Apple to Buy Mobile Security Company AuthenTec for $356 Million

[Mad-B-One]

Actually, I thought it was stupid for the reason that what happens in movies usually does not represent real life. HOWEVER, your reasoning is actually incorrect. An amputated digit can survive for up to 30 hours if kept cold, 5 hours if still warm, and can successfully be reattached. Even John Wayne Bobbit was able to have his penis reattached after his wife cut it off in a crazy fit of rage. See Medscape's article on Replantation Treatment & Management for confirmation of what I'm saying.

Soooo, maybe not so stupid after all. Just saying....

That might be true about how long you can put it back on, but: We are not talking about decomposition times of tissue. We talk about a finger being scannable as biometric key. For this to work, it would probably require that the thief uses some warm blood in a bag pumping it though the finger though (and keeping up the right preasure). Otherwise, you won't have blood vesels giving you the same image. Also, no boold support would cause the tissue to shrink and deform (much like after you took a long swim or bath) distorting the tissue scan.

Well, I guess alternatively, if it is you monocygotic twin you steal the finger from, you can replace your own with it.

 

[naveah]

Apple may have worked out a deal to include biometric chips in their phones before they acquired the company. So, it may be possible that the iPhone 5, due out in October, will have this technology built in.

I believe that Apple will also build these chips into their glass trackpads on MacBook Pro systems, as well as Magic Trackpads that are used on iMac and Mac Pro desktop systems, so that users can perform multitouch gestures to log into their computers. Very cool stuff.

Let's hope it's already being included with the next iPhone. And very cool stuff, indeed. A lot of Wall Street analysts are saying that this iPhone is make-or-break for Apple--if it brings revolutionary features and succeeds Apple's stock will soar to levels that make $600 seem small. If the next iPhone isn't great, Apple's stock will take a huge hit. I think if they can crack NFC on the next iPhone, the next iPhone will be one incredible piece of technology. It looks like this technology would be a major component in Apple's NFC approach.

 

[newyorksole]

Do you guys think this has any chance of making it into the 2012 iPhone? Usually, it takes Apple some time to assimilate their acquisitions into their products (e.g., the maps companies or Siri). Maybe the 2013 iPhone?

maybe Apple bought them a while ago. it would make sense to have this technology with the whole Passbook thing.

 

[outaru]

I'm sure AuthenTec has patents on their technology. Patents are the golden goose.

Mark

I definitely agree with this.

If we look closely at one of AuthenTec's sensor the AES2750, several feature includes.

• Hybrid, on-chip matching (confirming match with host processor)
• Encrypted SPI system interface
• On-chip encryption of enrolled fingerprint templates and user credentials
• Adaptive, low-power fingerprint imaging
• Durable TouchStone™ II package technology
• Beveled package contour supporting in-glass integration options
• Ultra-hard surface coating offers >9H scratch hardness for >10 million rubs
• Expanded sensing width for multi-network biometric device requirements
• On-chip touch navigation
• Supports OAuth open standard for authorization, secure NFC, and OTP protocols

Apple could just buy these sensors from Authentec. However, they are after the technology/patent within these sensors which will allow them to place a discreet fingerprint scanner underneath the iPhone front glass.

source

 

[ArtOfWarfare]

Well, on the one hand, I absolutely hate every finger scanner I've ever previously used, but on the other hand, I hated every phone prior to the iPhone.

Apple has a tendency to take old, crappy technology and make it so great that it makes every other tech company look retarded. It's like, why couldn't they do it?

The answer comes down to price. They think that it's okay to have something that's half baked if they can keep the cost low.

Then again, there's another simple thing that makes you wonder, why can't any other company do it? Is it really so difficult to not release every product your R&D comes up with before it's ready?

 

[skunnykart]

Note that Apple has made relatively few acquisitions, so it is unlikely to be a patent grab.

