Security features of iPhone 5 could help tighten endpoint security

by Charles Leaver

September 17, 2013

access_time 4 min read

The age of writing down or remembering passwords could be coming to an end. Security features of the newly released iPhone 5S are poised to change the way businesses view endpoint security.

Benefits of Touch ID
In the current BYOD environment, business administrators have reason for concern when it comes to employees working from their own devices. Sending and receiving sensitive information over an unprotected platform could spell disaster if leaked or stolen. However, Apple's iPhone 5S looks to help with its newest security feature: a fingerprint reader application called Touch ID.

According to ZDNet, Touch ID stores and encrypts fingerprint data on the smartphone's processor, then converts the information into a digital signature. The application scans the user's fingerprint when placed on the home button, which is flat on the new model as opposed to concave.

Information obtained through Touch ID is not stored on the cloud, however, which increases safety. Users can utilize this digital signature to unlock the phone or authorize purchases in the application store. However, CNET reported the digital signature cannot yet be used to unlock Apple Keychain or iCloud data, which will still require a regular password.

ZDNet reported that even if a cybercriminal hacked into a phone's encrypted chip, they could not alter the fingerprint data or the digital signature.

CNET stated that less than half of all iPhone users currently utilize the four-digit passcode used to unlock the home screen. With the introduction of this new technology, however, more users may begin locking their devices. Industry expert Jon Fontana said this type of feature will most likely encourage BYOD users to lock their phones, keeping apps and sensitive data more secure.

The fingerprint scanner is the initial line of protection against not only hackers, but also identity and content theft, fraud or unwanted surveillance. This type of strategy also greatly lessens the risk of data leakage through BYOD devices, as data is normally tied to certain devices and not the identity of individual employees, ZDNet stated.

According to ZDNet, this security feature could also affect the necessity of password-reset questions or two-factor authentication. If the phone doesn't recognize the fingerprint being scanned, the user cannot access the phone, and no further need for identification is necessary.

However, despite the benefits of such a system, critics still worry about its safety. As CNET pointed out, such fingerprint reading technology has been in existence for nearly 20 years and has been hacked before. Furthermore, strategies such as using soft substances like certain candies or Play-Doh have been used to fool fingerprint scanners in the past. However, Apple said Touch ID has trouble reading a digit if it is moist or sticky.