Is a fingerprint more secure than a password?
On CBS This Morning on Tuesday morning, there was a segment on how “easy” it is to fake someone’s fingerprint to gain access to a computer or device using fingerprint authentication. If you’re interested, you can find the segment here. In it, a security expert describes how he’s able to take a photograph of someone with their hands visible, crop a finger, blow the image up, print it, then create a fake fingerprint using glue. He claims to be able to use that to authenticate on an iPhone.
I know that security experts have been able to perform a similar trick with a fingerprint they captured from glass, but the twist here is that this guy claimed he was able to do it from a picture.
So, assuming it’s true, what does this mean? At this point, not a lot. Let’s see how this knowledge translates in the field. Generally, security is a cat-and-mouse game where vendors, enterprises and individuals continue to improve their security, while criminals and other “bad guys” continue to improve their penetration methods.
Biometrics, particularly fingerprints, have shown to be effective at authenticating individuals, with an extremely low error rate. They aren’t a panacea, but are certainly more effective than a 4 digit pin or weak password. It’s also a lot more convenient.
Let’s examine the issues in more detail:
- Spoofing your fingerprint – This is the issue at hand. Someone is able to secure your fingerprint, then fashion a fake print. This is a lot of work, plus someone needs to be able to capture the print of the finger you use for authentication. There is one safeguard on the iPhone: You’re permitted up to 6 attempts before fingerprint authentication doesn’t work without your PIN or password. This means that one would not have many attempts to get the fake print right. Since most folks use their thumbs or index fingers, using say your ring finger should improve the odds in your favor. Hopefully, Apple makes the number of attempts configurable so that one can set it to 2 or 3 attempts.
Also, I suspect that the photograph method noted in the CBS story is more difficult than they make it out to be. One would need a HD photo that wouldn’t be too grainy when blown up. Also, Apple and others are working on improving the software to require deeper recognition of the grooves in your print, which would improve its security.
The biggest weakness in my opinion is someone lifting a good print from a surface that holds prints, like glass. Typically, this requires someone to be close to you, like a friend or work buddy. The most worrisome method would be to capture a print off the device itself. Keeping the glass clean would should help mitigate this. Also, you might consider using a finger that typically doesn’t touch the front or back of the phone (again, thinking about your ring finger).
- Fingerprint authentication for ApplePay – At this point, this is much more secure than using a credit or debit card. Also, until there are some cases in-the-wild where a fake fingerprint has been used to spoof a retailer, I’m not too concerned.
Finally, normal precautions about safeguarding your device are still applicable here:
- Treat your device like your wallet (after all, it’s starting to replace it). Keep the device generally hidden. When using it in public, know your surroundings.
- Use a secure password. Since you’d not need to enter a password normally, I recommend that you abandon using a PIN and use a secure password. To shutoff the PIN (called Passcode), goto Settings->Touch ID & Passcode->Turn Passcode Off.
- Don’t loan out your phone. If you do, disable your fingerprint authentication and change the device password/pin while being loaned. Change them back when returned.
- Be sure that Find My Phone or Android alternative is active on the phone and you know how to remotely find the device and wipe it if need be.
- If you split up with your spouse or significant other, be sure to reset all passwords (including iTunes). Also, change the finger used to authenticate.
Bottom-line? At this point, fingerprint authentication offers significant ease-of-use improvement vs. reasonably secure authentication. Let’s see if this becomes a real issue and how Apple responds.