Apple acquired Authentec for it, so it's going to be difficult for competitors to replicate it. I'm sure there are other vendors that provide fingerprint sensors, but their implementations of it and how the tech works probably isn't going to be the same.
The fingerprint sensor made by Authentec, was the centerpiece of a Motorola Moto X1 and slated to be in Google's Nexus 6 before Apple bought their supplier, effectively preventing the release. That's why those devices were released with a dimple where the fingerprint sensor was going to be, even though there was nothing in that spot where the finger rests.
That is to say, TouchID capacitive fingerprint scanning was going to be shipped in Android first and Apple delayed the market introduction with a strategic acquisition.
Prior devices like the Motorola Atrix and Toshiba G500 also had fingerprint biometrics.
"Apple purchased fingerprint-reader specialist AuthenTec in 2012, and the U.S. government recently approved Apple's patent for its own fingerprint reader technology. The company, like other makers of fingerprint scanners, uses radio frequencies to map a finger's surface."
http://online.wsj.com/article/SB1000142412788732386460457906...
Apple's new fingerprint sensor tech isn't so new. It's competitors had been using it for years, so why couldn't they make it work? "Everyone was waiting for the other [company] to make the move. It was incredibly frustrating for us."
That is a huge presumption and, as GP pointed out, the problem is if your fingerprint gets leaked, it's rather difficult to change it. Apple did a great job with TouchID but security experts went all over it trying to poke holes. Most other fingerprint systems don't get anywhere near the same amount of scrutiny. So in an unfortunate turn of fate, Apple's awesome implementation of fingerprint authentication on the iPhone resulted inthe general public being comfortable with fingerprint auth in other places, when they really shouldn't be.
>>> Two months later, Fingerprint Security Pro was in the app store.
>>> In the end, the app didn't actually offer any security - it was a gimmick that pretended to read someone's fingerprint and deny them access to the phone, with a hidden unlock button in its top corner. But it didn't matter. Users loved it. In its first month, it made $12,000. Mr Mureta was on his way.
This article doesn't really answer the question it poses. Unless there is some huge security flaw that cannot be fixed, this marks the beginning of mainstream fingerprint recognition. Other companies will quickly follow suit. Yes, fingerprint technology has been around for a while, but it's always been either an optional accessory or used in a niche case where heightened security was required. Apple's use of fingerprint as ID is new and groundbreaking in this context.
There; I've said more of substance than the author said in his whole article.
This doesn't explain why Linux doesn't communicate with the secure enclave.
Edit: I suspect closed-source hardware drivers, or collaboration with manufacturer is needed - so no fault on the Linux team, but still, an explanation as part of the article would be welcome.
As an aside, Appleland isn't the promised land either.
Apple laptops with a fingerprint reader lack the interface to be unlocked with depth cameras, like any Windows Hello certified camera. This means biometric authentication requires another connected fingerprint reader when the lid is closed.
Apple phones on the other hand have the opposite problem. They have a depth camera and can use your face to unlock, but lack the hardware for fingerprint unlocking. This means you have to lift them up and point them at your face while other phones have built-in fingerprint readers beneath their screens.
In all seriousness though. Apple would never make claim to fingerprint technology on their phones. IBM Thinkpads past and present still have fingerprint readers you can use instead of a password. It's all about the execution and well, Apple executed way better than the Atrix.
The sensor technology, developed by AuthenTec and bought by Apple a year ago, reportedly stores your fingerprints locally, so giving your iPhone the finger will not make it all the way back to Cupertino.
>If someone steals your fingerprint, you can never change your fingerprint (same with your face).
At what point is stealing a fingerprint, retina print, or face going to be economical enough for the thief that this would be an actual valid concern in 99% of use cases? Both FaceID and TouchID need to read a living person with a pulse in order to authenticate. You can't just take a printout of a fingerprint and drop it in. This is a really heavy lift to try to jack some random person's phone. Unless you're securing State Secrets or occupy rarefied enough heights that you have a Swiss bank account I don't really see anyone bothering.
>and so consumers buy into this and then also use fingerprints to secure things like their bank accounts, work logins, password vaults
Which bank accounts are taking fingerprints? Do you mean people's banking apps on their phones? In order to get to that they would need to steal both your phone AND your fingerprint. If a thief is this enterprising your info. is lost anyway. And again, they would need an extremely high fidelity reading of your fingerprint and the ability to reskin a living finger with it. And they would have to execute all this before you get to an Apple Store or a PC to remotely shut it down.
>Then we get yelled at by people from the company because "Apple says fingerprints are the best for security, why aren't you letting us use them?" It's a pain.
This often happens when someone shoves policy down people's throats without explaining themselves or getting buy-in from their clients. This is a communication skills problem, not an issue with biometrics.
It's clear that Samsung and Google are scrabbling to catch up with Apple, and I don't see why tbh. I don't think the general public dislike traditional fingerprint readers nearly as much as they do finding out the unlock mechanisms aren't secure.
I can type my password quicker than I can get a fingerprint reader to work. I dont get it really. I dont want one password for every site on the internet - which is what a fingerprint would be.
I had a fingerprint reader on my last leptop and it was a novelty. Apple inventing stuff that has already been invented since the mp3 player - but unfortunately getting massive amounts oof uptake.
It will be interesting to see how difficult or how easy it is to fool Apple's fingerprint scanner. I suspect the security will not be high given the constraints of putting it in a button on a mobile phone and the preference for letting marginal scans authenticate the user so as not to frustrate or inconvenience them.
Personally, I'd trust a 4-digit pin with a lockout timer to stand up better than fingerprint authentication. It looks cool in the movies, but it's never been a very bright idea.
Of course, most won't care if it's insecure, and being able to set different functions to automatically execute based on scanning different fingers (an ability laptop scanners have had for years) is certainly a selling point.
If we've learned anything over the past few months, it is that security is an illusion when it comes to Google, Apple and Facebook.
The fingerprint scanner is not intended to protect your personal data from being accessed by nefarious cyber-spooks or crackers. The $5 dollar wrench technique is fairly effective in bypassing such security anyway.
The fingerprint scanner is there so that when your phone is nicked by a mugger, they can't reset to factory defaults and sell it on eBay. If some knife wielding thug that robs me of my phone has the intellectual capability of lifting my fingerprints off the case and then using them to bypass the security, he still has to know my AppleID password before he can remove the 'Find my Phone' feature.
Give Apple a break. This is just another layer of security. It's _not_ the panacea to all our security woes, and they have never claimed it was.
Apple could utilize their newer devices' capabilities of finger print recognition. If you don't have a device capable of this, you don't get encryption. Sound very Apple™.
From what I heard the fingerprint reader is partially enterprise driven. Apple are doing everything to ensure maximum security on devices so they can replace BlackBerry and have a strong USP against Android in enterprise sales.
reply