Touch ID

Touch ID Logo (Apple)

Touch ID in use with Paypal

Touch ID was first made by Apple Inc. as a fingerprint recognition security feature on iPhones. It was used to unlock iPhones, to make purchases on the Apple Store, and to use Apple Pay. Touch ID was first introduced in 2013 with iPhone 5S, and with time the Touch ID was improved and added to even more Apple products. Although the Touch ID is still used and incorporated in many Apple products today, Face ID, a facial recognition security feature, is used a lot in the new Apple phones. Face ID was introduced in 2017 with the iPhone X and created quite the commotion among many Apple product users.

The Touch ID works by using a sensor to pass a small current to the user's finger and create a 'fingerprint map'. This map is then stored in a chip in your phone so hackers cannot externally access that information.

History

History Behind FingerPrints

Fingerprints are tiny patterns on the tip of our fingers that are completely unique for each person. No two people have ever been found to have the same fingerprint so it has seen as one of the most secure ways to verify people. Another reason that makes them so secure is that they never change with age and they are even easy to collect from people. The use of fingerprints for security reasons has been used by state prisons, police stations, and even the FBI^[1].

Uses Outside Phones

The FBI and police use fingerprints to identify suspects and solve different crimes involving fingerprints. Often they use fingerprint identification to decide sentences, probation, and paroles. The way they find fingerprints is often through chemical techniques and then find matches through online programs^[2].

History Behind TouchID

In 2012, Apple buys AuthenTec for $356 million and uses their technology to build the Touch ID sensors on the iPhone 5S. Once the Touch ID was finished and perfected, it wasn't long before companies like Motorola and Fujitsu tried to potentially buy out Apple, but Apple did eventually win. So in 2013, the iPhone 5S came out with the Touch ID, used only to unlock the phone. In certain scenarios, like rebooting the phone, Touch ID is disabled and the user's numerical passcode is required^[3]. A year later, with the iPhone 6 and 6 Plus, Touch ID was used to unlock the phone and to make purchases in the App Store, iTunes, and Apple Pay. The Touch ID is now on 6S, 6S Plus, 7, 7 Plus, 8, 8 Plus, SE (2nd generation), MacBook Pro, MacBook Air, iPad Pro, and iPad Air. Simply resting your finger on the sensor area will automatically read the fingerprint. With the updated Touch ID, you can choose to show details about your notification only after your fingerprint is read. This way other people who look at your phone can't read your notifications if your iPhone is not unlocked. Now with Facial Recognition rising, it seems that Touch ID's time might slowly be coming to an end, however, its impact on our technological advancements has been great^[4].

Touch ID Setup on Mac

The Chip

The Fingerprint data was first stored in the Apple A7 chip in the iPhone 5S but with new phones came new chips. They are now stored inside the Apple A8, A8X, A9, A9X, A10, A10X, A11, A12, A13, A14 processors in the iPhones and in the T1 and T2 in the MacBook Pro and MacBook Air. Contrary to popular belief, the fingerprints are not stored in iCloud or any place outside the physical iPhone itself.

Ethical Dilemmas

For the iPhone User, Touch ID is incredibly secure as there is no way anyone else can have the same fingerprint as them. As stated earlier, the fingerprint pattern is remembered and stored in the phone's chip, inaccessible to external sources. Although the Touch ID will still have an issue or two, it was well thought out and built by Apple. Many people against Touch ID when it first came out as it seemed suspicious that the iPhone would take your personal fingerprint, store it, and use it as a security measure. However, the process of the Touch ID has proven to be safe and not store the user's fingerprints anywhere other than inside the user's phone.

Access To Our Information

We know the government has the right to access where our cellphones are located with the identification features of our iPhones. Now with the Touch ID, anytime we send a message or use the Touch ID to purchase an app, our location is recorded at that time. They could always find locations based on user's cellphones, but now they can identify who specifically is using the cellphone at that location. Since the user's location is easily trackable, it can also easily be hacked. However, Apple works hard to assure people of its security^[5].

The Efficient Texture Comparison patent^[6] covering Apple's Touch ID technology states:

"In order to overcome potential security drawbacks, Apple's invention includes a process of collapsing the full maps into a sort of checksum, hash function, or histogram...The exemplary pattern could include the smallest or largest value within a respective vector of the map or could be a difference between a largest and a smallest value within the respective vector of the map. Numerous other exemplary embodiments are also possible, and any other exemplary pattern calculation can be used, where the exemplary pattern includes enough associated information to narrow the candidate list, while omitting enough associated information that the unsecured pattern cannot or cannot easily be reverse engineered into a matching texture."

How Secure Is Touch ID?

Touch ID is more secure than Face ID but less secure than person password entering. The question is how much less secure is this more convenient option than typing in your password every time you need to unlock your phone or sign in to an account? Apply claims the uniqueness of an individual's fingerprint makes this system extremely secure but researchers have recently discovered a new way to break this security barrier. Researchers at Michigan State University and New York University have discovered that because the fingerprint scanners on phones are so small, they only read partial fingerprints--making the images easier to duplicate. Touch ID works by taking about ten different images creating ten partial images of your fingerprint from different angles, never creating one full unique fingerprint image. Therefore, a hacker only needs to match one of these ten partial fingerprint images to unlock the phone. Through the study, using computer simulations, researchers "were able to develop a set of artificial “MasterPrints” that could match real prints similar to those used by phones as much as 65 percent of the time.” ^[7] Although this is a concerningly high number, these tests were not done with phones. Instead, they were tested on Touch ID systems not connected to phones, making the realistic percentage of replicated prints much smaller. There is concern about the idea that hackers only need to match one of the ten partial prints to unlock your phone but realistically, this is still a very unlikely and difficult thing to do. Although Touch ID is a very secure system, this study highlights some minor weaknesses it presents that could easily be fixed. Most of the researchers were quoted saying they still use Touch ID to secure their phones but might suggest users use personal password insertion for more confidential log-ins like bank accounts.

See also

References

1. ↑ Watson, Stephanie (2021). "How Fingerprinting Works" howstuffworks.
2. ↑ The Scientific Research Honor Society (2021). "Crime Scene Chemistry: Fingerprint Analysis" American Scientist.
3. ↑ Apple Inc. (October, 2014). "IOS Security" IOS Security.
4. ↑ Dormehl, Luke (July 28, 2020). "Today in Apple history: Apple acquires the company behind Touch ID" Cult of Mac.
5. ↑ Partridge, Lindsey (October 16, 2013). "The Privacy Questions Raised by Apple’s New Biometric Login" iapp.
6. ↑ United States Patent Application (November 21, 2013). "Efficient Texture Comparison" US Patent & Trademark Office.
7. ↑ Goel, Vindu (April 10, 2017). [That Fingerprint Sensor on Your Phone Is Not as Safe as You Think.] "The New York Times"