Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Apple's web of authentication

Dan Moren | July 29, 2016
Apple uses three main authentication factors: something you know, something you have, and something you are.

macos sierra apple pay stock
Apple

Some precautions can be taken to make that harder. For example, when Apple stores your fingerprint for Touch ID, it's not actually scanning your fingerprint but storing a series of mathematical measurements and information about it. If that digital information-which is stored in the isolated secure enclave on an iOS device's processor-is somehow compromised, it would be hard to turn that into something that could be used to create a fake fingerprint. Harder, anyway, than lifting an actual fingerprint from somewhere in your house and creating a fake fingerprint using that. Either way, it does require some degree of dedication.

Rumor has it that Apple is investing further in biometrics, possibly including an iris scanner in a future version of the iPhone. If true, presumably it would use much the same methodology as Touch ID.

Wear your authentication on your sleeve 

Apple announced one additional authentication feature debuting this fall. Using watchOS 3, iOS 10, and macOS Sierra, you'll be able to unlock your Mac without entering your password when you're wearing your Apple Watch.

This is an interesting and somewhat complex web of authentication, which essentially works like this: when you unlock your Apple Watch, you need to enter your passcode on it or on your iPhone. However, the Watch knows when it's being worn, and can automatically lock when it's removed from the wearer's wrist. (There is a workaround, but it's a little tricky.) As long as you're wearing your Watch, it's considered to be an authenticated token, in the same way that you can use it for Apple Pay as long as it's been unlocked. 

That could open up opportunities for the Watch to be used as an authenticated token in other places, too. Who knows? Maybe someday your Apple Watch will be the key fob for your Apple Car, letting you open the door and start the engine without having to take any actions. Maybe HomeKit-enabled smart door locks will use the Watch to authenticate you to your house. Perhaps you might even be able to watch content you own on a friend's Apple TV if it detects your Apple Watch in the vicinity. 

I have no doubt that seamless security and authentication will continue to be major features that Apple pushes as it continues to improve its existing products and roll out new ones. After all, the company not only likes to boast of the things only its integration between hardware, software, and services can accomplish, but also about its stance on privacy and security. Why not take the opportunity to improve both?

Source: Macworld 

 

Previous Page  1  2 

Sign up for Computerworld eNewsletters.