How secure are smartphone fingerprint readers?
NatWest and RBS customers with Apple iPhones can now use fingerprints to access bank accounts
NatWest and the Royal Bank of Scotland are allowing customers to access their bank accounts online using fingerprint recognition rather than a password.
From tomorrow, customers with an iPhone 5s, iPhone 6 and iPhone 6 Plus will be able to access their bank account online using Apple's Touch ID fingerprint sensor.
But how safe is the technology?
Subscribe to The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.
Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
Since it was introduced two years ago, it has "proven to be one of the best fingerprint scanning implementations available", says The Guardian.
The detection ring, built into the home button, already features on the latest Apple iPhones and iPads, enabling users to unlock their devices and verify iTunes and App Store purchases using their finger or thumb. Other third-party apps, such as Evernote and Dropbox, have also adopted the technology.
Yet, when it first launched on the iPhone 5s in 2013, it took a biometrics hacking team from Germany's Chaos Computer Club just a day to bypass the security by replicating a fingerprint left on a glass surface.
"We hope that this finally puts to rest the illusions people have about fingerprint biometrics," stated the group. "It is plain stupid to use something that you can't change and that you leave everywhere every day as a security token."
Ben Schlabs, from the German hacking think tank SRLabs, said the security implications for the new banking apps are the same. "It is just as dangerous," he told the BBC.
Nevertheless, Schlabs admitted he did not know of any actual crimes being enabled by the Apple's Touch ID fingerprint sensor.
Even Marc Rogers, principal security researcher at Lookout, who also hacked Touch ID, says he still thinks it is "awesome" technology. Exploiting the sensor's flaws relies on a "combination of skills, existing academic research and the patience of a crime scene technician", he says, suggesting it is so complicated that most criminals wouldn't bother.
Rogers does, however, suggest that Apple introduce two-factor authentication, such as a fingerprint and a password.
But it appears that RBS and NatWest – who are introducing the technology specifically to make digital banking "even easier and more convenient" – might be reluctant to set further security hurdles for their customers.
Sign up for Today's Best Articles in your inbox
A free daily email with the biggest news stories of the day – and the best features from TheWeek.com
-
Langdale Chase Hotel: a cosy nook in the Lake District
The Week Recommends This Victorian villa has breathtaking views and expansive gardens
By Natasha Langan Published
-
Orkney's war on stoats
In the Spotlight A coordinated stoat cull on the Scottish islands has proved successful – and conservationists aren't slowing down
By Abby Wilson Published
-
Quiz of The Week: 26 October - 1 November
Have you been paying attention to The Week's news?
By The Week Staff Published
-
How cybercriminals are hacking into the heart of the US economy
Speed Read Ransomware attacks have become a global epidemic, with more than $18.6bn paid in ransoms in 2020
By The Week Staff Last updated
-
Language-learning apps speak the right lingo for UK subscribers
Speed Read Locked-down Brits turn to online lessons as a new hobby and way to upskill
By Mike Starling Published
-
Brexit-hobbled Britain ‘still tech powerhouse of Europe’
Speed Read New research shows that UK start-ups have won more funding than France and Germany combined over past year
By Mike Starling Published
-
Playing Cupid during Covid: Tinder reveals Britain’s top chat-up lines of the year
Speed Read Prince Harry, Meghan Markle and Dominic Cummings among most talked-about celebs on the dating app
By Joe Evans Last updated
-
Brits sending one less email a day would cut carbon emissions by 16,000 tonnes
Speed Read UK research suggests unnecessary online chatter increases climate change
By Joe Evans Published
-
Reach for the Moon: Nokia and Nasa to build 4G lunar network
Speed Read Deal is part of the US space agency’s plan to establish human settlements on the lunar surface
By Mike Starling Last updated
-
iPhone 12 launch: what we learned from the Apple ‘Hi, Speed’ event
Speed Read Tech giant unveils new 5G smartphone line-up
By Mike Starling Last updated
-
Russian agency behind US election meddling ‘created fake left-wing news site’
Speed Read Facebook says real reporters were hired by fake editors to write about US corruption
By Holden Frith Published