iOS 7 feature focus: Adding fingerprints, enhancing security for iPhone 5s Touch ID

Posted:
in iPhone edited January 2014
Users who set up their new iPhone 5s will be prompted to add a fingerprint for the Touch ID sensor integrated into the home button. But up to four more separate fingerprints, for a total of five, can be added later in the iOS 7 Settings application, where other changes can be made to enhance security.

Touch ID


Users can access Touch ID settings on their new iPhone 5s by launching the Settings application and choosing "General." From there, the option "Passcode & Fingerprint" must be selected.

Entering this section of the Settings app requires users to enter their passcode for security purposes. From there, the passcode can be turned off or changed.

By default, iOS 7 and the iPhone 5s prompt users to enter a simple four-digit passcode. But a more complex passcode can be enabled in Settings, allowing users to utilize upper- and lowercase letters and symbols, as well as numbers.

For security-conscious users, a complex passcode is advisable, as a proper password can be much more difficult to guess or see over someone's shoulder than a four-digit number. The convenience and responsiveness of the Touch ID sensor also means this more complex password will only need to be entered on rare occasions, such as when the phone has been restarted.

Touch ID


Next in the menu is the new Fingerprints option, which is exclusive to the iPhone 5s. In this menu, users can choose to enable or disable Touch ID capabilities with passcode unlocking the device, and for iTunes and App Store purchases.

Here is also where users can add up to five total fingerprints that will be securely saved in the handset's A7 chip. By supporting multiple fingerprints, Apple's system allows users to more conveniently unlock their device from either hand, or potentially grant access to the iPhone 5s to multiple users.

As with adding a fingerprint during the initial setup, users simply place their finger against the iPhone 5s home button repeatedly, from a variety of angles. Once the system feels it has an accurate, detailed representation of the user's finger, it stores it as one of the five embedded identifiers.

Some particularly curious users have found success in scanning various other parts of their body with Touch ID that are far less convenient than using one's fingertips. However such efforts have been met with much less consistency than fingerprint identification.

Touch ID


Individual fingerprints (or other scans) can be deleted by tapping the Edit button in the top right. Edit: Saved fingerprints are automatically labeled "Finger 1" through "Finger 5," though the names can be changed once the Edit button has been selected. Holding a scanned finger on the home button while in this menu will also quickly highlight the respective saved fingerprint.

The Passcode & Fingerprint section of Settings also allows users to disable features such as Voice Dial, Siri, Passbook, and Reply With Message from the lock screen. An "Erase Data" function is also available, which will erase all data from an iPhone after 10 failed passcode attempts.

Users interested in keeping their iPhone as secure as possible should also consider changing the settings for Notification Center and Control Center. Both of these sections of the Settings application include "Access on Lock Screen" options that limit what can be seen and controlled without unlocking the iPhone.
«1

Comments

  • Reply 1 of 27
    Any news from apple regarding the hack?
  • Reply 2 of 27
    MacProMacPro Posts: 19,718member
    I have a solution. Apple simply off an optional, additional level of security if you wish. Tap three or more (your choice) different fingers in a certain order and you remember the order. It would be a Finger print PIN. Imagine the pain a crook would have trying trying lots of different thin rubber copies in varying orders.
  • Reply 3 of 27
    You can rename your fingerprint by clicking on the blue colour "Edit" at the top right corner.

    Even if you haven't named your fingerprint, by placing the finger on the sensor, the respective saved fingerprint will light up briefly to allow identification.
  • Reply 4 of 27
    alfiejralfiejr Posts: 1,524member
    Quote:

    Originally Posted by sog35 View Post

     

    Just use the pinky off hand to act as the unlock print.  They won't be able to get a clear print since the pinky on the off hand rarely touches the phone if ever.


     

    good idea. but i'm going to try my index finger knuckle when i get the 5s later this week. not hard to use, and you never leave a knuckle print anywhere.

     


    point is, that hack isn't hard to defeat if you are really determined. not that the 'experts' have figured that out yet.


     


    myself, i do not live in a world of fear. losing the phone is the far most likely problem. the odds of it falling into the hands of state of the art criminals are miniscule, and if i get mugged i'll certainly brick it quickly anyway.


