PDA

View Full Version : Apple Retail Stores to Feature 'Touch ID' Demo App as Part of iPhone 5s Sales Push




MacRumors
Sep 16, 2013, 09:39 AM
http://images.macrumors.com/im/macrumorsthreadlogo.gif (http://www.macrumors.com/2013/09/16/apple-retail-stores-to-feature-touch-id-demo-app-as-part-of-iphone-5s-sales-push/)


http://images.macrumors.com/article-new/2013/09/touch_id-250x390.jpgAccording to an internal first look guide for use by Apple Retail Store employees (via 9to5Mac (http://9to5mac.com/2013/09/15/apple-stores-to-show-off-iphone-5s-touch-id-feature-using-demo-app/)), the company is planning to implement a Touch ID demo app within iPhone 5s demo units that will show customers the process of registering a fingerprint for on the device.

Specifically, the app will allow in-store customers to register a single fingerprint on the demo unit, compared to the five fingerprints that the actual device allows, and show that it has been recognized through the Home button. The demo will then ask the user to place a different finger on the sensor, showing how Touch ID can reject unrecognized fingerprints for security purposes.

Last week, an Apple spokesman shared additional (http://www.macrumors.com/2013/09/11/apple-offers-additional-details-on-touch-id-iphone-5s-wont-store-fingerprint-images/) details about Touch ID amid security concerns, noting that no images of fingerprints are stored on the device. The demoing of Touch ID on the iPhone 5s in Apple retail stores is part of the overall sales push of the iPhone 5s to customers, with the internal first look guide also suggesting quick demos of the 8 megapixel camera to customers along with the new features of iOS 7. The guide also suggests "key messages" that Apple Retail Store employees should relay to customers, which involve speaking about the 64-bit A7 processor, M7 coprocessor, longer battery life, and numerous other features along with promoting the Touch ID fingerprint sensor.

Apple is set to begin selling the new iPhone 5s (http://www.apple.com/iphone-5s/) and low-cost iPhone 5c (http://www.apple.com/iphone-5c/) in-store this Friday, September 20. The company began (http://www.macrumors.com/2013/09/13/iphone-5c-pre-orders-begin-in-10-countries/) taking pre-orders for the iPhone 5c in ten countries on September 13 with launch-day supplies generally holding up (http://www.front.macrumors.com/2013/09/13/iphone-5c-launch-day-supplies-generally-holding-up-well-as-pre-orders-begin/) well. Online orders for the iPhone 5s are set to begin (http://www.macrumors.com/2013/09/13/online-orders-for-iphone-5s-begin-at-1201-am-pacific-time-on-friday-september-20/) in the U.S. at 12:01 AM Pacific Time on the same day as in-store availability, with other countries seeing similar early-morning debuts local time.

http://images.macrumors.com/article-new/2013/09/iphone_5s_first_look.png

Article Link: Apple Retail Stores to Feature 'Touch ID' Demo App as Part of iPhone 5s Sales Push (http://www.macrumors.com/2013/09/16/apple-retail-stores-to-feature-touch-id-demo-app-as-part-of-iphone-5s-sales-push/)



musika
Sep 16, 2013, 09:40 AM
It'll be interesting to see how they demo this to people. Even if they have special demo software written, will employees really walk customers through the demo? I wonder how they'll nudge potential customers into playing with the new feature.

Michaelgtrusa
Sep 16, 2013, 09:40 AM
They will have long lines.

troop231
Sep 16, 2013, 09:41 AM
Waiting for Adam Savage to fool the sensor :)

sammich
Sep 16, 2013, 09:55 AM
In before: 'the NSA is behind this'.

unplugme71
Sep 16, 2013, 09:56 AM
At the end of the year, the NASA will say they have collected 900+ million fingerprints and photos globally thanks to the support of Apple and the touch ID and front facetime camera.

Ventilatedbrain
Sep 16, 2013, 10:00 AM
At the end of the year, the NASA will say they have collected 900+ million fingerprints and photos globally thanks to the support of Apple and the touch ID and front facetime camera.

Then join Darren Hayes and sing "I will travel to the moon and back , if you'd be , if you'd be my babyyyy"

Lord Hamsa
Sep 16, 2013, 10:02 AM
They will have long lines.

