Fingerprint recognition: Disrupting the world of \"passwords and keys\"

It is worth noting that Apple is not part of the FIDO alliance.

This is somewhat similar to the relationship between Android and ios. The FIDO Alliance is an open source alliance. As long as it complies with the standards of the FIDO Alliance, it can be accessed by mobile phone manufacturers, chipmakers, technology service providers, and Internet companies. But Apple's current fingerprint recognition is not open to third-party use, so it can only achieve its own two functions.

Compared to open source systems, Apple iOS is relatively more secure in terms of overall system security and fingerprint authentication, provided that you do not jailbreak.

However, at this year's Apple Developer Conference, Apple has already opened up many third-party interfaces to developers, which is also considered to be due to pressure from open source systems such as Android. So in the near future, Apple may also open up the fingerprint recognition interface to third-party developers, which is a change worth looking forward to.

In addition, at Apple's September product launch event, the company may expand fingerprint recognition to the new iPad mini, which will further promote the popularization of fingerprint authentication technology.

Is fingerprint authentication secure?

Is fingerprint recognition so widespread that it is safe?

For this question, we need to answer it in two parts: fingerprint collection and fingerprint authentication.

In the fingerprint collection stage, fingerprint recognition technologies used by fingerprint check-in machines have low security, and users can cheat by simply copying their fingerprints. But the new generation of fingerprint payment technology (such as the fingerprint technology of Samsung S5 phone and the new fingerprint lock) has biometric recognition function, which can recognize the dermis layer, so copied fingerprints or severed fingers cannot be recognized.

In the fingerprint authentication stage, Lenovo's Cui Zhongyong introduced to NetEase Technology that in this technology, Lenovo converts the fingerprint recognized by the sensor into a string of keys, performs fingerprint comparison locally on the phone, and only transmits the comparison results; YES OR NO”。 During this process, all fingerprint data will be stored on local devices and will not be uploaded to the cloud. Even if the server is attacked, it will not cause security incidents. (Note that this does not mean that all fingerprint recognitions will not upload your fingerprint information. Although Apple has previously denied this, foreign security experts have also previously stated that establishing a large-scale cloud fingerprint database is very dangerous.)

Will fingerprint data be stolen locally? Lenovo explained that in the fingerprint payment project of Alipay, the user's fingerprint data is entered into the mobile phone and stored in a TEE environment isolated from the main operating system. We can understand this TEE environment as a black box. These data cannot be read by the outside world. The main operating system is planted with a Trojan horse. The fingerprint data is still safe.

Overall, the security of fingerprint payments is much higher than that of digital passwords.

At present, there may still be a small number of users whose fingerprints cannot be recognized, such as those born without fingerprints, or those whose fingers are severely injured, soaked in water or chemicals for a long time, which may also affect the fingerprint recognition rate. For this situation, users can switch back from fingerprint password to digital password.