“He’s not safe, but he’s good.” (Referring to Aslan, the Lion, in The Lion, the Witch and the Wardrobe.) ― C.S. Lewis
I planned to write about the inspired, better-than-sliced-bread security option of using fingerprint authentication to protect our mobile devices. That imploded. In 2014, and earlier this year, courts in Virginia and California, respectively, issued warrants requiring suspects to provide their fingerprints to unlock phones so the government could access potentially incriminating evidence believed to be stored there.
All “do,” no “talk.”
In contrast, courts have not forced individuals to reveal the passcodes used to secure their mobile devices. What gives? Albert Gidari, the director of privacy at Stanford Law School’s Center for Internet and Society, explains that the Fifth Amendment protects thoughts, not things: “Unlike disclosing passcodes, you are not compelled to speak or say what’s ‘in your mind’ to law enforcement,” Gidari said. “‘Put your finger here’ is not testimonial or self-incriminating.” For example, you can be compelled to provide the key to your heart, but no one can make you reveal what is in your heart.
Why chain the door when all the windows are open?
The fingerprint authentication platform is only as good as its gaps. The maker of one of the top mobile operating systems has stored fingerprints as unencrypted images in local storage. Fingerprint data stored by two cellphone companies was breached despite the use of TrustZone, an encryption platform created by mobile manufacturers. WhatsApp, which was mentioned in a previous blog, has also experienced data theft.
Studies reveal the ineffectiveness of security software provided to users by their data providers. The software is largely ineffective, because … PEOPLE DON’T DOWNLOAD IT! People shred their mail, but don’t download the platforms devised to protect their privacy if it’s formatted as data. The most common reasons people don’t download updates include: (1) suspicion that the updates are malware sent by hackers; (2) belief that the update won’t benefit them if they are otherwise satisfied with their current service; (3) lack of understanding that the updates provide security patches; and (4) expectation that the updates will take too long or will use too much memory. The authenticity of updates to your operating systems can be checked by visiting the app store, your manufacturer’s website or conducting an internet search to find information about update releases.
A critical flaw in fingerprint authentication is hiding in plain sight.
The convenience and high-tech sexiness of using fingerprint authentication on our phones has clouded our judgment regarding some of the most basic things we know about security. Fingerprints have a characteristic that is counter to a cornerstone of cyber-security — Fingerprints are immutable. If someone steals your password, you can change it. Quarterly mandatory password expirations illustrate the adage, the best password, is a new password. Heads would spin and roll in IT departments the world round if it were decreed that passwords will never be changed again.
And just like that, the floodgates are open.
A much touted advancement of fingerprint authentication is that no one can steal your fingerprint. That’s fine, but the image of your fingerprint can be stolen like any other image. The image of your fingerprint can give someone access to apps, browsers, photo albums, cloud files and online accounts, some of which may be secured by passwords cached in your phone history. Finally, does it make sense to have an expectation of privacy in our fingerprints? The legal answer is, no. Since we literally leave our fingerprints everywhere, maybe we should reconsider relying on them to secure our privacy. Our unspoken thoughts are inalienable property. Apparently, fingerprints are just keys.
Convenience is usually a good thing. Good things may not be safe. We each have to weigh whether the convenience of opening our phones with a finger to swipe instead of entering our PINs is worth the risk of losing our privacy.