Long, swirly lines.

unplugme71
Sep 16, 2013, 10:13 AM
Then join Darren Hayes and sing "I will travel to the moon and back , if you'd be , if you'd be my babyyyy"

you wouldn't want to hear me sing

Klae17
Sep 16, 2013, 10:18 AM
It'll be interesting to see how they demo this to people. Maybe they have special demo software written to run through the setup for people in the store.

Wait, isn't the article about a special program (the app) showing people about the fingerprint scanner?

Baytriple
Sep 16, 2013, 10:21 AM
At the end of the year, the NASA will say they have collected 900+ million fingerprints and photos globally thanks to the support of Apple and the touch ID and front facetime camera.

Really?? NASA now? I thought they were more into super novas!

Ballis
Sep 16, 2013, 10:27 AM
They should add this tech to mice and trackpads aswell as a way to log in/store passwords on osx

polterbyte
Sep 16, 2013, 10:29 AM
Waiting for Adam Savage to fool the sensor :)

I work with biometrics, and I can safely say it doesn't take the Mythbusters to do it.

In fact, I would bet lots of money that it won't even take a week for someone to publish a YouTube video showing how TouchID can be beaten by fake fingers.

And before someone asks, yes, I have beaten capacitive (as well as optical) fingerprint readers before.

musika
Sep 16, 2013, 10:54 AM
Wait, isn't the article about a special program (the app) showing people about the fingerprint scanner?

Yep. I'm just wondering how they'll convince people to stick around to see how it works.

The article shows how a retail employee should walk the customer through the use of the sensor, but in the many times that I've been in an Apple Store, I've rarely ever had an employee walk up to me to see if I needed anything.

rdlink
Sep 16, 2013, 11:05 AM
I work with biometrics, and I can safely say it doesn't take the Mythbusters to do it.

In fact, I would bet lots of money that it won't even take a week for someone to publish a YouTube video showing how TouchID can be beaten by fake fingers.

And before someone asks, yes, I have beaten capacitive (as well as optical) fingerprint readers before.

How much money you got? This could be my retirement plan...

NightFox
Sep 16, 2013, 11:05 AM
All of your fingerprints are belong to us

:cool::apple::cool:

Shade12
Sep 16, 2013, 11:05 AM
Useless feature for real 😩

mdelvecchio
Sep 16, 2013, 11:11 AM
in the many times that I've been in an Apple Store, I've rarely ever had an employee walk up to me to see if I needed anything.

odd, in the store in my area they always ask me if i need anything.

----------

Useless feature for real 😩

only if you dont have fingers.

me, i inputting an easily spied on PIN, or a time-consuming passcode, and a lengthy mixed-case Apple ID is an annoying process. anything that simplifies things for me adds value.

jayducharme
Sep 16, 2013, 11:15 AM
I work with biometrics, and I can safely say it doesn't take the Mythbusters to do it.

So how does it compare to cracking a regular passcode on an iPhone? I think the idea behind the fingerprint sensor is not to make it uncrackable, but to simply make it easier for more people to lock/unlock their iPhones (seeing as how about 1/2 of iPhone users currently don't use a passcode).

guzhogi
Sep 16, 2013, 11:24 AM
me, i inputting an easily spied on PIN, or a time-consuming passcode, and a lengthy mixed-case Apple ID is an annoying process. anything that simplifies things for me adds value.

I have a somewhat long, mixed case password on my iPad. Would save quite a bit of time for me. Just wish it and my laptop had a fingerprint sensor.

After the initial launch and long lines, I might go try it out. I'm an IT guy and I want to know how to do it before someone asks me about it.

bchery21
Sep 16, 2013, 11:28 AM
Cool - I was wondering how this feature would be practiced in the Apple stores...

charlituna
Sep 16, 2013, 11:50 AM
Wait, isn't the article about a special program (the app) showing people about the fingerprint scanner?

Yep. They have to do it this way or they would be restoring the phone several times a day cause someone would lock them out either by accident or for a laugh.

Same reason you can turn on restrictions etc on the demo phones.

polterbyte
Sep 16, 2013, 12:32 PM
So how does it compare to cracking a regular passcode on an iPhone? I think the idea behind the fingerprint sensor is not to make it uncrackable, but to simply make it easier for more people to lock/unlock their iPhones (seeing as how about 1/2 of iPhone users currently don't use a passcode).

It's definitely better than having no password, but I would venture it's not much more difficult (if more difficult at all) than cracking a 4 digit password. Of course I say this without having actually seen the device, so yes, it could be much more difficult, provided Apple has developed additional security measures not available to current capacitive readers.

