Apple's Touch ID: genuinely useful or passing gimmick?

Thumbs up for Apple's Touch ID
Has Apple opened the door to dystopian horror where people's thumbs are hacked off by criminals? Probably not

Seconds after Apple's 2013 iPhone event ended the inevitable chorus of doom-mongering began. High-velocity complaints and entitlement missiles were fired at millions of eyes, with payloads of "no surprises *sadface*" and "Apple didn't add NFC/a six-inch display/my random tech fantasy hardly anyone else cares about" (delete as applicable).

Instead, they bellowed, all we got was a blingphone with a fingerprint sensor! Imagine!

Leaving aside Apple's newfound infatuation with 'gold' (which could be a smart move in upping the iPhone's appeal in the likes of China and India), idly waving away the fingerprint sensor as a trifling distraction is the preserve of someone who doesn't get Apple, how the company approaches technology, and also how typical consumers approach digital security.

Horror stories abound regarding passwords, with security companies regularly revealing the top-spot goes to 'password', the runner-up often being the imaginative '12345678'.

Apple forces a more complex mix of characters for your Apple ID password, but you can be sure most people use the simplest, easiest-to-remember combinations.

Additionally, although anyone can set a four-digit passcode to block unwanted access to an iOS device, not everyone does. Constantly tapping it in when unlocking a device is deemed a hassle - people have enough codes to remember in their lives without adding another.

Invisible authorisation

A fingerprint makes authorisation interactions almost invisible. Apple's Touch ID system therefore showcases the company's focus on user experience over technological fads, and that it cares more about systems that will get immediate widespread adoption than merely being 'cutting edge' in some manner that might make a select group of techies excited.

A fingerprint makes authorisation interactions almost invisible

With a little thought, it's easy to see why Apple would prioritise Touch ID over the likes of, say, NFC. The latter is gaining ground but remains somewhat niche, whereas the former can make every iPhone 5S more secure, with very little effort on the part of the user.

Beyond merely unlocking an iPhone 5s or buying apps more rapidly, Apple also talks about enrolling multiple fingerprints, to cater for "the people you trust".

It's therefore a small, logical step towards user-friendly multiple accounts on iOS or, at the very least, a system where someone can use their device however they like and also be sure their young child only gets suitable content when they unlock it with their own digit. (In the meantime, kids won't be able to sneakily unlock a device they shouldn't have access to, unless they somehow clone their parent's hand and keep it alive in a jar under the bed. We imagine such mini-maniacs/geniuses can probably figure out ways of getting their own iPads, though.)

Extrapolate logically into the near future, and the sensor won't be solely an iPhone 5s thing, but present across Apple's entire line. Combined with the iCloud Keychain, this could bring a mightily powerful usable personal security layer to Apple's entire range.

Questions and concerns

There are, of course, obvious questions relating to Touch ID technology. Beyond whether it'll actually work in the wild (you can almost hear the 'fingerprintgate' engine revving up), there are security and privacy implications.

Apple states the data is stored in encrypted fashion on the A7 chip and is never sent to iCloud. Also, as explained in depth by Rich Mogull on TidBITs, the system Apple uses "can't be faked out with a photocopy of a fingerprint".

It also, says Mogull, in reality stores a 'template' of your fingerprint; this means a stolen or hacked device contains an abstraction of your most important identifier, not a direct copy of the real thing.

People are wary of large corporations and promises they make regarding private data

In a post-Snowden world, though, people are very wary of large corporations and any promises they make regarding private data. On Twitter, author and technologist Suw Charman-Anderson remarked: "You only have one set of fingerprints. You have to look after them."

Similar sentiments have been expressed quite widely by people concerned about 'giving up' their fingerprints to the Cupertino machine, or even the broader normalisation of fingerprint ID should Apple itself be entirely above board.

But this still ignores the context surrounding user experience, personal security and human nature. Give someone a reliable fingerprint sensor and they'll likely use it and possibly even enjoy it. "It's just like Star Trek!"

Task them with defining complex passwords and activating pass codes and they'll probably get bored, confused, or just have another game of Angry Birds, leaving their devices, data and accounts less secure.