In September, Apple debuted the new iPhone 5s. Among the many updates (amazing camera! faster chip!) was the Touch ID sensor. With Touch ID, 5s owners use their fingerprints to unlock their phones and authorize payment for App Store, iTunes, and Newsstand downloads. It’s the first mainstream use of biometric security for consumers, which makes Touch ID a nifty feature. Apple says it’s secure: Fingerprint data is stored on a quarantined section of the phone’s processor, doesn’t sync with iCloud, and is blocked from third-party use. But the 5s probably won’t be the last device with biometric security. And that brings up a tough question: Have we reached the point where we’re giving away more to technology than we’re getting in return?
Biometric identification is a good thing—in theory. Fingerprints are one of the most foolproof identifiers we have. According to Apple, there’s only a 1 in 50,000 chance that a part of someone else’s print could randomly match with Touch ID. That uniqueness could lead to enhanced security elsewhere. The most immediate application is digital payment. Earlier this year, 50 students at the School of Mines and Technology in Rapid City, South Dakota, enrolled their prints in a pilot program that allows them to make purchases at stores on campus. A French supermarket chain has participated in a beta program that replaces PINs at the register with fingerprints and pulse detection.
We’re used to trading personal information for convenience. So far, those trades have worked out in our favor.
The trouble is payment systems are not as secure as we’d like them to be. Consider your credit card: A single payment passes through a series of authentication steps during processing, each one vulnerable to attack. In 2012, for instance, Global Payments, a processor for all four major credit card companies, suffered a security breach that compromised 1.5 million card numbers and accrued nearly $94 million in losses. And last summer, a federal grand jury indicted a group of Eastern European hackers thought to be responsible for stealing 160 million credit card numbers in a series of coordinated cyber attacks. Estimated damages are in the hundreds of millions.
The creation of a biometric payment system would mean surrendering fingerprint data to companies with a history of security breaches. If prints were irreproducible, that might not be such a concern. But it’s not particularly hard to hack a fingerprint. A laser printout of a digital fingerprint has just enough relief for a counterfeiter to cast a glue-based copy. (German hacker group Chaos Computer Club used a similar technique to trick Touch ID within two weeks of its launch.) Therein lies the rub.
We’re used to trading personal information for convenience. We do it on social media and websites every day. Credit cards require us to give away our data for the convenience of using credit over cash. So far, those trades have worked in our favor, but that’s because the systems have always included an escape clause. The digitally violated can update social-media pages, change passwords, or cancel cards. That’s not the case with biometrics. A fingerprint’s greatest strength—its uniqueness—is also its greatest weakness. And once it’s compromised, you’ll never get it back.
This article originally appeared in the February 2014 issue of Popular Science.