Biometric Security: Is Authenticating Identity With Fingerprints Safe?

Apple appears very confident with the notion of authenticating your identity via fingerprints by including the technology in their flagship smartphone, the iPhone 5s. The notion of simply touching a button to unlock your phone or authenticate purchases opens up levels of convenience that a password never could, but how safe is it to allow you device to store your fingerprint?

During the keynote and follow up interviews, Apple went to great pains to point out that your fingerprint is encrypted and stored on the chip in the phone. It never gets backed up to the cloud, nor is it accessible to anyone who might steal your phone, break in to it and decrypt the data on the chip since it doesn’t store the actual image of the print. This is all well and good, but what if someone steals your iPhone and has the capacity to read the fingerprint data on the chip?

And in the future when Apple rolls out this technology to all its iOS devices, not only will you have to take the time to set up the fingerprint authentication on every device, but you will also have more devices where your fingerprint information is stored, and thus accessible to thieves if stolen. Cracking biometric security is today’s current security challenge for IT companies. If it works, it will open up a world of convenience for users. But therein lies the rub – it has to be secure, and it has to work every time.

Whether it be fingerprints, retinal scans or some other biometric security, there’s something inherently disturbing about a third party hacking into your biometric data and using it for their own nefarious purposes. It’s as if they are stealing a part of you and not something simple like a password. And as with any type of security, there’s always a way for it to be hacked, especially if that security authentication is tied to the cloud or Internet in any way.

Concerns about the security of fingerprint authentication and/or any sort of biometric security may all be for naught any way. We put so much of our personal data online that adding a fingerprint or a retinal scan to it probably won’t make much difference. As with any type of IT security, someone will always find a way to break in to it. But on the flip side, you aren’t likely to have your data hacked if you are vigilant about protecting it, regardless of the methods you use to protect it.