Soon enough we'll find out, of course.

Oh, and I totally agree with you about making it easier for people to lock/unlock their phones.

ffmed124
Sep 16, 2013, 12:50 PM
So how does it compare to cracking a regular passcode on an iPhone? I think the idea behind the fingerprint sensor is not to make it uncrackable, but to simply make it easier for more people to lock/unlock their iPhones (seeing as how about 1/2 of iPhone users currently don't use a passcode).

I believe you are right with your analogy, seems some people are way over thinking the purpose for this sensor. For those that don't use a passcode (for what ever reason), it brings a fast and easy way to secure their phones (without having to enter a 4 digit number) from the average everyday person if they should leave or forget their device, not make the phone impossible to get into.

kdarling
Sep 16, 2013, 01:24 PM
I think we'll eventually see a rash of news stories about spouses / mistresses / siblings / roommates / spies unlocking someone's iPhone by using the owner's finger while they are sleeping.

Not to mention it'll almost certainly get used in TV detective shows... as well as on SNL.

Earendil
Sep 16, 2013, 01:25 PM
I work with biometrics, and I can safely say it doesn't take the Mythbusters to do it.

In fact, I would bet lots of money that it won't even take a week for someone to publish a YouTube video showing how TouchID can be beaten by fake fingers.

And before someone asks, yes, I have beaten capacitive (as well as optical) fingerprint readers before.

Crack it using access to the real finger? Or crack a random sensor without access? How about a video that shows the average street thief how to crack it with less than $5 in materials and before I can track their a$$ down using "Find My Phone" ? Remember, they only have 48 hours before the fingerprint expires, and in that time if they turn the device off the print also expires and reverts back to the pass code. What say you to that? I'm honestly curious.

polterbyte
Sep 16, 2013, 02:45 PM
Crack it using access to the real finger? Or crack a random sensor without access? How about a video that shows the average street thief how to crack it with less than $5 in materials and before I can track their a$$ down using "Find My Phone" ? Remember, they only have 48 hours before the fingerprint expires, and in that time if they turn the device off the print also expires and reverts back to the pass code. What say you to that? I'm honestly curious.

You would be right, of course, assuming the phone was stolen <<before>> the thief stole the password. And in that case, for purposes of protecting the phone, TouchID is quite adequate. In that sense, the 48 hours expiration time / immediate expiration upon turning off / Find my iPhone combination seem like a sensible set of countermeasures. I didn't know about these expiration conditions, by the way, so thanks for the info.

The problem is, I suspect, that thieves will be looking at this from the angle not of stealing the phone, but of using the phone as a means to purchase stuff and get the victim to foot the bill. Quite tricky to do this right now, but as Apple opens the possibility of other businesses to using this authentication system, this possibility has to be considered. In such case, the course of action would be to steal the fingerprint in advance (and YES, it does take less than US$5 in material to do it), and then to steal the phone. With the phone and a working fake finger, it would take only a couple of minutes to perpetrate the crime. If the thief then destroys the phone, it could be days before the victim realizes the real theft.

Thanks for being curious. That has always been the best way to solve problems, by Einstein's rationale. In my experience, that's totally applicable to security questions as well.

notjustjay
Sep 16, 2013, 03:26 PM
It's definitely better than having no password, but I would venture it's not much more difficult (if more difficult at all) than cracking a 4 digit password. Of course I say this without having actually seen the device, so yes, it could be much more difficult, provided Apple has developed additional security measures not available to current capacitive readers.

Soon enough we'll find out, of course.

Oh, and I totally agree with you about making it easier for people to lock/unlock their phones.

Yeah, I see it as convenience and nothing more. Especially since, as we saw in the demo, you can simply fall back to the original passcode anyway. That means the fingerprint adds ZERO extra security since it is, in essence, optional. But that's OK, if we only care about convenience.

I'm not sure I would enable the fingerprint for buying stuff from iTunes though. While it is probably more secure than a 4-digit passcode, I venture that it could be less secure than my Apple ID password. And since my Apple ID could conceivably be used to buy all kinds of things, including entire Apple computers, I'd probably opt to continue using a strong password before allowing any purchases.

sulpfiction
Sep 16, 2013, 03:42 PM
At the end of the year, the NASA will say they have collected 900+ million fingerprints and photos globally thanks to the support of Apple and the touch ID and front facetime camera.

