Future Apple iPhone Fingerprint Tech: How It Should Work

Apple iPhone fingerprint tech will land on an Apple iPhone, maybe this year. Here’s how our Peter Galvin says Apple should use it – and why you should care.

aNewDomain.net — Everyone in tech is talking about Apple iPhone fingerprint tech. Fingerprint reading tech, reportedly, will be built into next generation Apple iPhones and iPads. It could arrive as soon as the so-called Apple iPhone 5, expected this fall.

You never know what will happen, it’s true. Apple probably won’t even call it the 5S. Recall how Apple surprised everyone last time by announcing an Apple 4S instead of an iPhone 5. Apple is doing away with the numbering on these devices, it seems. As for the Apple iPhone fingerprint tech, this is inevitable. It might not happen right away. But it has to happen.

If and when Apple implements fingerprint tech into a future Apple iPhone or iPad, the ramifications will be astounding. Authentication via four-digit pass codes and kludgy third-party apps is pretty weak. Plus, Apple will have a hard time keeping its UI and user experience (UX) elegant if it increasingly pushes authentication messages behind every action you make.

Apple iPhone fingerprint tech could vastly improve security and convenience for Apple customers. Here’s my short list on the sort of things a thumb-button-based fingerprint reader should enable on a future Apple iPhone or Apple iPad — or the Apple iPod Touch, for that matter. With the fingerprint tech built in, Apple mobile users could feasibly do the following:

  • Unlock the phone – no passcode needed. Press your thumb on the home button to both unlock the phone and enable Siri. That makes Apple’s voice-command system a lot more useful. Just placing your thumb on the home button would unlock the screen and present a dashboard view of your current information.
  • Unlock the Apple Keychain that keeps all passwords on the smartphone. That way, all login information, web page form data and Apple iTunes authentication will automatically fill in.
  • Unlock the Apple Passport application containing travel information.
  • Authorize the Keychain to provide data, like credit card numbers, just with a touch of a finger or thumb.
  • Authorize information exchange, such as allowing Apple Airdrop to send or receive files.
  • Allow third parties to access the fingerprint tech API in Apple iOS 7 or later, so those apps could feature stronger authentication.
  • Manage lost or stolen devices by preventing anyone other than the owner or IT department to reset them without fingerprint-based strong authentication.

When you think about it, strong authentication via biometrics like fingerprint tech would be a prelude to the multi-user support developers have been waiting so long for. In that scenario, an Apple device could identify each user or manager via his or her fingerprints. Then the device would have access to all the appropriate account information, credentials, email, bookmarks, browser tabs and all of the other goodies that only single Apple mobile devices get now.


Image credit: Wikimedia Commons

A Closer Look at Authentication and Why You Should Care

First, a little background on why biometrics, Apple Keychain and other security technologies matter so much. It’s all about authentication. Authentication just means that you provide some data or some object or some combination of the two to correctly identify the user of a device.

Passwords and usernames are authenticators, but not very good ones on mobile devices.

Four-digit passwords are too easy to guess. See this infographic on why four-digit pins are so easy to break for more on that.

In truth, Apple iPhone users don’t use any authentication at all — no password, no nothing. It’s up to enterprises to make sure Apple users properly secure their data with everything from settings that wipe data after failed password attempts to keyfobs that generate random passwords to strongly authenticate the user to some important service.

But biometric authentication — like retinal scanning or fingerprint tech like what is likely to show up on a future Apple iPhone and iPad — is by far a tougher way to keep tabs on who accesses what. Combine fingerprint reading with a password and you’ve got some strong protection.

The trick is to come up with authentication that won’t mess much with the user experience Apple customers are so fond of and used to. Apple, a company with aspirations to hold your most-sensitive data, files, music, photos and videos needs the best authentication offering that its pricing makes possible. Letting individual and corporate users store travel, medical and personal info under the veil of a thin four-digit pin is too risky in the long run. But constantly-nagging authentication messages ruin the UX.

Buying something from the iTunes store or using the web browser to access a site? Apple requires you to type in authentication information. Do you want to use a credit card to buy something? Type it in. And type it again. Or have the Apple iPhone or iPad store this information in the keychain only to risk someone accessing it without a password or by easily figuring out a four-digit pin.

Now do you see why authentication via fingerprint tech on the Apple iPhone and iPad via Apple iOS is so important?

The story on Mac OS is better. Such third-party apps as 1password keep track of authentication info — and they keep it secure. Even without fancy biometric tech.

Macs have honest-to-goodness keyboards, too. So it’s easier for users to have stronger passwords.

Yet Apple will continually face on both mobile and desktop fronts pressure to maintain excellent UI without ruining it with lots of authentication nagging. It’s annoying. Not only do repeated security requests slow down access to a device, but it decreases the fun of using the device.

Fingerprint tech is an elegant solution to the problem. But there’s stuff you should know about Apple Keychain, as Apple has previewed it for developers, too. Apple iOS 7, as announced, lists several enhanced security features including Apple Keychain, also to be found on Mac OS X. This is an application and library for storing authentication information such as web login user names and passwords.

As shown in an Apple preview of iOS 7, the Apple Keychain will store account names, passwords and credit card information. It will sync all that information via iCloud to all of a user’s devices. Filling in web forms will be quick, secure and automatic with such tech, as execs plan to deliver it.

This does seem like a lot of information to store in one Keychain basket. Assuming the application has no security holes — and that’s a huge assumption — you have to ask: How are you going to unlock that information for use Apple iOS-wide?

And then there’s another new Apple iOS 7 feature: Airdrop. It allows sharing of photos, contacts, videos and, as Apple once put it,  “anything else from any app.” Again the question arises of how Apple will authenticate all that communication without relying on a weak four-digit code or a third-party app.

Solving the Problem

An Apple iPhone — and, someday, Apple iPad — fingerprint reader would solve the major problem Apple faces. And that’s how to increase authentication and security without ruining the user experience.

Ideally, it’ll be part of the home button on the upcoming Apple iPhone 5S. It will have to work well — that’s a huge challenge given the trouble other fingerprint readers have had in the past. And it will have to work perfectly within the user experience — hardware and software-wise.

The Future of Thumb-based Authentication

One of Apple’s strengths is its ability to provide entire user ecosystems that involve both desktop and portable devices. And now, adding thumb-based authentication, the company could offer even more functionality, such as:

  • A Mac or Apple TV could have their authentication done via a nearby Apple iPhone 5S. Simply press your thumb to the home button to login to or unlock your other Apple devices.
  • It would enable someone to unlock the Keychain on a nearby Mac using the thumb reader on the smartphone. This could provide access via that Keychain to important information on that Mac. For example, you’d get auto entry of credit card information into the web browser on that Mac.

In this theoretical brave new world, authentication is both strong and easy. User experience increases greatly and the Apple ecosystem becomes stronger than ever. The thumb as a key to access to all kinds of information would resolve an annoyance and let Apple devices become even more central to the lives of their owners.

Hopefully the vision I lay out here maps with Apple’s. It sure sounds enticing — and Apple customers would love it. Let me know what you think.  I’ll be watching. For aNewDomain.net, I’m Peter Baer Galvin.

Based in Boston, Peter Baer Galvin is a veteran tech writer, columnist, consultant, teacher, author and a senior contributor here at aNewDomain.net.  He is the chief solutions architect for Pluribus Networks. Before that he was CTO for systems integrator and VAR, Corporate Technologies. Peter also has taught at Boston University and is co-author of the Operating Systems Concepts textbooks. Follow him @petergalvin or on Google+. Email him any time atPeter@aNewDomain.net or peter@galvin.info