Serious question -- what is the big deal if someone gets your fingerprints? I can't think of the last time my fingerprint was used as some infallible method of identification, if ever. If the spooks want it, they already have it. I'd rather someone get their hands on my fingerprint than my passport, driver's license, and credit cards, and it seems much more difficult to steal than those things.
I think the fingerprint scanner is positioned not to be some indestructible lock like RSA or a safe-deposit box, but a reasonably decent deterrent like door locks and The Club. It seems to be at the same level of security as your iPhone passcode -- a well-equipped intruder can certainly get into your stuff, but your mom or a pickpocket won't be able to.
The problem is that I can't change my fingerprint. If it gets out by some third-party abusing the secret backdoor (or just abusing whatever other place you have your fingerprint stored), then they can potentially forge your fingerprint when committing a crime or when otherwise attempting to access resources you have access to.
When a third-party loses your password, you change it and life goes on (you are not reusing passwords, are you?). When a third-party loses your fingerprint, what do you do? Cut off your fingers? Grow a new hand?
Yes. The fingerprint information is supposed to be irreversibly hashed. But so are passwords. And yet we still see them being stored unencrypted. No. I'm very careful with my fingerprints.
Also, the data on my phone must be some of the most valuable data I have. When I lose my phone and you gain access, you immediately own all my online identities. My phone has SSH keys, it has the password to my Email account stored in its keychain (very handy for all these "I have forgotten my password" features on all the sites), it has my 2 factor authentication tokens - I can't even begin to imagine how bad it would be if somebody had access to my phone.
What does that even mean? You wear gloves in public all the time? You wipe down everything you touch?
Which makes me wonder, aren't one's finger prints all over your iPhone exterior anyway. If someone steals one's phone wouldn't it be easier to dust it for prints than crack the security on the digital copy?
Which makes me wonder, aren't one's finger prints all over your iPhone exterior anyway. If someone steals one's phone wouldn't it be easier to dust it for prints than crack the security on the digital copy?
Ding ding ding! We have a winner.
Almost as silly as not using a biometric logic because "what if they use a backdoor to get a photo of my face?"
Which makes the idea of a fingerprint reader on a phone somewhat nonsensical. Your password is all over the phone, and Mythbusters has proven how easy these are to fake.
Actually, it doesn't, because properly used biometric isn't a sole auth method. You want to use it coupled with at least a pin - then suddenly just looking over your shoulder isn't enough, you have to handle the phone carefully, or steal the fingerprints off your glass. That's more work, and makes it more costly and skill intensive. It's not impenetrable, but still quite efficient.
Good point. If it's two or more factors then the weakness of the fingerprint factor is not such a big deal. Is the iPhone 2 factor?
I think there is too much of an emphasis on using uniqueness for security. The idea is that if "It could only be you!" you are secure.
The sci-fi vision is a world where a fingerprint or retina scan is taken and that's it. There's no username needed, just the fingerprint itself is enough to confirm your identity. In reality, the idea of uniqueness for security actually would create security problems, because it removes the other factors involves, and biometric codes like fingerprint cannot be changed as needed (technically a fingerprint can be changed 9 times. A voice on the other hand cannot.)
An NFC tag/card/ring, seems much better to me, since these can be changed as needed and would be more difficult to hack than taking a fingerprint off the phone.
An armed thief could steal your ring or fob along with the phone, but they could also make you use your finger to unlock your phone for them. So I don't think that's really any added protection in that situation.
The thief that just grabs your phone off the counter or out of your pocket will have a much tougher time with the NFC tag than with the fingerprint.
This makes sense. However, the cops already have many peoples' fingerprints once they've been booked, and in general if someone wants your fingerprints they can usually get them. I think the question of fingerprint forgery is an important one but I would assume that in a real trial the evidence presented also considers the likelihood the fingerprints were forged.
That said, I can see how this could potentially dramatically increase the availability of public fingerprints if it were hacked. More importantly the fact you can't reset your fingerprint is something I overlooked. I do think that in general though anyone building a system that relies exclusively on a fingerprint as a highly hack-resistent security measure is foolhardy regardless of how prevalent fingerprint data is. In other words, your iPhone passcode isn't protecting your data anymore than your fingerprint if someone gets their hands on your phone, so I don't really see how this point is material to if it's a good idea to use fingerprints to unlock phones.
Simply publish your fingerprint somewhere - then if anyone uses it to impersonate you, it won't matter.
It's not quite the same with private keys because you can always generate some new keys and publicly revoke your key if it could have been compromised. Since you cannot regenerate your fingerprints and could have already lost them, simply revoke them up front.
In the country where I live (Switzerland), getting a drivers license thankfully does not involve somebody taking your fingerprint. Also, public transportation here rules to such an extent that not even having a drivers license is a perfectly valid option. I don't have one for example.
My passport also is one of the last ones you could get without it containing any biometric data.
As such, I'm reasonably sure that no third-party ever had access to my fingerprint. And I'd love for it to stay like this (see my parent comment for the reasons why)
Why do you care if anybody gets your fingerprint, if you have already decided nobody can be trusted with your fingerprint and thus will never trust fingerprint based authentication? Once you are at that point, it's like your eye color or something. I don't care if other people get my eye color, because I will never use it to authenticate.
