iPhone 6 Fingerprint Sensor Not as Safe as You May Think

Smartphone – When Apple comes out with a new smartphone the world notices and many webpages are full of adoration and love. The love comes mostly from the shareholders, which experience around this time of the year some notable increase in their investment. This is achieved by Apple releasing good products in the first place. There have been hiccups, when we think back to the antenna issue and now the “bend-gate” issue with iPhone 6 Plus. So far this has not influenced the success of Apple, even though the recent issue with device deformation may also lead to some lower than expected iPhone 6 Plus sales.

This may all be harmless compared to another weakness that was pointed out by Lookout researcher Mark Rogers, as reported by The Register. They showed that the new iPhone 6/6 Plus can be fooled by a recreated fingerprint lifted from a shiny surface. If this is too forensically scientific, ignore the fingerprint issue by not using it. Of course, this leaves the phone vulnerable to misuse. This may not be a major issue, as there is no difference compared to other phones. The iPhone 6/6 Plus is as protected or unprotected as any other Android smartphone. Besides the issue with the marketing message, I want to remind you that one of the key features introduced with the iPhone 6/6 Plus was the Apple Pay feature; pay in an instant safely without handing over a credit card and your credentials. What sounds like a great idea which people can subscribe to, raises the question if this is actually as safe as Apple is saying. Getting a hand on the phone together with a re-created fingerprint would open a lot of options for the criminal-minded.

Yes, it would need both the phone and the fingerprint, but there may be a good chance that the fingerprint is already on the phone. It does have a touch screen, if I remember correctly.

With no real misuse as of yet, this issue is hypothetical at the moment. I wonder what will happen if it becomes more real? The article continues to explain that Apple bought the company AuthenTec to address biometric issues. The company was working on biometric methods that would prevent any person from accessing a protected device by using more than just the image of the fingerprint. It would seem that Apple is not using this technology in their latest smartphone models. Whatever the reason the company decided not to pursue that route, it could be something that the company has to explain to a court if a substantial breach of a fingerprint protected device leads to substantial damages. I think this topic will come up sooner or later and needs to be addressed by the industry overall to make ‘pay by phone’ a success. – Norbert Hildebrand