touch_id_icon1_w400_compr

To Touch-ID or not to Touch-ID

Posted on Posted in Technology

So you’re wondering whether it’s OK to use it or not, am I right?

I will be covering the Apple Touch ID feature here. Can’t tell you much about Android, but after you read this here, you may research more on your device’s fingerprint sensor funtions.

So here’s the thing:

  1. Your fingerprint is usually *not* your private, intimate, personal, secret information. (Once you’re arrested many jurisdictions have a right to ask for your personal credentials and for your fingerprint)
  2. Most probably you don’t wipe everything well after you touch it. Your fingerprints are usually all around, at your office, house, car – in elevators you travel with.
  3. One good news: It’s true, Apple really does *not* have access to your fingerprint data. It doesn’t leave your phone. Neither do installed Apps have access to it.
  4. iOS devices with activated Touch-ID do use device encryption and without the access code or the fingerprint can’t be decrypted. (Remember weak point: iCloud and other Sync-Tools… Intentionally synced and uploaded data wouldn’t remain encrypted obviously.)
  5. There is one little known security measurement to minimize the fingerprint Touch-ID use security downsides:

Whenever you need to give your phone to a burglar threatening you or to a government official who seizes it from you – SWITCH THE PHONE OFF. Or make sure it runs out of power before anybody can initiate fingerprint-attacks or connect a charger to keep the phone powered on to conduct such at a later time.

iOS devices require the passcode to be entered through the keypad on power-up and your fingerprint wouldn’t unlock them.

Practice switching off your phone! Many users did never switch off their smartphone since they bought it.

 

Remain the risks of “unintended loss” or “unattended stealing” of your phone. Which for somebody might be a higher risk then the variants where you have the chance to power it down.

SecTel.io calls can’t be accessed by getting access to your phone, but in case of jailbroken or Android phones one could install a malware to your phone to intercept the audio before we encrypt it. So tampered with phones are unsecure for use, but I guess that was clear to you.

What can be accessed if access to your phone is gained is:

  • The fact you have SecTel.io installed on your phone
  • The not erased call history data from inside this App (you may want to erase periodically)
  • SecTel Messages inside the App (again, delete them once you’re done with the given chat)

 

The decision is yours!

Leave a Reply

Your email address will not be published. Required fields are marked *