Apple (AAPL 0.64%) is in fierce competition in the smartphone market with Android OS by Google and, to a lesser degree, Windows Phone 8 by Microsoft. Both competitors have been gaining smartphone market share over Apple's iOS-driven iPhone, and in this race, perception as an innovator is crucial to continued success. New features need to draw significant attention. But they can't compromise security.
The new iPhone 5s
The new iPhone 5s has made quite a stir by introducing two new technologies that leave Android and WP8 phones behind. The first is a 64-bit CPU, something no other smartphone can boast.
Tests by the respected site AnandTech have shown that the 5s is very fast, handily beating competitors in most of the benchmarks. On the Geekbench benchmark, an overall computational set, gains were mixed, except in one important area – cryptographic tests: AES over 800%, and SHA1 245% improvements.
The AES and SHA1 gains are a direct result of the new cryptographic instructions that are a part of ARMv8. The AES test in particular shows nearly an order of magnitude performance improvement. [Emphasis added.]
One wonders what Apple has in mind for cryptographic services.
Apple's TouchID
One possibility, of course, is the second radical improvement, the fingerprint scanner, dubbed TouchID, that allows you to open your locked iPhone without needing to enter your password. Reviewers have hailed this as a great advance.
It should be noted that Motorola – now a part of Google – used to have a phone model, Atrix 4G, that used fingerprint scanning, but it was both awkward and so unreliable that they discontinued the feature . By most accounts, Apple's TouchID system works simply and reliably.
The Chaos Computer Club
The Chaos Computer Club is "Europe's largest association of hackers." They quickly developed a method to fool the fingerprint sensor on the iPhone 5s, and released a statement:
The biometrics hacking team of the Chaos Computer Club (CCC) has successfully bypassed the biometric security of Apple's TouchID using easy everyday means. A fingerprint of the phone user, photographed from a glass surface, was enough to create a fake finger that could unlock an iPhone 5s secured with TouchID. This demonstrates – again – that fingerprint biometrics is unsuitable as access control method and should be avoided.
Basically they took a fingerprint off of glass, scanned it under fairly high resolution, then used that image to make a latex spoof. It is easy to do and anyone can do it at home with inexpensive equipment.
The question is: Is their warning warranted? Is it true that "fingerprint biometrics is unsuitable as access control method and should be avoided?"
Does it matter?
That depends.
The reply is another question: Why would anyone want access to your phone? Obviously a thief would want that. However, someone who surreptitiously slips your phone from your pocket or off your café table is not going to stick around to ask for your fingerprints. If you are cornered in a back ally by five guys with AK-47s, you'd just give over your password regardless ... and you'd probably have bigger concerns than your iPhone password.
The Chaos crew admitted that it took a fairly high-quality scan for the spoof to work. Therefore, you need a high-quality original print. Drinking glasses and doorknobs can be good sources, but it's questionable whether a print left casually on a beer bottle would be complete and clean enough for a lift for this purpose.
And this raises another question. Why would someone do this to you? If you're carrying state or corporate secrets on your iPhone, you have close acquaintances who want to rip you off, or you're hiding compromising photos from your spouse, you might want to avoid TouchID. Otherwise, it's not much of an issue.
The common thief is going to have more luck peeking over your shoulder to steal your passcode than finding and spoofing a usable print.
So unless there is some very special reason for someone to want your data, you have little to worry about. In fact, since TouchID will encourage you to use auto-lock, it's probably more secure than leaving the iPhone unlocked.
As for Chaos, this is part of a campaign against the use of anti-biometric security. They wrote an earlier piece on the use of fingerprint scanning to allow payments at supermarkets, etc., a system being tested in Europe. The security risk there is certainly much higher. With the iPhone, you need a particular fingerprint with a particular iPhone. With the payment system all you need is the fingerprint, and you can then use it at any payment center in the system. That is a much greater risk.
Conclusion
iPhone sales are critical to Apple, making up 51% of revenue last quarter, and cutting-edge features are important for winning new users. On the flip side, any significant security issues could threaten sales.
But while we owe gratitude to the Chaos group for raising the issue, this would not seem to rise to the level of significant. As Chaos wrote:
iPhone users should avoid protecting sensitive data with their precious biometric fingerprint not only because it can be easily faked, as demonstrated by the CCC team ... you can easily be forced to unlock your phone against your will when being arrested. Forcing you to give up your (hopefully long) passcode is much harder under most jurisdictions than just casually swiping your phone over your handcuffed hands.
I would agree. If you plan on going to political demonstrations and photographing what happens, this could be an issue. If you're willing to take that risk, I think TouchID is a very attractive new feature for the iPhone.