     


    all this hack hype is just more FUD from Apple-bashers, the 5s version of the antennagate fuss. they can't admit Touch ID is a killer feature that is going to ice the market.
  • Reply 5 of 27
    alfiejr wrote: »
    good idea. but i'm going to try my index finger knuckle when i get the 5s later this week. not hard to use, and you never leave a knuckle print anywhere.
     
    point is, that hack isn't hard to defeat if you are really determined. not that the 'experts' have figured that out yet.
     
    myself, i do not live in a world of fear. losing the phone is the far most likely problem. the odds of it falling into the hands of state of the art criminals are miniscule, and if i get mugged i'll certainly brick it quickly anyway.
     
    all this hack hype is just more FUD from Apple-bashers, the 5s version of the antennagate fuss. they can't admit Touch ID is a killer feature that is going to ice the market.

    Purported "security analysts" and Apple haters are reading too much into Touch ID and the hack. The hack was down under extremely optimal conditions.

    1) The person knew exactly what finger needed to be lifted (it's his own finger after all).
    2) The person gave himself a perfect print to make the lift as ideal as possible.
    3) The person used the same hand to use with the fake print.

    We still need to see this tested with at least two different people to be fairly certain that anyone can steal anyone's iPhone 5S and providing they can find a decent fingerprint that was used for locking the device they will be able to unlock it within the 48 hours* that is currently set up as the default time.

    Regardless how failsafe this process is, how cheap the HW that is needed for the process, how small the HW is (for example: having it in a car or backpack to hack it before it's wiped), or how fast they can complete the break-in the primary goal here isn't security, but convenience. That's why a PIN is required after 48 hours and a restart before you can use Touch ID, and not the other around. It's faster than a 4 digit PIN (which one may be able to see you type in over your shoulder) and it's enough convenience that the 50%-ish of users that don't use a PIN may actually start to use some form of security. That's huge!

    Furthermore, if we're truly talking about security there is the very nice requirement that Find My iPhone needs to be disabled with your Apple ID password, no Touch ID allowed, before the device can be activated by another account. Now if that can be hacked — a true hack, which might be accomplished by altering the phone's UDID as represented in SW — that will be a big hit to security.

    Finally, I'd really like for Apple to require a PIN or Touch ID verification to enable Airplane Mode from the lockscreen.

    * Personally, I'd like the option to set it to 4 hours. I might go up to 3 hours at a long movie but that's about it for the day. Even if I sleep 8 hours at night I could even wake up within 4 hours and check my phone. Even if I do sleep a full 8 hours I have no problem with supplying my PIN an exhaustive one-time per day.
  • Reply 6 of 27

    Apple could offer a pro option: Require three fingers in a certain sequence. That's 720 possibilities, not counting toes.

  • Reply 7 of 27
    stef wrote: »
    Apple could offer a pro option: Require three fingers in a certain sequence. That's 720 possibilities, not counting toes.

    The easier solution has already been mentioned, just use something that wouldn't make for a typical print that would be lifted off a mug or your iPhone. I like the knuckle idea.

    If Apple were to make it 3 different prints in a sequence you add a great deal to the complexity. With a PIN you get to see and hear what you input. The options are only 10, but with a finger it may take that as an option before you centered it properly so unless it's going to give you 3 separate "OK"s between each finger you then have to wait for all three to be inputted before it gives you an answer. It's just not a viable option in any way.

    To me a better option, which they may be working on, is to have an iWatch linked to the iPhone with BLE. When the iPhone gets far enough away from the iWatch the PIN is then required, not mention your iWatch notifies you that you're iPhone is no longer with you (which could save more than a few "oh shit!" moment of forgetfulness). So what if someone steals your iWatch and your phone? When you take off the iWatch all bets all off. It's only after you put it on and verify you did so with a PIN on your phone that the connection is made and the device knows you're wearing it.
  • Reply 8 of 27
    Quote:

    Originally Posted by bizzare View Post



    Any news from apple regarding the hack?

    So we're still fear-mongering this?

  • Reply 9 of 27
    Quote:
    Originally Posted by bizzare View Post



    Any news from apple regarding the hack?

     

    "The hack"? There is no "hack". 


     


    The stupid bus leaves at 5. Need directions?
  • Reply 10 of 27
    alfiejralfiejr Posts: 1,524member
    Quote:
    Originally Posted by 31 Flavas View Post

     

    So we're still fear-mongering this?


