Skip to content

TouchID legally less secure than a PIN or password

While in most countries suspects cannot be forced to give up their passwords in order to give law enforcement access to data that could be used to indict themselves, it appears to be perfectly legal to force people to use biometric data to unlock said devices, Appleinsider reports

In a select number of cases, authorities have been able to compel courts to force criminal suspects to unlock their Touch ID-equipped iPhone using their fingerprint. That security bypass is likely to continue, legal experts say, because capturing someone’s fingerprint is a well-established practice in investigations.

So it appears that a fingerprint is doubly a bad choice for biometric device protection. Also, no phone so far has options to define a distress finger which can be used instead of the regular unlock finger, and which would destroy the data on the device instead of unlocking the device.

Published inComputer ScienceHackerterrorcybercyber

3 Comments

  1. Jörn

    Ein Fingerabdruck ist ja auch der Benutzername, nicht das Passwort.

  2. Alphager

    A distress finger that destroys evidence could land you in jail; every legal system I know of has separate laws against it.

  3. Björn

    Besides the fact that probably every current mobile OS would run the “out of the box” wizard, what evidence is there that you destroyed something? Also, if you forgot your password under stress, your phone could be setup to reset/destroy the encryption keys after X failed attempts. And that would be legal while using the ‘wrong’ finger would be illegitimate?

    I don’t get the difference. But I ain’t a lawyer.

Leave a Reply

Your email address will not be published. Required fields are marked *