I thought this is a rumors forum. I doubt you can get the internal documents and code to see how it exactly works. However, I have one of their scanners right in front of me on my tablet/laptop hybrid. It's not the red light scanner you probably referring to. All you see is a golden strip, so no optical sensor. Now, if it doesn't work optically, it can only work with temerature (not likely) or current/resistence (that would be life tissue, the one underneath the "print"). Now, I'm not an expert on this but if you use current/resistence, you basically rely on life cell structures underneath the dead outer layer of the skin and that would fit the "marketing claim." If they claim it and it's not true, that would also be false advertisement - and I doubt a company would base the whole existence on a lie and make a deal with Apple. Then again, I might be wrong.
If it's a current/resistance mechanism, then it's in the same category as the ones which can be tricked with a moist (licked) gelatin copy. I'm not saying that it *can't* be something new which will be harder to fake, but the marketing copy looks awfully similar to what I've seen for other finger print readers which can be faked out using extremely low-tech methods. I'm talking methods that take all of about an hour to do once you've grabbed someone's fingerprint from one of the *many* surfaces they leave them on all the time.
Again, I'd be *thrilled* to find out that someone has actually 'solved' a biometric sensor solution to the degree that it actually takes a living finger to work, but dozens of companies have made that claim before, and been proven wrong time and again.
Also, you'll notice the marketing copy doesn't actually say it can't be defeated by these methods. (Note: Even if it couldn't, it would be unusual to see it in marketing copy, because it would immediately imply that all their prior-generation devices *could be*.)
----------
I thought this is a rumors forum. I doubt you can get the internal documents and code to see how it exactly works. However, I have one of their scanners right in front of me on my tablet/laptop hybrid. It's not the red light scanner you probably referring to. All you see is a golden strip, so no optical sensor. Now, if it doesn't work optically, it can only work with temerature (not likely) or current/resistence (that would be life tissue, the one underneath the "print"). Now, I'm not an expert on this but if you use current/resistence, you basically rely on life cell structures underneath the dead outer layer of the skin and that would fit the "marketing claim." If they claim it and it's not true, that would also be false advertisement - and I doubt a company would base the whole existence on a lie and make a deal with Apple. Then again, I might be wrong.
If it's a current/resistance mechanism, then it's in the same category as the ones which can be tricked with a moist, gelatin copy. I'm not saying that it *can't* be something new which will be harder to fake, but the marketing copy looks awfully similar to what I've seen for other finger print readers which can be faked out using extremely low-tech methods. I'm talking methods that take all of about an hour to do once you've grabbed someone's fingerprint from one of the *many* surfaces they leave them on all the time.
Again, I'd be *thrilled* to find out that someone has actually 'solved' a biometric sensor solution to the degree that it actually takes a living finger to work, but dozens of companies have made that claim before, and been proven wrong time and again.
Also, you'll notice the marketing copy doesn't actually say it can't be defeated by these methods. (Note: Even if it couldn't, it would be unusual to see it in marketing copy, because it would immediately imply that all their prior-generation devices *could be*.) Like I said from the beginning, I *want* to find a biometric device which actually works according to its claims, because it would solve Identification as a security issue. From there, we could move on to forms of Authentication and Authorization which don't *also* have to serve as Identification.
Iris scans were the most recent biometric solution to fall to security researchers. Several of them claimed to require a living eyeball, because they measured the minor changes in the iris caused by the pumping of blood. Unfortunately, one of the best recently fell to engineered printouts that take a couple hours to generate from a still photo of someone's eye.
Remember, if you *can't* change it, you can't rely on it in a security setting unless it *absolutely* can't be broken in a reasonable amount of time.
You read the marketing copy included in the MR article, which said:
MacRumors said:
AuthenTec's "swipe sensors" is described to use sub-surface technology to read the live layer of skin beneath the skin's surface.
And, from there jumped immediately to:
Mad-B-One said:
In other words: you cut off the finger and you cannot access at all. Not even the person you just made the 9-finger-guy/gal.
The latter does not follow from the first without several assumptions being made.
Like I said from the beginning, I *want* to find a biometric device which actually works according to its claims, because it would solve Identification as a security issue. From there, we could move on to forms of Authentication and Authorization which don't *also* have to serve as Identification.
Iris scans were the most recent biometric solution to fall to security researchers. Several of them claimed to require a living eyeball, because they measured the minor changes in the iris caused by the pumping of blood. Unfortunately, one of the best recently fell to engineered printouts that take a couple hours to generate from a still photo of someone's eye.
Remember, if you *can't* change it, you can't rely on it in a security setting unless it *absolutely* can't be broken in a reasonable amount of time. (And even if it can only be broken in an *unreasonable* amount of time, if you can't change it after it's broken, you're screwed.)