     

    the Apple bashers are desperate. they need hack-gate at all costs. they know the 4s is a smash hit, and they know Touch ID is a true "killer" feature. i feel their fear of being crushed in the market this holiday quarter, and it feels great.

  • Reply 11 of 27
    stef wrote: »
    Apple could offer a pro option: Require three fingers in a certain sequence. That's 720 possibilities, not counting toes.

    That is what digitalclips already proposed in post #3. Don't you read a thread to see if someone else already posted something you want to post?
  • Reply 12 of 27
    I have more than 1 iTunes account. Will fingerprint work for all of them when I purchase iTunes content?
  • Reply 13 of 27
    queue wrote: »
    I have more than 1 iTunes account. Will fingerprint work for all of them when I purchase iTunes content?

    Sure, but on different iPhone 5S's or after you exit out of one iTunes ID on a device and authenticate with another one.
  • Reply 14 of 27
    alfiejralfiejr Posts: 1,524member

    i can now report that, as i thought when posting above, you can use your knuckle print with Touch ID. i just set it up and it works fine.

     

    so in fact the hack that defeats Touch ID can itself be defeated by anyone who wants to. just don't use your fingertips.

     

    but you're not going to read that simple solution in the tech media. that's not the story they want to write.

     

    (and since this comment is days late, probably no one at AI will figure it out either.)

  • Reply 15 of 27
    Quote:
    Originally Posted by Alfiejr View Post

     

    i can now report that, as i thought when posting above, you can use your knuckle print with Touch ID. i just set it up and it works fine.

     

    so in fact the hack that defeats Touch ID can itself be defeated by anyone who wants to. just don't use your fingertips.

     

    but you're not going to read that simple solution in the tech media. that's not the story they want to write.

     

    (and since this comment is days late, probably no one at AI will figure it out either.)


     

    Until Apple starts describing Touch ID as a knuckle reader, not just a fingerprint reader (http://www.apple.com/iphone-5s/features/), I doubt anyone will pick up on your suggestion.

  • Reply 16 of 27
    d4njvrzf wrote: »
    Until Apple starts describing Touch ID as a knuckle reader, not just a fingerprint reader <span style="line-height:1.4em;">(http://www.apple.com/iphone-5s/features/), I doubt anyone will pick up on your suggestion.</span>

    That's how I set mine up based on Alfiejr's suggestion. I find it more natural than pressing the Home Button with my thumb tip and then holding my thumb there for the reader to work since I have to stop the motion. Alfiejr's suggestion is more fluid and therefore feels faster and more natural. I press it with my thumb tip and then lay my thumb down (i.e.: extend it over the Home Button) to let it read the thumb's knuckle palmar.

    PS: Perhaps now knuckle dragger can refer to those who take a proactive stance on security. ;)
  • Reply 18 of 27
    Originally Posted by PhilBoogie View Post




    Just how unique IS an areola?

  • Reply 19 of 27
    Quote:
    Originally Posted by akqies View Post





    That's how I set mine up based on Alfiejr's suggestion. I find it more natural than pressing the Home Button with my thumb tip and then holding my thumb there for the reader to work since I have to stop the motion. Alfiejr's suggestion is more fluid and therefore feels faster and more natural. I press it with my thumb tip and then lay my thumb down (i.e.: extend it over the Home Button) to let it read the thumb's knuckle palmar.



    PS: Perhaps now knuckle dragger can refer to those who take a proactive stance on security. image

     

    You should consider the possibility that knuckles are less unique to a person. There must be a reason why the FBI uses a fingerprint database, not a knuckle-print database. 

  • Reply 20 of 27
    d4njvrzf wrote: »
    You should consider the possibility that knuckles are less unique to a person. There must be a reason why the FBI uses a fingerprint database, not a knuckle-print database. 

    1) Are you saying the epidermal ridges over the knuckles aren't unique?

    2) Remember that your nipple will work just as well as your fingerprint for Touch ID but do you expect the government to invest in the NIPSLIP (National Identification and Processing System for Locating Individuals by Papilla) project? You really need to consider that people don't typically touch things with their knuckles, at least not reliably, which makes the idea of a Federal Knuckle Database pretty stupid and the idea of using it for security pretty good.
Sign In or Register to comment.