Why you should never use your fingerprint to unlock your phone

c: | f: /

Unlocking your phone with a passphrase, password or pattern takes time. Using your thumbprint is virtually instantaneous, and it’s guaranteed to belong to you, right? Wrong.

Almost anyone who has a phone is addicted to it. I see it every day. Constantly in hand. Twitching to check messages in case something life-changing happens on Facebook; like your friend eats a sandwich or turns into a velociraptor.

Each time the phone is accessed, the discerning owner unlocks it, traditionally via a password or pass pattern. But more phones, laptops and other devices are becoming equipped with biometric scanners to read your thumbprint or face. Google and Microsoft are calling to have passwords eradicated in favour of facial recognition and thumbprints, as if these methods offer some kind of security panacea.

Nothing could be further from the truth.

Let’s all change our thumbprints

Any kind of biometric data is a terrible authentication system for one simple reason:

Your biometric identity cannot be changed if it’s compromised. A password can.

My passwords are in my head. Assuming they are implemented correctly in the system where they are stored, nobody can get at them without brute force of either the system, or me directly.

By contrast, I leave my biometric password – thumbprint or face – on hundreds or thousands of things every day in my home and public spaces. That’s thousands of opportunities for anyone to take my entry system. Here’s a non-exhaustive list:

  • CCTV cameras in shops and streets.
  • Webcam during Skype calls.
  • Social media images that I or my friends have posted of me.
  • All payment/ATM keypads.
  • Door handles.
  • Supermarket trolleys.
  • Elevator call buttons.
  • My own phone.

All it takes is someone to lift one of those opportunities and I’m sunk. And note, most importantly, that not all of those opportunities are obtained by third parties. Some of them I’ve voluntarily submitted.

One password to rule them all

The problem is not that passwords are insecure. On the contrary, they are one of the most secure methods of making information private ever invented. The problem is that of the chasm between education (people choose shit passwords for simplicity) and tech (it’s hard to enter a good password quickly, especially on a touch screen).

So to bridge the gap, people fall back on simple stuff. Dog’s name. Daughter’s birthday. An anniversary. Child’s name with a number on the end. For goodness sake, people put their date of birth on Facebook or tattoo their kids’ names and birthdays on their forearms and then use those same pieces of information to access their phone, bank account or social media. Sheer madness. You might as well just post your access credentials on the Internet and be done with it, or not use any security at all.

Further, anyone who knows anything about the subject will offer this advice:

Never use the same password twice on different systems.

It’s exceptionally good advice.

Now let’s project into the future paved by Google, Microsoft and Apple where there are no passwords. Every website, every door entry, every phone, every laptop has a camera or thumbprint reader that is used to identify you. Sounds far-fetched? They’re claiming it’ll be available next year and are predicting uptake will be phenomenal.

Step back and think about that for one minute. That’s the same as using one password for every system, which is abysmal security. It doesn’t matter if each system itself uses cryptographic challenge tokens and never stores the actual raw identity – no system should ever do that anyway. The problem is they can all be unlocked from one source.

It’s the same as if you gave up your master 1password key. If you leave one thumbprint anywhere in the world, anyone who can take that print can log into any account you own: your phone, your Facebook account, your bank account, everything.

Conversely, in a password-protected world, if one of my passwords for one of the above services is compromised, only that one system is affected. I can change the password and it’s back to being secure again. Good luck with changing your thumbprint.

My face… my beautiful face!

There are other downsides of course, most notably with facial recognition. If you undergo cosmetic surgery or are disfigured in a crash, you can’t get into your account until you update your identity.

Secondly, can a system distinguish between a photograph of you and the real you? Your so-called mate prints out a picture of you from your timeline, visits the sign-in page of any social media site, puts in your user account name and flashes your photo up to their webcam. Or prints out a likeness of you on a 3D printer. Access granted, maybe?

Is that what you want? Do you want thousands of people to potentially be able to access your information without your say? To impersonate you?

Thought not. Then the solution is clear:

  1. Never use biometric security as a means to access anything.
  2. Oppose any system that enforces it.
  3. Improve your password security wholesale.

Simple. Effective. Secure. No more “problem” for the tech giants to try and “fix”.

I want your brainjar

(required)

(required, never made visible)

(optional, linked with rel="nofollow")

(required)