The iPhone’s new fingerprint sensor seems like a great way to use biometrics to keep the device secure and personal, but could the feature be used against the owner to circumvent existing protections?
According to one YouTube video, the answer is “yes” – but there’s a bit more to it than that. Let’s take a look at whether the 5S introduces a new security threat, and what you can do to ensure your iPhone remains your iPhone.
The Video in Question
Take a look at the video below, which shows a knowledgeable would-be thief hijacking an iPhone. We should all know that allowing someone access to your primary email account is like handing them all of your personal accounts on a platter, so the latter part of the video is somewhat irrelevant. It’s the passcode circumvention and Apple ID hijacking we’re really interested in here:
Seems like pretty scary stuff, huh? And it was that easy? Well the video assumes many things to prove its point.
The achilles heel here is the fingerprint sensor, and use of biometrics in general. All biometrics are susceptible to this form of attack at present, so if you’re using fingerprint recognition to unlock your laptop or other personal device, you should be aware that the spoofing of fingerprints isn’t all that difficult if the thief has the know-how and equipment.
The video assumes there is a usable fingerprint on the device, and that’s exactly where the problems arise. Leave a thumbprint (not just thumb-tip) print on your device and there’s a possibility the thief would be able to gain access. This is of course provided they know the process of successfully extracting, copying and then creating a woodblock print good enough to pass as a human finger.
Another assumption is that the phone allows the use of Control Centre from the lockscreen, a setting which is enabled by default (so this itself is believable in the majority of cases). The video also presumes that the thief would successfully receive the email before Apple’s wipe request is processed by the device.
The final assumption in the hijacking of the account (and indeed phone) is that the Apple ID recovery address is tied to the iPhone – again, I have no issues here, I believe most people would allow this for convenience.
Not Quite So Simple
While the logic here is sound, the main crux of the argument is based on the fact that there is a usable fingerprint on the device. Looking at my screen after sending a few messages and checking my email in bed, I currently see no way a thief would be able to extract a print from my device. For me, it’s either smeared in the usual stuff that collects on our touchscreens or sparklingly clean after the old trouser-buff treatment.
That’s not to say this is never going to happen, but in the rush to steal the device and disable communications with the outside world there’s a very real possibility of destroying that usable print. How likely it is that a working woodprint fingerprint spoof could be created depends on the quality of the print and the skill of the individual. Though I don’t doubt it’s possible I’m skeptical that the average snatch and grab thief would go to such lengths.
Another area that is somewhat glossed over is the retrieval of mail for the Apple ID password reset code. I’d like to think after the many hours of creating woodblock fingerprints, everyone else’s inbox would be as congested as mine; something that’s not factored in here. Whether this would create enough of a delay for the Find My iPhone wipe request to be processed is unclear, but within a short time of being phone-less I’d have changed my email passwords and revoked access tokens myself.
This would make the thief’s effort a waste of time – after all, Find My Phone now comes with activation lock, which requires your Apple ID password to remove. Without access to the email accounts the thief would be unable to reset this password, the phone is useless to the thief and your Apple ID is secure.
What You Can Do About It
While these techniques aren’t unbelievable, and with enough effort an intruder could possibly get in, there are a few things you can do to make sure you never find yourself victim to such an attack. Fingerprint unlocking is very convenient, but as the technology is built for convenience we have to be able to use it. This means that unlocking with a convincing fingerprint spoof is going to be a problem for the foreseeable future on any devices. If you’re concerned, don’t use it.
Similarly, being able to set a timer or work out a quick bill from the lockscreen using one of the Control Centre shortcuts is very handy indeed but in its current form poses a security threat in the form of airplane mode. You can disable Control Centre access from the lockscreen in the Settings > Control Centre menu, though if Apple were kind enough to remove this option from the menu in a future update we could all breathe easy.
You should also avoid using a common passcode like 1234 or 0000 (here’s a nice list to avoid), though remember there are only 9999 simple codes to choose from. If you’re really concerned you can disable the 4-digit passcode from the Settings > General > Passcode Lock menu, and set a longer more complex one of your choice. And if you’re intent on breaking out your tinfoil hat, set your phone to erase all data upon 10 wrong passcode attempts from the same menu.
Other measures include making sure your Apple ID recovery address isn’t linked to your phone (probably tough for most users), and that if you suddenly notice your phone is missing then change your important passwords and revoke any access the missing device has to important accounts. You know, the obvious stuff.
It goes without saying that upgrading to iOS 7 and ensuring Find my iPhone is enabled under Settings > iCloud provides the best line of defence, so use it.
No Cause For Alarm
While the video highlights what’s possible in ideal circumstances, with an extractable fingerprint and a victim who doesn’t change their passwords or revoke device access upon noticing their phone is missing, the odds of a successful attack occurring are slim. Those of you genuinely worried should take the appropriate measures above, namely ensuring you don’t allow the unlocking of your phone with a fingerprint and that you use a passcode that’s not easy to guess.
In response to the question we set out to answer: does the iPhone 5S fingerprint scanner increase the chance of theft? No, not really. It would be nice to see Apple implement a few of the changes suggested in the video for peace of mind, though.
What do you think? Have you had your iPhone stolen? Do you use your 5S fingerprint scanner to unlock your phone? Let me know in the comments below.