Mine will be the first finger prints on Mars!:rolleyes:

Earendil
Sep 16, 2013, 03:44 PM
Yeah, I see it as convenience and nothing more. Especially since, as we saw in the demo, you can simply fall back to the original passcode anyway. That means the fingerprint adds ZERO extra security since it is, in essence, optional. But that's OK, if we only care about convenience.

You are quite right. However, convenience should not be discounted when using security, as inconvenient security tends to either be worked around, or not used at all.

Two examples:

Anyone who didn't have a password at all now using the scanner. The fallback is a password, yes, but they'd rarely if ever have to enter it.
Anyone who has a weak password could move to having a strong password, as they would rarely have to enter it. Heck it could be a 128 password that is written on a piece of paper and stored at home.


The slightly less measurable form of security is one can safely unlock their phone in public without being concerned with someone observing their password. The other day I was on a bus and watched a guy use a 4 digit code to unlock his phone. I know what that passcode is now. If he had used his thumb that would be unhelpful, except that I'd know I needed his thumb.

And of course, if the finger print scanner is determined to be less secure moving forward than a password, one can simply turn the feature back off and revert to their old ways until such time as it becomes more secure.

But yes, adding a second door with a different lock to a system can only make a system less secure, not more :)

polterbyte
Sep 16, 2013, 04:00 PM
I'm not sure I would enable the fingerprint for buying stuff from iTunes though. While it is probably more secure than a 4-digit passcode, I venture that it could be less secure than my Apple ID password. And since my Apple ID could conceivably be used to buy all kinds of things, including entire Apple computers, I'd probably opt to continue using a strong password before allowing any purchases.

That sort of theft--buying stuff in the phone owner's name--is precisely what I believe to be the real threat, and also what I tried to convey in the post above yours.

sulpfiction
Sep 16, 2013, 04:48 PM
You would be right, of course, assuming the phone was stolen <<before>> the thief stole the password. And in that case, for purposes of protecting the phone, TouchID is quite adequate. In that sense, the 48 hours expiration time / immediate expiration upon turning off / Find my iPhone combination seem like a sensible set of countermeasures. I didn't know about these expiration conditions, by the way, so thanks for the info.

The problem is, I suspect, that thieves will be looking at this from the angle not of stealing the phone, but of using the phone as a means to purchase stuff and get the victim to foot the bill. Quite tricky to do this right now, but as Apple opens the possibility of other businesses to using this authentication system, this possibility has to be considered. In such case, the course of action would be to steal the fingerprint in advance (and YES, it does take less than US$5 in material to do it), and then to steal the phone. With the phone and a working fake finger, it would take only a couple of minutes to perpetrate the crime. If the thief then destroys the phone, it could be days before the victim realizes the real theft.

Thanks for being curious. That has always been the best way to solve problems, by Einstein's rationale. In my experience, that's totally applicable to security questions as well.

I honestly can't see this being any more of a threat then someone stealing your credit card. In fact I think it's much more secure then carrying cards. In your example the thief has to aquire my fingerprint...A clean print...and then he has to make sure that the print is from the finger I use to authorize purchases. Then he has to take that print and create a fake finger. And even if it cost only $5 in materials, the theif still has to actually make it. Which I'm sure requires at least a little know-how. No?

I'm not worried about it at all. I think that the iPhone 5S will be the phone that really gets the (secure) biometerics ball rolling. And as with any security technology..As it gets better and better, the theives get better and better right along with it. Just the way it goes.

polterbyte
Sep 16, 2013, 06:11 PM
I honestly can't see this being any more of a threat then someone stealing your credit card. In fact I think it's much more secure then carrying cards. In your example the thief has to aquire my fingerprint...A clean print...and then he has to make sure that the print is from the finger I use to authorize purchases. Then he has to take that print and create a fake finger. And even if it cost only $5 in materials, the theif still has to actually make it. Which I'm sure requires at least a little know-how. No?

I'm not worried about it at all. I think that the iPhone 5S will be the phone that really gets the (secure) biometerics ball rolling. And as with any security technology..As it gets better and better, the theives get better and better right along with it. Just the way it goes.

One thing I've learned working in security: just as important the level of security offered by the provider/vendor is the perception of security derived by the user (yes, for different reasons, but still).

Is it a low threat? Yes, I believe so. But dismissing it off hand as negligible would be a mistake. Thinking about these threat, on the other hand, helps us to mitigate them, and--as you yourself pointed out--to make the technology more robust.

