There are several good thoughts in this post:

    One easy improvement: Make it "real two factor" by allowing users to
    require a PIN/Password in addition to the fingerprint. Could they
    have done better then a fingerprint? There are a few different
    common biometric sensors: Facial recognition, Fingerprint,
    Weight/Height, retina scans and iris scans. Fingerprints are
    probably best considering the price of the sensor and the difficulty
    to acquire the data.

    Finally: There is probably one real big vulnerability here. A stolen
    iPhone is likely covered in the user's fingerprints. It shouldn't be
    too hard for an attacker to lift a finger print off the phone itself
    to bypass the sensor.

  via [1]ISC Diary | In Defense of Biometrics.

  I hope that Apple offers more details about how the fingerprint reader
  works. The technology exists to deal with the latent fingerprint issue.
  Many corporations will want true two-factor before relying on the
  iPhone's biometrics in the enterprise.

  If this is strong & robust authentication I hope Apple makes it
  available to other manufacturers as an open standard.
    __________________________________________________________________

  My original entry is here: [2]ISC Diary | In Defense of Biometrics. It
  posted Thu, 12 Sep 2013 16:00:06 +0000.
  Filed under: technology, InfoSec,

References

  1. https://isc.sans.edu/diary/In+Defense+of+Biometrics/16553
  2. https://www.prjorgensen.com/2013/09/12/isc-diary-in-defense-of-biometrics/

You are viewing proxied material from sdf.org. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.