Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Building the Hybrid Cloud
- Connected Government: How to Build and Procure Network Services for the Future
- Continuing Diagnostics and Mitigation: Discussion of Progress and Next Steps
- Federal Executive Forum
- Federal Tech Talk
- The Intersection: Where Technology Meets Transformation
- Maximizing ROI Through Data Center Consolidation
- Moving to the Cloud. What's the best approach for me
- Navigating Tough Choices in Government Cloud Computing
- The New Generation of Database
- Satellite Communications: Acquiring SATCOM in Tight Times
- Targeting Advanced Threats: Proven Methods from Detection through Remediation
- Transformative Technology: Desktop Virtualization in Government
- The Truth About IT Opex and Software Defined Networking
- Value of Health IT
Shows & Panels
Senator concerned about Apple's fingerprint tech
Monday - 9/23/2013, 2:38pm EDT
AP Technology Writer
NEW YORK (AP) -- Sen. Al Franken is asking Apple for more clarity on privacy and security concerns he has with its use of fingerprint recognition technology in the new iPhone 5S.
The iPhone 5S, which went on sale Friday, includes a fingerprint sensor that lets users tap the phone's home button to unlock their phone, rather than enter a four-digit passcode.
But Franken said that the fingerprint system could be potentially disastrous for users if someone does eventually hack it. While a password can be kept a secret and changed if it's hacked, he said, fingerprints are permanent and are left on everything a person touches, making them far from a secret.
"Let me put it this way: if hackers get a hold of your thumbprint, they could use it to identify and impersonate you for the rest of your life," the Minnesota Democrat said in a letter to Apple CEO Tim Cook.
Apple Inc. officials didn't immediately return an email seeking comment on Franken's letter.
But the Cupertino, Calif., company has said that this kind of technology significantly boosts security for users.
According to Apple, the fingerprint data is stored on the phone in a place that's inaccessible to other apps and to Apple's remote servers. Apple also has put in a number of safeguards, including requiring a passcode after a restart and 48 hours of inactivity. In addition, Apple says it's not possible to take an existing fingerprint and convert it into something the phone will recognize, as the sensor reads a sub-epidermal layer of the finger.
Joe Schumacher, security consultant at Neohapsis, said Apple's fingerprint technology seems different and possibly more accurate than older readers, so most people shouldn't need to worry. But he said it could still be "a risk for any possible targeted individual," and much of the risk comes from not knowing many details.
"There is a big security risk with Touch ID without explicit understanding of how Apple is handling this data from storage to sharing with other entities," he said in a statement.
Meanwhile, anyone worried about fingerprint scan has the option of disabling the feature and sticking with the passcode.
Follow Bree Fowler on Twitter at https://twitter.com/APBreeFowler
Copyright 2013 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.