Lake Havasu City, AZ – With the introduction of finger print technology on the iPhone 5s in 2013, biometric technology has grown to become a popular feature on many smartphones today. Smart phone manufactures have integrated this latest technology in the hope of bolstering security and improving usability; however, security experts are questioning the new technology after discovering that they may not be as secure as people first thought. “Mobile payments are now being accepted on these smart devices with just a touch of a finger,” Supervisor Buster Johnson, 1st Vice President of the National Association of Counties Cyber Security Task Force Team, stated. “In some circumstances when one uses their smartphone to pay for merchandise at certain locations a pin number or signature isn’t even required. The purchase is authenticated with your fingerprint. As more and more individuals turn to this technology, security experts are finding more flaws with the system than originally thought,” Johnson continued.
The use of biometric technology is nothing new. According to a report done by GCN, a public sector I.T. company, law enforcement agencies have used fingerprints for forensic identification for more than a century, and more recently the U.S. government has required biometrics for identify management through smart government ID cards. “Biometric security is known to be far more secure than just simply using a four digit pin code to unlock a phone, but when it comes to using the technology for purchase of merchandise one needs to remember that the use of this technology by mainstream America is still new,” Johnson explained.
A report released by Forbes Magazine shows flaws in Samsung’s Galaxy S5 fingerprint scanner. The flaw lies in older versions of the Android operating system, up to and including Android 4.4. The flaw allows hackers to break into the operating systems main core and have access to encrypted scans immediately after a fingerprint is used to access the phone. “Hackers always seem to be one step ahead of technology,” Johnson stated. “If hackers can gain access to encrypted fingerprints, they can potentially gain access to the phone allowing them to make purchases on specific apps such as PayPal or Amazon,” Johnson continued. Apple’s TouchID isn’t without flaws. According to the Forbes report, it took hackers just two days and a small collection of everyday household items to bypass the fingerprint sensor.
Andy Kemshall, co-founder and technical director at SecurEnvoy believes biometric technology is not secure for today’s technologically hungry world. “Biometric authentication is not yet near the level it needs to be for the majority of consumer facing organizations to implement it in their products,” Kemshall stated. “Fingerprint scanning, eyeball scanning, voice and face recognition are all at least a decade away from being reliable enough to use as authentication methods,” Kemshall continued.
One piece of advice experts are giving for those who use the fingerprint technology built in to today’s smart phones is to change the finger used more frequently. According to experts, switching what finger one uses will make unlocking the device a bit more difficult for hackers. “As more and more merchants start accepting cellphones as a way of payment, we must remember that there are still going to be security flaws. It’s important that individuals take all the steps necessary to ensure their identity and financial information is not compromised,” Johnson ended.