The firm's chief technology officer Michael Fey criticised the Apple iPhone 5S Touch ID fingerprint scanner, claiming the phone maker failed to take advantage of the potential security benefits of biometric technology, during a press keynote attended by V3.
"We can do so much more with biometrics than just attaching it to a password. Dealing with identity is about protecting your identity and privacy, and using that to make it safer traveling within an environment. It's not just about replacing your password with one of your biometrics," he said.
"Your phone has the capability to know who you are, where you are, where you were yesterday, what's your user habit, what you look like, how you sound. All of these things can be used to ensure that you control your identity online and your passage through that environment."
Apple lists the Touch ID scanner as a key selling point for the 5S. It is designed to make the iPhone more appropriate for business use, offering a further layer of protection against potential data breaches if devices are lost or stolen. The fingerprint scanner works by scanning the sub-epidermal skin layers of the person holding the iPhone to verify their identity before unlocking.
Biometric authentication is a hot topic in the security community, with many end users feeling uncomfortable with the amount of user data the practice requires to work. These concerns reached new heights earlier this year with the PRISM scandal. The scandal broke when whistleblower Edward Snowden leaked documents to the press proving that the NSA is gathering vast amounts of user data from technology companies.
Fey moved to address these concerns, arguing: "The conversation about identity is driven by these concerns, it's about letting the user own their identity and keep their data private. We're in complete alignment over the concerns about the behaviour that's been in play. If you look at the people that are using identity – the Googles, the Facebooks – they're turning these people into a product. If you use something like Facebook you become a product and you have to be happy being schlepped out as a product," he said.
"We believe there is a big proportion of people out there not happy to have their identity put out there in that format. Those are the people we want to extend our trusted relationship to now and say we get the need for biometrics, they're wonderful for identifying who you are, but let's use them in a way that [means] you stay personal."
The McAfee chief added that, even if correctly implemented, biometrics alone aren't sufficient to fully secure users' data. He said to fully secure devices manufacturers will have to begin building them with security in mind from the start. Fey added the firm has already begun working towards this goal, partnering with parent company Intel to create new security chips and components.
Fey is one of many security professionals to call for smart device makers to place more importance on security. Experts from Europol, Trend Micro and the International Cyber Security Protection Alliance (ICSPA) warned that hackers will begin causing real-world harm if manufacturers do not increase their focus on security.
No comments:
Post a Comment