Say goodbye to "slide to unlock". At today's press conference, Apple introduced the new iPhone 5s with a biometric lock it claims will revolutionise mobile security. Here's how it works, and what it means for you.
Tricks of the Trade
There are two major technological schools when it comes to fingerprint authentication — electro-optical and capacitance. EO scanners work a lot like a traditional scanner does: they use bright lights to illuminate the peaks and valleys of the print and a CCD device to capture a black and white image — white areas are peaks, dark areas are valleys. A computer algorithm then compares the pattern of light-dark intersections, known as minutiae (ie where two ridges meet or a ridge splits), in this image to one already on file for the individual. If enough intersections match, the identity is considered verified and access is granted. The Victorinox Presentation Master we reviewed a few years back used this system, however it is not the one used by Apple.
The new iPhone 5s uses the more sensitive capacitance method. Instead of bouncing light off the print to generate a binary representation, this method relies on an array of minuscule capacative cells, each less than a finger ridge wide. These cells consist of two conductor plates separated by an insulating layer.
Put your finger on the capaciative scanner and the ridges will cause some plates to come into contact, thereby closing a circuit and generating current, while the cells under the ridges on your fingers remain separate. The system then interprets the voltages generated by each cell to determine which one is under a ridge and which is under a valley. By combining this data the scanner can generate an overall image of the print, much as an EO scanner would, but with a much higher degree of fidelity. Another advantage is that capacitance scanners require an actual fingerprint shape to work, not just a light-dark pattern, which makes them harder to spoof.
What This Means to You
As you could see during the announcement relies on a simple downward swipe is all it seems to take to input your biometric data and gain access to your pocket computer. Of course, this demo was done in a highly-controlled environment, there's no way of telling what it will do with dirty fingers or what will happen after your kids use the phone as a peanut butter scoop, but as long as it works better than Siri — that is, at all — this feature could prove as transcendent a mobile technology as touch screens are.
Think about it, you'd never again have to smear up your display typing in pass codes or swipes. Not only does that improve your video quality, it eliminates the chances of a thief guessing your code by the greasy blotches or watching you input it before taking the device. To spoof a capacitance scanner, the thief would have to also get a print sample from you, jury-rig a fake fingerprint on a mould-able but non-deforming medium, and scan that instead. And since most stolen iPhones are destined for distant lands than decryption stations, it's easier to just steal that iPhone 4 from the guy next to you. Don't feel bad, the march of technology always treads upon the shoulders of late adopters.
As for your fingerprint data itself, Apple says that it's stored securely on the hardware itself — as opposed to on Apple's servers — which should help assuage some fears from anyone worried about the NSA, or identity thieves, trying to get at their biometric data. How secure that ends up being remains to be seen, but the security the fingerprint scanner itself offers seems like an upgrade of massive proportions. [Bioelectronix - How Stuff Works - Patently Apple - Wiki - Onin]