You've mentioned quite a few just in your post alone!
If Apple wants to just use the tech they can do so by paying a fee like so many companies (including Samsung) have and are doing. But buying out the whole joint? Smells like a patent grab to me.

 

[Mak47]

One major problem in the technology world today is passwords. Every website has one, Every web service has one, companies you do business with may require you to remember multiple...the list is ongoing.

A lot of valuable information is tied to your passwords. While it is important to keep them secure, to keep out thieves, it is also necessary to keep track of them ourselves--lest we forget them and inadvertently lock ourselves out of our own data.

For the non-tech savvy user, this is a real issue. They forget passwords all the time, especially those that aren't used very often.

What would make this a big move for the future is if it's not just used for an e-wallet, but to revolutionize digital security as a whole.

It sounds like this company has the technology for the hardware. A scanner that can be placed under an already existing touch sensitive surface, i.e. an iPhone display or Mac trackpad. This means no extra hardware to maintain or ruin external designs.

What is needed is software that ties it together with your digital life. We already see iCloud saving and syncing passwords and tying them to your individual ID. The next step is for that to go a step further and sync them reliably to all of your devices.

The following step is to add software that allows the user to command iCloud to update and manage their passwords and user ID's for their various accounts. This would require some agreement on security standards for third party access, but if Mint.com can access my bank account information I'm sure there's a way this can get accomplished.

Once this is in place, biometric authentication will make a ton of sense. Your biometric data will authenticate you on your device. Not just fingerprints, but voice print data too, using Siri. For simple transactions like logging into Facebook your existing fingerprint could suffice, but for more consequential things like accessing a bank account or updating security information you could be required to speak a random phrase that analyzes your voice.

All of this data could be stored in your iCloud account, which would be able to manage your login info and other credentials. Now, you could simply ask Siri to "Update My Security Info" and a command could be sent to all on file accounts to update your passwords with randomly generated keys.

Are there privacy and security concerns? Absolutely, but this is why I'm happy a company that makes it's profits by selling things to users is getting into it, instead of a company that makes profit by selling it's users' information.

 

[fredsherbet]

How about using it to distinguish between different fingers touching the screen?

Would be great for multiplayer.

Also, would be good for swipe-to-unlock loading different user profiles on a shared iPad.

 

[sorryiwasdreami]

I want nothing to do with this or any technology that attempts to unify my flesh and blood living soul body with a fictitious nonliving [dead] entity such as a corporation or corporate account.

This sounds like a step in conditioning us for the upcoming RFID chip that supposedly will be embedded in our skin containing our "identity" as well as bank accounts and everything else. This is about 1-2 steps removed from that technology. Conceptually, it's very close. Cell phones were the beginning; it took a long time for cell phone adaptation to occur but now nearly everyone carries one. And knowingly or not, they are also carrying a tracking device. Same with passports.

We are meant to be (and destined to be) separate from the corporation. However, we have been lead to believe we are one in the same. For example, we are lead to believe we are identified by the social security number assigned to us. However, if you flip the card over you will find that it is not to be used as identification. However, for identification in the fictitious world of commerce, we need nothing more than this number which everyone already has been given at birth, and a name an address. So that if we choose to do so, we may act as the authorized representative of that number in order to buy and sell in that fictitious world of commerce.

What the fingerprint scanner seems to promise is a forfeiting of natural rights to say and be who we truly are (which is not that number or name and address in all caps attached to ANY account), for the perceived benefits and privileges mentioned herein this thread. We don't need our thumbprint attached to any account for verification of our identity. We are already who we are. We are the ones who created these artificial systems, which puts us above them in the first place. We should be the ones asking for identification.

We need to realize the path we are on with our acceptance and our demand of these technologies. We are not synonymous with these accounts or numbers we have been assigned. Accepting (and demanding) that we are by consenting to use our flesh is foolish, naive and unfortunate, since all those accounts are owned by corporations, not by us. And so will be our fingerprint and that which is attached to it.