I also believe that Apple will set the standard and that biometrics will take a quantum leap from now on. Still, I believe this will be the case because fingerprints will become more of a high profile target from now on.

Just as "beating" Apple security will become a standard to be achieved by any hacker/cracker wannabee, from the iPhone 5s's first day on. Nit will be very rare for someone to actually perpetrate a purchase fraud, but that won't stop (and that was the point of my first post on the subject) dozens of kids to publish videos on how to make a fake finger that unlocks the phone.

Those videos will be useless per se, but they will be there. And we will be a step closer to overcoming the iPhone 5s security. Of course Apple will counter it. And so it goes.

Earendil
Sep 16, 2013, 07:16 PM
I'm not sure I would enable the fingerprint for buying stuff from iTunes though. While it is probably more secure than a 4-digit passcode, I venture that it could be less secure than my Apple ID password. And since my Apple ID could conceivably be used to buy all kinds of things, including entire Apple computers, I'd probably opt to continue using a strong password before allowing any purchases.

I suppose we'll have to see, but I don't imagine Apple is going to give people access to change your account settings without the strong written password. In which case, the most a thief could do is have it delivered to your door. In the mean time, you hopefully know your phone is stolen and will be getting an email stating your computer purchase is on its way. How dumb can a thief be to show up for that?

I honestly can't see this being any more of a threat then someone stealing your credit card.


The instance I can think of is if phones are easier to steal than wallets. My phone, not so much. In fact you'd have a far easier time sneaking something out of my back pocket than my front ;)

But I would like to see an argument for how current plans for biometrics on the iPhone is any less secure financially than a CC. An iPhone unless used in a faraday cage or similar is going to be trackable the entire time the thief uses it to make purchases they have to show up to your house to claim. At least with a CC I can go buy myself some gas and a hot meal and just "sign" my name at the bottom.


Is it a low threat? Yes, I believe so. But dismissing it off hand as negligible would be a mistake. Thinking about these threat, on the other hand, helps us to mitigate them, and--as you yourself pointed out--to make the technology more robust.

Agreed. There is also a danger in getting caught up worrying about a minor threat, when there is a larger one to deal with. Right now the media would have people believe the fingerprint scanner is the end of all Apple security. I think it will personally make my phone more secure by removing the need to publicly enter my password every time I use my phone.

macs4nw
Sep 16, 2013, 09:21 PM
Then join Darren Hayes and sing "I will travel to the moon and back , if you'd be , if you'd be my babyyyy"

A subtle, yet hilarious way to poke fun at a little mistake. unplugme71 must have clued in by now.

At the end of the year, the NASA will say they have collected 900+ million fingerprints and photos globally thanks to the support of Apple and the touch ID and front facetime camera.

Klae17
Sep 17, 2013, 05:18 AM
Yep. I'm just wondering how they'll convince people to stick around to see how it works.

The article shows how a retail employee should walk the customer through the use of the sensor, but in the many times that I've been in an Apple Store, I've rarely ever had an employee walk up to me to see if I needed anything.

I have the opposite. They keep bugging me! I don't need any help, much less 3 employees coming up to me, LOL. And they rarely know the minute details about the computers they sell.

unplugme71
Sep 17, 2013, 08:20 AM
You are quite right. However, convenience should not be discounted when using security, as inconvenient security tends to either be worked around, or not used at all.

Two examples:

Anyone who didn't have a password at all now using the scanner. The fallback is a password, yes, but they'd rarely if ever have to enter it.
Anyone who has a weak password could move to having a strong password, as they would rarely have to enter it. Heck it could be a 128 password that is written on a piece of paper and stored at home.


The slightly less measurable form of security is one can safely unlock their phone in public without being concerned with someone observing their password. The other day I was on a bus and watched a guy use a 4 digit code to unlock his phone. I know what that passcode is now. If he had used his thumb that would be unhelpful, except that I'd know I needed his thumb.

And of course, if the finger print scanner is determined to be less secure moving forward than a password, one can simply turn the feature back off and revert to their old ways until such time as it becomes more secure.

But yes, adding a second door with a different lock to a system can only make a system less secure, not more :)

I would say adding a second lock on the same door that unlocks both makes it less secure, not more.

polterbyte
Sep 23, 2013, 12:13 PM
How much money you got? This could be my retirement plan...

Some retirement plan, indeed!

http://www.macrumors.com/2013/09/22/chaos-computer-club-bypasses-apples-touch-id-system/