I'd hypothesise it's more likely somebody will use your fingerprint to identify you than your eye colour. For example, at a crime scene if your fingerprints are found you can hardly say "oh, I don't trust my fingerprint so I won't authenticate with it, ignore that" - like it or not, it's seen as being at least something to investigate. On the flip side I imagine a witness who reports only "green eyes" won't have their case followed for very long.
Not the OP, but think a about it this way: your fingerprint is now in a central database backed-up by lots of processing power so someone can match it pretty quickly and, all of a sudden, you realize you can no longer commit anything "bad", ever, because "they" may catch you based on the data they have about you.
And to someone who may ask me "why would you want the freedom to do something bad?" I'll answer that three of the biggest monotheistic religions are based on a guy a girl who were allowed to do bad things (Adam and Eve). I'm agnostic myself but I find it pretty self-explanatory nevertheless , you just can't impose the lack of free-will on people.
But pragmatically, the more data they have, the more likely you are to show up as a false positive. Worst case; you handle something in a hardware store and it's later made into a bomb by a third party. You're going to need a solid alibi for that one.
Or you get placed at the scene of a protest even though you weren't present for it. Now you're on the terrorist list.
Additionally they can catch you more easily for victimless crimes, like if your fingerprints are on a bong they collect. I figure it's easy enough for them to stick you with a felony even without actively helping them get more data. So I'm trying to minimize the felonies I can be stuck with.
I don't agree with the fear, I'm just saying it's more likely somebody can be nefarious with your fingerprints than other things, regardless of whether you personally authenticate with them. For what it's worth, I don't agree there's an issue - I just don't think it's reasonable to compare fingeprints and eye colour.
It could depend on the state, but in America a driver's license is basically the de-facto form of ID. So, sometime back in the 50's or something, I believe fingerprints started to be taken as part of getting your license so that your fingerprints could be traced back to you for crime purposes. Similar to how in some states when you purchase a firearm, you are required to give the state a spent shell so that the state has a record of the "ballistic fingerprint" of your firearm.
The problem I see is that if they have a copy of your fingerprint, and then their computer says that matches a crime of sorts, what do you do then? You have to consider the false positives.
I don't have fingerprints. A large part of the world population doesn't have readable prints. What now? People on blood thinners, elderly people, Asians, women all have less distinctive prints. I don't have prints due to psoriasis.
Saying that fingerprints are a bad biometric because some people can't use them is like saying escalators are a bad idea because some people can't use them.
They might be a bad biometric but it's not because they aren't universally available to everyone.
When it's used as a gate, it is an issue. It took the Seattle PD and whatever agency actually issues civilian CAC (HSPD-12) a long, long time to get enough prints to allow me access to do my job. Both eventually had to accept three very partial prints as evidence.
The Feds have had my fingerprints for 8 years, because of a foreign adoption. In fact, they have two versions because my first fingerprints "expired" because it took so long for the adoption to happen. So they have an extra $800 from us-- Thanks USA! (tm).
Plus, as others have mentioned below, most conceal carry firearm permits will require it, at least here in Illinois.
So, the govt. already knows that I'm a registered Republican, they have my fingerprints (twice), they know I have a FOID (Firearm ID in Illinois), they know my travel patterns (via airlines, gas stations, etc).
I think the last of my worries is some fingerprint scanner on a smartphone. At least I won't have to type in my PIN to unlock it while driving...
Exactly. I've already had to give my fingerprint numerous times at the airport just to enter the United States. I figure the US government must already have it in numerous databases, so it's not a concern if they've backdoored Apple's devices to copy them again.
My question: Is digitized fingerprint information gathered from a given device useful? As in, could you run the prints gathered from an iPhone against, say, a DMV database? My intuition tells me that you couldn't. And that would gravely limit their utility value to the government.
My guess is that if the sensor works as well as they claim, including 360 degree orientation, it has to store a pretty complete profile of the fingerprint.
In my state, you're required to have the State Police add a digital scan of your fingerprints to the FBI database when you apply for a handgun license.
This is just another iteration of the "I have nothing to hide" argument, but now you're making it with f-ing fingerprints? Get a clue, nobody needs to have this argument again.
It is most certainly not a "I have nothing to hide" argument. It is a "what exactly is the value of a fingerprint in terms of identity theft?" It's a question of how dangerous, really, would access to the world's fingerprints be for a nefarious hacker. I'm not asking to be facetious, I honestly don't know the real answer relative to more standard security measures like passwords.
The same argument can be had for any individual piece of information. It's the amalgamation of all your personal data into the digital system of the internet that's dangerous, so it doesn't really tell us anything significant if your fingerprint by itself is valuable.
I think the fingerprint scanner is positioned not to be some indestructible lock like RSA or a safe-deposit box, but a reasonably decent deterrent like door locks and The Club. It seems to be at the same level of security as your iPhone passcode -- a well-equipped intruder can certainly get into your stuff, but your mom or a pickpocket won't be able to.