 

[boronathan]

I want nothing to do with this or any technology that attempts to unify my flesh and blood living soul body with a fictitious nonliving [dead] entity such as a corporation or corporate account.

This sounds like a step in conditioning us for the upcoming RFID chip that supposedly will be embedded in our skin containing our "identity" as well as bank accounts and everything else. This is about 1-2 steps removed from that technology. Conceptually, it's very close. Cell phones were the beginning; it took a long time for cell phone adaptation to occur but now nearly everyone carries one. And knowingly or not, they are also carrying a tracking device. Same with passports.

We are meant to be (and destined to be) separate from the corporation. However, we have been lead to believe we are one in the same. For example, we are lead to believe we are identified by the social security number assigned to us. However, if you flip the card over you will find that it is not to be used as identification. However, for identification in the fictitious world of commerce, we need nothing more than this number which everyone already has been given at birth, and a name an address. So that if we choose to do so, we may act as the authorized representative of that number in order to buy and sell in that fictitious world of commerce.

What the fingerprint scanner seems to promise is a forfeiting of natural rights to say and be who we truly are (which is not that number or name and address in all caps attached to ANY account), for the perceived benefits and privileges mentioned herein this thread. We don't need our thumbprint attached to any account for verification of our identity. We are already who we are. We are the ones who created these artificial systems, which puts us above them in the first place. We should be the ones asking for identification.

We need to realize the path we are on with our acceptance and our demand of these technologies. We are not synonymous with these accounts or numbers we have been assigned. Accepting (and demanding) that we are by consenting to use our flesh is foolish, naive and unfortunate, since all those accounts are owned by corporations, not by us. And so will be our fingerprint and that which is attached to it.

But isn't everyone is just a number?

 

[Powerbooky]

AuthenTec recently had announced a partnership with Samsung as their VPN Security provider.

Ah, if true this might fire up the great relationship Samsung already has with Apple.

 

[Hornhonker]

hmm...fingerprint security for iPhone? that would be cool.

Then it sends the info plus a DNA sample to a nearby Black Helicopter.

 

[tbrinkma]

Yes, this indeed sounds stupid because:

In other words: you cut off the finger and you cannot access at all. Not even the person you just made the 9-finger-guy/gal.


Same for your theories: This scanner does not scan the surface. Your gelatin finger won't open anything. The surface copy with dusting and tape not either.

Well, there is a way to get someone's money though: The good old pistol in the pocket behind him....

If any of that is true, it would A) be absolutely amazing and great news for the biometrics industry, and B) be news to me despite the fact that I try to keep up on that sort of thing. Sadly, gelatin fingerprint copies which are warmed to skin temperature and slightly moistened are capable of defeating the *vast* majority of fingerprint scanners.

If you can provide a reference to the contrary, I'd be happy to hear of it (because it *would* help with the identification aspect of security, even if it still wouldn't be any good for the authentication aspect).

Unfortunately, though, I suspect you've bought into marketing claims from a manufacturer, and security researchers have already figured out how to get around the scanner. After all, that's what's happened so far for the entire lifetime of top-end 'unbreakable' biometric security devices.

And, yes, I'm actively asking for a citation if you have one because, like I said, the field is an interest of mine so I like to keep up on new developments.

 

[Mad-B-One]

If any of that is true, it would A) be absolutely amazing and great news for the biometrics industry, and B) be news to me despite the fact that I try to keep up on that sort of thing. Sadly, gelatin fingerprint copies which are warmed to skin temperature and slightly moistened are capable of defeating the *vast* majority of fingerprint scanners.

If you can provide a reference to the contrary, I'd be happy to hear of it (because it *would* help with the identification aspect of security, even if it still wouldn't be any good for the authentication aspect).

Unfortunately, though, I suspect you've bought into marketing claims from a manufacturer, and security researchers have already figured out how to get around the scanner. After all, that's what's happened so far for the entire lifetime of top-end 'unbreakable' biometric security devices.

