Apple iPhone Fingerprint Scanner Could Lift Authentication Market


Apple has unveiled a fingerprint scanner on its high-end iPhone as part of a new identification capability that some experts say could be a boon to security vendors specializing in next-generation authentication measures.

Called Touch ID, the fingerprint identity sensor is available on Apple's iPhone 5S. It can scan a fingerprint at a 500 pixels-per-inch resolution and contains a detection ring, a tactile switch and sensor on the home button, capable of 360-degree readability, Apple said. The fingerprint sensor can approve purchases from the iTunes Store, App Store and iBooks Store as an alternative to entering a password, Apple said.

Security experts told CRN that Apple's foray into biometrics could help pave the way for a new crop of security products aimed at addressing the security lapses associated with account credentials. Usernames and passwords are highly coveted by cybercriminals. The Verizon Data Breach Investigations Report, which provided analysis of hundreds of data breaches in 2012, found that more than 90 percent of breaches involved some form of stolen account credentials.

 

[Related: What Do You Want In A New iPhone? (Video)]

"I'm sure there will be a whole ecosystem that grows out of this," said Avivah Litan, vice president and distinguished analyst at Gartner. "There's a real need for better authentication that takes advantage of these more user-friendly form factors."

Litan said it takes a large vendor to help make technologies more mainstream. Until now, fingerprint identification has been on a variety of laptops, but it hasn't been widely used because of performance issues, Litan said.

The Touch ID system also lets users enroll multiple fingerprints, letting users add people they trust. Apple said Touch ID fingerprint enrollments are stored only on the device and not backed up to iCloud or stored online in any way.

There are may be as many as a dozen security vendors or more attempting to use the mobile device to establish identity, Litan said. Nok Nok Labs, a member of the Fido Alliance, has been attempting to take its password alternative technology to enterprises, unveiling its solution at the RSA Security Conference in March. The Fido Alliance has been trying to push for standards to make strong authentication interoperate on mobile devices regardless of operating system.

"Apple's decision to include authentication with the iPhone is a good dose of rocket fuel for the industry," said Michael Barrett, president of the Fido Alliance, in a statement issued following the Apple announcement. "The marketplace seeks authentication capabilities that span computer, smartphone and physical access authentication and federated identity applications. Open industry standards, such as FIDO authentication specifications, are required before we can achieve industry-wide adoption of strong authentication across all platforms."

NEXT: Can Apple Meet The Needs Of Banks, Online Services?