Are Embedded Fingerprint Sensors Really the Future of Smartphone Security?

iPhone 8 fingerprint sensor Touch ID

Embedded fingerprint sensors, or under-display fingerprint sensors, are the new black for smartphone security. While Apple has reportedly cracked that engineering problem on the upcoming iPhone 8, other players like Qualcomm, in collaboration with Synaptics, seem to have broken some ground as well. Vivo has just demoed Qualcomm’s first under-display fingerprint scanning technology in action, and the tech itself deserves a second look.

A recent Engadget report titled “Vivo beats Apple to an under-display fingerprint scanner” shows the Chinese smartphone maker using Qualcomm-Synaptics technology on a prototype at a trade show in Shanghai. The first report came out a day earlier from Mashable.

But they couldn’t possibly have beaten Apple to the punch.

Apple has been working on this for quite some time now, and several weeks ago, the media received information that Apple’s partner TSMC had overcome the technical challenges and was taking this feature to production on iPhone 8. Just because Apple hasn’t showcased it yet doesn’t mean they’ve lost the race, though.

That aside, this is a very interesting technology. It’s one thing to have a scanner right under the glass, but putting it under the display (which is below the glass) is no mean engineering feat. Samsung tried it and failed, which is why their fingerprint scanners are on the back panel for the current Galaxy S8 and S8+, as well as the upcoming Galaxy Note 8.

Of note is the fact that Qualcomm’s technology isn’t as advanced as most of us would like. According to Engadget’s Richard Lai:

“I found the fingerprint recognition speed to be noticeably slower — about one second between first touch and entering home screen — than the near-instantaneous unlock that I’m used to on most recent smartphones.”

A one-second can be a lifetime in the eyes of a smartphone user. The real challenge seems to be around getting the same kind of responsiveness when you have more than a millimeter of thickness between the finger and the scanner, as opposed to the finger being placed directly on the scanner.

Does This Solve the Larger Problem of Smartphone Security?

But that’s not the only challenge: any such system needs to be accurate enough to authenticate a user, but also flexible enough to recognize wet or dirty fingers, scratched skin and other irregularities on an otherwise normal finger.

According to John Michener, a 30-year veteran of biometrics and a professor at Michigan State University:

“Biometrics, ideally, are good. In practice not so much.”

The problem is, anyone can get your fingerprint off a soda can or a door knob. And once that piece of data is available, a hacker – albeit only a good one – with determination only needs to replicate that to get into your device. In fact, they can probably take your fingerprint right off the device itself! Did you know that the oleophobic coating that is  on your phone’s front glass that is supposed to be finger-print resistant wears off after a while?

So, now you have all these variables that make you ask yourself a critical question: is fingerprint scanning really the future of smartphone security?

The answer would necessarily have to be ‘No’. As long as the security key can be obtained by a third party, nothing is secure. In this case, the key is your fingerprint.

At best, fingerprint scanning can be one element in a suite of biometric methodologies that can make breaking in extremely difficult. But on the flip side, no smartphone user is going to want to go through a gauntlet of biometric security measures just to get at their phone each time.

And that’s where passwords and passcodes still come out superior to any other form of security we have today – mobile or otherwise. When used properly, these can be the most secure measures possible. it’s because they’re not physical objects – they are concepts that can be typed in, and the permutations are just mathematically impossible to decipher; again, “when used properly.”

The best security your smartphone can have is a unique and complex passcode or password. Something that’s not written down but committed to memory. Here’s an interesting article on easy-to-remember but hard-to-crack passwords.

New Idea for Password Security, Protect Yourself Online from Hackers

In summary, no matter how many different types of biometrics we try to deploy on our devices, the humble password trumps them all. That includes fingerprint scanning (on-surface or under-display), facial or 3D facial recognition, voice recognition, iris recognition and many such methods.

The question now is: is it worth the effort developing technologies like under-display fingerprint scanning when they can be highly unreliable, exhibit high latency and be duplicated by hackers?

Smartphone makers seem to think so, but as a user, you have to know your options and exercise your judgment because, at the end of the day, it’s your device and your data. You need to ask yourself this: would you rather trust a high-tech solution that can be compromised, or a low-tech but highly reliable method like a tough password?

Again, I urge you the read that article I linked above because it could be an eye-opener.

Thanks for visiting! Would you do us a favor? If you think it’s worth a few seconds, please like our Facebook page and follow us on TwitterIt would mean a lot to us. Thank you.

Sources: The Verge, Inverse