And, yes, I'm actively asking for a citation if you have one because, like I said, the field is an interest of mine so I like to keep up on new developments.

Well, I just read the article, did you?

From their fact sheet, AuthenTec describes its technology:AuthenTec's "swipe sensors" is described to use sub-surface technology to read the live layer of skin beneath the skin's surface.

 

[danielsutton]

Then it sends the info plus a DNA sample to a nearby Black Helicopter.

LOL! Apple should hire you to design the ultimate biometric device!

would be cool if in addition to fingerprint scanners, the camera could perform iris scans of the eye, which are much more foolproof than fingerprint scans.

However, a fingerprint scanner does not only scan the ridges that make up the print, but also are sensitive to the electrical impulses that travel through the body. So the gelatin finger would not be able to fool the scanner.

 

[tbrinkma]

Well, I just read the article, did you?

Yes, I read the article. I don't, however, take manufacturers' claims at face value. Many fingerprint scanners have been advertised/described in similar terms by their makers. So far all of them that I'm aware of have fallen to *decidedly* low-tech countermeasures (as I've described before).

I thought I was pretty clear about wanting a *citation*, not an unsupported marketing claim. Maybe not.

 

[Mad-B-One]

Yes, I read the article. I don't, however, take manufacturers' claims at face value. Many fingerprint scanners have been advertised/described in similar terms by their makers. So far all of them that I'm aware of have fallen to *decidedly* low-tech countermeasures (as I've described before).

I thought I was pretty clear about wanting a *citation*, not an unsupported marketing claim. Maybe not.

I thought this is a rumors forum. I doubt you can get the internal documents and code to see how it exactly works. However, I have one of their scanners right in front of me on my tablet/laptop hybrid. It's not the red light scanner you probably referring to. All you see is a golden strip, so no optical sensor. Now, if it doesn't work optically, it can only work with temerature (not likely) or current/resistence (that would be life tissue, the one underneath the "print"). Now, I'm not an expert on this but if you use current/resistence, you basically rely on life cell structures underneath the dead outer layer of the skin and that would fit the "marketing claim." If they claim it and it's not true, that would also be false advertisement - and I doubt a company would base the whole existence on a lie and make a deal with Apple. Then again, I might be wrong.

 

[tbrinkma]

I thought this is a rumors forum. I doubt you can get the internal documents and code to see how it exactly works. However, I have one of their scanners right in front of me on my tablet/laptop hybrid. It's not the red light scanner you probably referring to. All you see is a golden strip, so no optical sensor. Now, if it doesn't work optically, it can only work with temerature (not likely) or current/resistence (that would be life tissue, the one underneath the "print"). Now, I'm not an expert on this but if you use current/resistence, you basically rely on life cell structures underneath the dead outer layer of the skin and that would fit the "marketing claim." If they claim it and it's not true, that would also be false advertisement - and I doubt a company would base the whole existence on a lie and make a deal with Apple. Then again, I might be wrong.

If it's a current/resistance mechanism, then it's in the same category as the ones which can be tricked with a moist (licked) gelatin copy. I'm not saying that it *can't* be something new which will be harder to fake, but the marketing copy looks awfully similar to what I've seen for other finger print readers which can be faked out using extremely low-tech methods. I'm talking methods that take all of about an hour to do once you've grabbed someone's fingerprint from one of the *many* surfaces they leave them on all the time.

Again, I'd be *thrilled* to find out that someone has actually 'solved' a biometric sensor solution to the degree that it actually takes a living finger to work, but dozens of companies have made that claim before, and been proven wrong time and again.

Also, you'll notice the marketing copy doesn't actually say it can't be defeated by these methods. (Note: Even if it couldn't, it would be unusual to see it in marketing copy, because it would immediately imply that all their prior-generation devices *could be*.)

