Why fingerprints shouldn’t be used for security

September 23, 2013

fingerprint-scannerApple is clearly very pleased with the iPhone 5S and although its new¬†biometric security system TouchID seems like a neat feature at first glance, the use of biometric data for security isn’t necessarily a good idea.

See Also: How Fingerprint scanners work

The problem with fingerprint scanners is that they aren’t as secure as you might think, it raises some interesting privacy issues but worst of all once your biometric information has been compromised you can’t change it.

In terms of security, the¬†Chaos Computer Club (CCC) has already shown that Apple’s TouchID can be tricked using easy everyday means. Although we are only talking about a $600 smartphone and there are easier crimes to commit than trying to lift someone’s fingerprints just so you can access their phone, the weaknesses in fingerprint scanning are applicable to every situation where they are used including on identity documents (like passports) or scanners at supermarkets. In 2007 the CCC demonstrated how to¬†trick a fingerprint scanner at a supermarket resulting in a shopping bill being charged to someone else’s account. In 2008 the group included thin film copies of the¬†fingerprints of the then German Minister of the Interior Wolfgang Sch√§uble in its club magazine. The CCC’s webpage on how to fake fingerprints was uploaded in 2004, nearly a decade ago and the techniques described remain valid today.

You can easily be forced to unlock your phone against your will. Forcing you to give up your passcode is much harder under most jurisdictions than just casually swiping your phone over your handcuffed hands - the Chaos Computer Club.

There are also serious privacy questions around the use of biometric data. A senior US senator has written to Apple asking the Cupertino tech giant how the fingerprint data is encrypted on an iPhone 5S, whether any diagnostic data is ever sent back to Apple about the fingerprints and the exact legal status of the biometric data Рdoes it belong to Apple? Could the data be subpoenaed?

The reason¬†Senator Al Franken is asking these questions is because once your biometric data has been stolen you can’t change it. “Let me put it this way: if hackers get hold of your thumbprint, they could use it to identify and impersonate you for the rest of your life,” wrote the Senator, who is also the chairman of the Senate Judiciary Subcommittee on Privacy, Technology and the Law.

Today, if someone hacks one of your online accounts you just change your password. If someone steals your bank card, you just cancel it and get another one and so on. But if someone managed to steal and use your biometric data you can’t change your fingerprints. You can’t alter your¬†retinas or modify your DNA. The fact that these characteristics are fixed is why they are used in crime detection, but using them for information security is dubious.

Worst still you leave a biometric trail wherever you go, everything you touch, every piece of skin or hair that falls leaves biometric information about you. Again that is why it is so useful for solving crimes, but you wouldn’t go around leaving fragments of your passwords everywhere would you?

It is plain stupid to use something that you can't change and that you leave everywhere every day as a security token. The public should no longer be fooled by the biometrics industry with false security claims.
Frank Rieger, spokesperson of the CCC

In context we are only talking about accessing someones phone, I understand that. And some may think that using TouchID as an easy way to stop people using your phone is great – and maybe it is. But what if in the future my banking information is verified via TouchID? What if I can pay at a shop or online store using data verified by TouchID? Then suddenly lifting a copy of my fingerprints from a glass of soda means a criminal can empty my bank account and go on a shopping spree. Maybe we should stick to other forms of authentication.