Apple’s announcement yesterday of the new iPhone 5S and the great number of features it will have are creating a lot of discussion around the world. One of the features Apple seems most pleased with is their fingerprint authentication, which will allow users to have their fingerprints authenticate them onto their iPhone. While normally I would be lining up to get my brand new iPhone I have to say I would like to know more about this technology before I proceed.
What Will Apple Do with All These Fingerprints?
According to the nice little video on Apple’s site, the fingerprints will remain only on the iPhone device and will never be stored in iCloud. Furthermore, it appears that no third party apps will be able to access that fingerprint, which will be embedded on the phones processor.
What Could Hackers Do With These Fingerprints?
Separate from what Apple’s stated goals are with respect to user fingerprints, could hackers somehow mischievously make off with scores of fingerprints if they exploited a vulnerability in the phone’s technology? I suppose anything is possible but seeing as how we don’t know much about the phone yet, it seems like a wait and see approach might tell us more about how accessible the fingerprints really are to crooks.
What Could Governments Do With These Fingerprints?
Sure, call me paranoid, but Apple has not exactly been free from accusations of sharing user data with certain government agencies. Even if we were to believe user fingerprints are safely stored on the iPhone’s processor chip, does this preclude other ways someone (or some group) could surreptitiously access that data remotely?
Again, none of these questions would even be raised if it wasn’t for the fact that most of the world today has significant doubts about public cloud vendors, including Apple. The trust these companies have abused is now having a consequence. If blogs and publications are writing copious articles on how these fingerprints will be used and which groups will have access to them, I think that settles pretty clearly the issue that public cloud vendors have harmed their reputations by indiscriminately sharing user data in secret.