The problem with biometrics and phones

TOPICS:

So, in a nutshell, here’s the problem. Your phone holds a lot of personal information. It’s your wallet, key, checkbook, and address book. You don’t want all that information falling into the wrong hands. And yet, people lose phones. They’re stolen. So what do we do? We lock our phones. And then we complain they’re too hard to unlock.

When passcodes were the thing

Putting a passcode on your phone is a pain. But it’s a pain we all went through together. There are a couple of ways you can do a passcode, and they’re all pretty bad.

Plain numeric passcodes are clumsy and take a long time to key in when you need the information. Some phones use pattern passcodes where you just draw a pattern on a series of dots. This can be faster but it’s harder to explain to people how to unlock your phone if you need them to.

Aside from being frustrating to do, these methods have problems. In cold weather, you may not be able to even use your phone without taking off a glove. It’s also way too easy for someone to spy on you from a distance and get that passcode (or pattern) without you knowing it. I mean really, who really hunches over their phone and hides it when trying to unlock it? Who has the time?

Fingerprint solutions are great but…

The next step was a biometric solution like Apple’s Touch ID. This uses a fingerprint reader to unlock the phone. With a fast enough phone, you barely notice that it’s happening.

There are, and always have been, two big problems with fingerprint identification. The first is that it’s not hackproof. Today’s systems are better than ones in the past, but it’s still possible to use a copy of a fingerprint to unlock some phones.

The other problem of course is that you can’t wear gloves. That’s a pretty big deal for about half the country, about half the year.

Face identification systems

Apple’s Face ID seemed like it was going to be the gold standard for biometric identification. It’s fast, it works if you’re wearing gloves, and it’s more secure than any other system (unless you’re Arya Stark or something like that.) And then, well, 2020 happened. Suddenly it became mandatory to cover up half your face. And without half your face, you can’t unlock your phone. Well you can, but you’re back to entering in a passcode with all the problems that entails.

Apple promises that a future update will let users unlock their phones while wearing a mask, provided that they are wearing an Apple Watch with its own passcode. I haven’t tried this but I’m told that once you get it set up it’s pretty seamless. Except, I’m not sure how that would stop someone from stealing both your phone and your watch and using them.

Where do we go from here?

The rumors have Apple developing a new phone with even more ways to unlock. Supposedly the next phone will let you interchangeably use your face, your finger, or your watch to unlock, as well as using the passcode method. Again I’m not sure that makes things more secure. However, compared to the insecurity of removing your mask or the frostbite caused by an ungloved hand, it’s… something.

I think the answer is coming, but we will not like it.

How long before Apple or Samsung offers you a way to unlock your phone using a chip implanted on your body? The chip could be put wherever you choose, so there would be some security. Like you couldn’t just knock someone out and then know that their phone would unlock by tapping it to their head. I don’t know how, but there could probably even be a way for you to disable the chip temporarily or permanently.

Personally I think that would be a security nightmare and raise all sorts of ethical concerns. But then I was the guy who was worried that there would be a run of people getting their fingers hacked off so that thieves could unlock their phones. That didn’t happen. But this still doesn’t sound like a comforting idea, even though it may be the only answer.

About the Author

Stuart Sweet
Stuart Sweet is the editor-in-chief of The Solid Signal Blog and a "master plumber" at Signal Group, LLC. He is the author of over 10,000 articles and longform tutorials including many posted here. Reach him by clicking on "Contact the Editor" at the bottom of this page.