Apple catches lawmaker's eye

Senator concerned about iPhone's fingerprint tech.
Associated Press
Sep 20, 2013

Sen. Al Franken is asking Apple for more clarity on privacy and security concerns he has with its use of fingerprint recognition technology in the new iPhone 5S.

The iPhone 5S, which went on sale Friday, includes a fingerprint sensor that lets users tap the phone's home button to unlock their phone, rather than enter a four-digit passcode.

But Franken said that the fingerprint system could be potentially disastrous for users if someone does eventually hack it. While a password can be kept a secret and changed if it's hacked, he said, fingerprints are permanent and are left on everything a person touches, making them far from a secret.

"Let me put it this way: if hackers get a hold of your thumbprint, they could use it to identify and impersonate you for the rest of your life," the Minnesota Democrat said in a letter to Apple CEO Tim Cook.

Apple Inc. officials didn't immediately return an email seeking comment on Franken's letter.

But the Cupertino, Calif., company has said that this kind of technology significantly boosts security for users.

According to Apple, the fingerprint data is stored on the phone in a place that's inaccessible to other apps and to Apple's remote servers. In addition, Apple says it's not possible to convert a fingerprint from a police file into something the phone will recognize, as the sensor reads a sub-epidermal layer of the finger.

Meanwhile, anyone worried about fingerprint scan has the option of disabling the feature and sticking with the passcode.

___

Follow Bree Fowler on Twitter at https://twitter.com/APBreeFowler

 

Comments

Señor Clown

Haven't we had fingerprint reader-based security available on select notebook computers for several years now?

huronguy

wow he's worried about apples security! hey senator worry about our governments security and what the government is doing to our privacy!

KnuckleDragger

Worried about a technology that has been around on several android brand phones for years? Apparently just another politician that is spouting off at the mouth about something he knows nothing about. Franken should have stuck to radio...nah, he wasn't any good at that either.

From the Grave

You can't take that phone to the grave.

SamAdams

I disagree with Apple's implication that, just because the print is stored separately, it can't be hacked. And while I appreciate that Apple claims it doesn't receive the fingerprint data, that doesn't mean it doesn't (though what it would do with it is beyond me).

In the case of other fingerprint technology, there have been questions raised as to whether or not a bad guy might cut somebody's finger or hand off and just use that much of it to gain access to whatever. Now while I can't imagine an iPhone is worth that kind of thing to ANYbody, once it's hacked (and trust me, it will be), you could REPLACE the fingerprint with your own and gain access to PayPal, banking records, various online store accounts, and who knows what else?

As far as I'm concerned, I'd keep using a password I could change as needed. I also never, never, NEVER do banking or transmit credit card data online and most especially never do so wirelessly! No fingerprint or password needed to capture THAT data!

The Big Dog's back

You mean a PRIVATE company does this? Say it ain't so sam.

SamAdams

We've had this conversation before, Big Dog. We both agree that BOTH the government and business are eroding our privacy. It's just that I'm the only one of the two of us who thinks the government invasions are worse because a) they're virtually impossible to opt out of, especially when you don't know about them; b) they're almost ALWAYS involuntary; and c) they can be enforced at gunpoint.

Nemesis

Actually, Sam, a smartphone on a 4G network (as opposed to Wifi) is probably the most secure connection you can make, since it has the strongest encryption.