----------

I thought this is a rumors forum. I doubt you can get the internal documents and code to see how it exactly works. However, I have one of their scanners right in front of me on my tablet/laptop hybrid. It's not the red light scanner you probably referring to. All you see is a golden strip, so no optical sensor. Now, if it doesn't work optically, it can only work with temerature (not likely) or current/resistence (that would be life tissue, the one underneath the "print"). Now, I'm not an expert on this but if you use current/resistence, you basically rely on life cell structures underneath the dead outer layer of the skin and that would fit the "marketing claim." If they claim it and it's not true, that would also be false advertisement - and I doubt a company would base the whole existence on a lie and make a deal with Apple. Then again, I might be wrong.

If it's a current/resistance mechanism, then it's in the same category as the ones which can be tricked with a moist, gelatin copy. I'm not saying that it *can't* be something new which will be harder to fake, but the marketing copy looks awfully similar to what I've seen for other finger print readers which can be faked out using extremely low-tech methods. I'm talking methods that take all of about an hour to do once you've grabbed someone's fingerprint from one of the *many* surfaces they leave them on all the time.

Again, I'd be *thrilled* to find out that someone has actually 'solved' a biometric sensor solution to the degree that it actually takes a living finger to work, but dozens of companies have made that claim before, and been proven wrong time and again.

Also, you'll notice the marketing copy doesn't actually say it can't be defeated by these methods. (Note: Even if it couldn't, it would be unusual to see it in marketing copy, because it would immediately imply that all their prior-generation devices *could be*.) Like I said from the beginning, I *want* to find a biometric device which actually works according to its claims, because it would solve Identification as a security issue. From there, we could move on to forms of Authentication and Authorization which don't *also* have to serve as Identification.

Iris scans were the most recent biometric solution to fall to security researchers. Several of them claimed to require a living eyeball, because they measured the minor changes in the iris caused by the pumping of blood. Unfortunately, one of the best recently fell to engineered printouts that take a couple hours to generate from a still photo of someone's eye.

Remember, if you *can't* change it, you can't rely on it in a security setting unless it *absolutely* can't be broken in a reasonable amount of time.

You read the marketing copy included in the MR article, which said:

AuthenTec's "swipe sensors" is described to use sub-surface technology to read the live layer of skin beneath the skin's surface.

And, from there jumped immediately to:

In other words: you cut off the finger and you cannot access at all. Not even the person you just made the 9-finger-guy/gal.

The latter does not follow from the first without several assumptions being made.

Like I said from the beginning, I *want* to find a biometric device which actually works according to its claims, because it would solve Identification as a security issue. From there, we could move on to forms of Authentication and Authorization which don't *also* have to serve as Identification.

Iris scans were the most recent biometric solution to fall to security researchers. Several of them claimed to require a living eyeball, because they measured the minor changes in the iris caused by the pumping of blood. Unfortunately, one of the best recently fell to engineered printouts that take a couple hours to generate from a still photo of someone's eye.

Remember, if you *can't* change it, you can't rely on it in a security setting unless it *absolutely* can't be broken in a reasonable amount of time. (And even if it can only be broken in an *unreasonable* amount of time, if you can't change it after it's broken, you're screwed.)

 

[danielsutton]

Let's hope it's already being included with the next iPhone. And very cool stuff, indeed. A lot of Wall Street analysts are saying that this iPhone is make-or-break for Apple--if it brings revolutionary features and succeeds Apple's stock will soar to levels that make $600 seem small. If the next iPhone isn't great, Apple's stock will take a huge hit. I think if they can crack NFC on the next iPhone, the next iPhone will be one incredible piece of technology. It looks like this technology would be a major component in Apple's NFC approach.

I think you are right about that naveah! Apple, among other things, is very worried about security, regarding NFC technology. Biometric chips would help to calm them and help them to implement this new wireless technology in their products.

It turns out that NFC and biometrics did not make it into the iPhone 5, but no doubt Apple will add these features to new products going forward...