News & Resources

Can biometrics keep consumers safe from identity theft?

Sep 28, 2013 Dave King

One of the most highly anticipated features of the new iPhone 5S was its leveraging of biometric solutions to better protect users from identity theft by making it much harder for criminals to steal a phone and crack its code. With biometrics, the only way in is through the owner's unique fingerprint.

However, a recent article from InfoWorld​ reported that only two days after the new Apple smartphone was put on the market, a group of German hackers announced that they had already been able to bypass the fingerprint reader.

Known as the Chaos Computing Club, the group explained that hacking into the new biometrics-protected iPhone was not easy. It required them to copy a user's fingerprint. However, the group did point out once a fingerprint is obtained, it's "far too easy" to produce fake fingers with the prints, the news source explained.

In a separate article from InfoWorld, Roger Grimes said the news isn't surprising, and it is really not that big of a deal. Why? Grimes explained that the biometrics featured on the iPhone 5S are less about security, and more about convenience, so if businesses believe the new device is part of the answer to their bring-your-own-device (BYOD) troubles, it may be time to think again.

Grimes explained that for biometrics to be truly valuable as a security device they need to be coupled with other technologies, such as short PINs, and should not accept biometric proofs that were identical to the previous one. However, he offered users one further warning: "Most successful exploits don't care whether you logged on using a PIN, password or biometric identity. That's because they hit you and your computer after you've successfully authenticated."