybody is going to do with your finger print, I'd be much more concerned with my passwords and identifying information heading into some cloud no matter who is running it.