How vulnerable is the fingerprint scanner on your phone?

There are legal issues and technical vulnerabilties aound the use of fingerprint scanners on mobiles, hence, Anthony Neary says, it is vital to have a mix of solutions which enable maximum possible security.

How vulnerable is the fingerprint scanner on your phone?
How vulnerable is the fingerprint scanner on your phone?

Research from Deloitte recently found that over 72 percent of people in the UK now use a smartphone. This has widened the technological capabilities of our daily lives, meaning that we can access our bank account with the click of a button, access our social media and even find travel directions in a matter of seconds.

According to pingdom.com there are now over five billion mobile phone connections every day, as well as 294 billion email messages. Mobile and internet technology has ballooned over the decade; meaning that data has become a far greater vulnerability. The development of social media, big data and cloud computing has changed the face of online security.

Throughout 2015 the media has reported on various data breaches at major businesses including Sony, Ashley Madison and Carphone Warehouse. The challenges of password security were put in the media spotlight and the reputations of the businesses were under intense scrutiny.

Those who remember the Tom Cruise Hollywood epic ‘Minority Report' will recall the iris scans and voice recognition technology. This is now a reality. Biometric security is now becoming one of the most actively used security methods, alongside numerical codes.

Apple released the iPhone 5S handset in 2013 which featured the much talked about Touch ID scanner. The technology was hacked a day after its release. By using a photograph of the fingertip and a cheap domestic scanner, the hackers were able to gain access into a test phone. Similarly, the hackers were able to bypass security on the Galaxy S5 using the same technique.

The iPhone 6 had greater security measure with a much wide base to give a more accurate, reliable reading. Whilst a finger print scanner could be fooled, it would have to be a highly complex method using James Bond style equipment.

In August researchers found that Android users were at particular risk of being hacked. FireEye found that android devices had the following flaws:

·         A confusion in the scanner authorisation process which let hackers install malware

·         Trust zone design flaw which allowed spying

·         Pre-embedded fingerprint backdoors that can be used to hijack mobile payments and collect various data.

Although the number of devices affected was few and far between it highlighted a warning to smartphone users and providers.

There is no security solution which is considered “best”. It is vital to have a mix of solutions which enable maximum possible security. Whether it's a number code, hardware system or a finger print or retina scan; there is always going to be a unique way of hackers attempting to gain access. Simple passcodes aren't safe either. The trained eye may be able to recognise distinctive smudge patterns left on your phone screen. With that in mind, a fingerprint scanner may be worth exercising.

However, mobile phone technology is constantly changing to adapt with these issues so it is vital that you password-protect your personal data.

There are also legal concerns with fingerprint technology. Using finger prints to unlock a device are being played out in the courts of law and Mashable reported of a case where a judge in the US noted that a criminal could unlock a mobile device using a fingerprint, as a means of providing DNA. However, the police cannot force a defendant to give up their passcode as this is considered “knowledge” and is protected by the US Fifth Amendment.

In order to fully maximise your device's security settings you should make use of the ‘Find' app on your phone. iPhone has an app called ‘Find My iPhone' which can set your device to lock down if it is lost or stolen. However, ensure you use a combination of a passcode and a fingerprint. Although it doesn't give the general public a definitive answer to mobile security, it's a step towards the right direction.

Contributed by Anthony Neary, managing director, The Safe Shop