The new iPhone 5S has an interesting new feature - a built-in fingerprint reader that can unlock your phone without a passcode. You simply place your finger on a special sensor and it can "read" your fingerprint without having to type in your unlock code.
The feature, called Touch ID, also lets you purchase items from the App Store and iTunes content without typing in a password. It is probably the biggest change in the the new iPhone and really leads to some interesting questions, namely "Will Apple ever see my fingerprints?"
The system uses a special camera to scan almost all of your fingerprint. Then, when you place your finger on the home button, it scans the skin of your finger and decides if you are who you claim your are.
So does Apple send your fingerprints to the NSA or even its own servers? According to the engineers who built the system, your fingerprint is read and then converted into a specific code. This code doesn't represent your fingerprint at all but instead acts as a secret key that can only be read by your own phone. In short, the reader doesn't recreate an "image" of your fingerprint any more than a very complex password would. Apple never sees the image and neither does anyone else.
The security system comes from AuthenTec, a company Apple acquired in 2012. This technology is unusual in that it doesn't require you to slide your finger across a sensor. Instead, it can read fingerprints from any angle. More important, this technology includes something called the Secure Enclave, a part of the iPhone that is completely corralled off from access. When you place your finger on the sensor, it reads it, converts it to a code, and then asks the Secure Enclave if everything is kosher. If things check out, you're in. Remember: at no time is your fingerprint sent to Apple. This is all done internally.
What does this mean for the future? It means you can use your iPhone to make secure payments to vendors and even authenticate with email and social media accounts. This, in short, gets rid of passwords in a very secure way, pulling us all out of the benighted era of depending on "thisismypassword99!!!" as our only line of defense against hackers.
It's so secure that hackers are trying hard to break it and can't. In short, it's a pretty cool addition to an already cool device.
Do you like this idea?
Image via Ishan Manjrekar /Flickr