Unlocking your iPhone using biometrics (“fingerprint”) authentication is undoubtedly convenient, but have you considered the cost—the security tradeoffs you make in exchange for that added convenience? Although privacy and Fourth Amendment laws among the states are still very much in flux, it’s no longer just the police you have to worry about accessing your data. Digital photo technology has advanced far enough that hackers can use a high-resolution photo that includes your fingers—say, for example, you flashing a peace sign—to make a duplicate of your fingerprint. So what should you do?
Privacy advocates, such as Chris Soghoian (@csoghoian), and yours truly, have always insisted on using a long passcode for unlocking mobile devices, so in 2013 when Apple introduced the option to also unlock using your fingerprint, it seemed like a perfect marriage of security and convenience. But that was before courts started issuing orders compelling fingerprint unlocks. The idea being that Police Can Force You to Use Your Fingerprint to Unlock Your Phone—But they can’t make you cough up your passcode. And now it’s not just Big Brother who can get into your phone; it’s the other bad guys too.
According to a scientific paper recently published by a research team at Japan’s National Institute of Informatics (NII), they were able to copy fingerprints from photos taken by a digital camera nine feet away from the subjects. “Just by casually making a peace sign in front of a camera, fingerprints can become widely available,” NII researcher Isao Echizen told the Sankei Shimbun newspaper for an article published Monday. Even if you’re not one to post pictures of yourself flashing hand gestures, that doesn’t necessarily mean you’re safe—the ubiquity and always improving technology of digital cameras, together with the number of online photo repositories multiplying like Mogwai at the YMCA pool, all but guarantee that there are photos of you floating around on the web, which you had no idea even existed. If it happened to Germany’s minister of defense, there’s no reason it couldn’t happen to you.
So should you turn off the Touch-ID feature on your iPhone? I’m not saying we’re there yet, but you need to be aware of the risks associated with using biometrics authentication to safeguard your most important data.
It’s an old cliché of security researchers: fingerprints might appear more secure than passwords. But if your password gets stolen, you can change it to a new one; what happens when your fingerprint gets copied?
Security is always going to be a tradeoff consideration: You could use a unique 36-character password with two-factor authentication for every social media account and banking site you frequent, and choose to never store your passwords on any of your devices. And your data probably won’t get hacked. But do you want to spend several minutes typing in that password, and waiting for the secondary authentication token every time you check Twitter or Instagram? One way you can prevent at least your iPhone from being accessed using your unauthorized fingerprint is to get in the habit of turning your phone off frequently. At least for now, anytime an iPhone or iPad is rebooted, or powered on, it cannot be unlocked with a fingerprint until after the alpha-numeric passcode has been entered. Make your passcode as long as you can tolerate, but never less than 7 digits. Each additional passcode character exponentially increases the amount of time it takes for a brute force attack. Also, make sure you have the “erase data” feature enabled, which wipes your iPhone after 10 failed passcode attempts. You don’t need to worry about your kids wiping your phone either. After a few failed attempts the software won’t allow another attempt for several minutes—longer than the attention span of even the most determined five-year-old…