Why locking your mobile device with a fingerprint is a great idea

One of the rumors leading into the Apple iPhone 5 event today is that the new smartphone will incorporate fingerprint scanning technology.

Apple is hosting a major media event today to unveil the iPhone 5. In the days leading up to any iPhone announcement there's always a good deal of heated speculation regarding what features and capabilities the new smartphone will have.

Smartphones and tablets store gigabytes of data. They have banking apps, and apps that access credit card or investment accounts. They connect to email, and social networks. If a mobile device falls into the wrong hands, it's possible that sensitive information and data could be compromised. That's why your smartphones and tablets need to be locked down and protected.

One of the rumors floating around about the iPhone 5 is that it might come with fingerprint scanning technology. If it's true, it would be a game changer for smartphone security.

The rumor stems from Apple's recent acquisition of a company called AuthenTec. AuthenTec is known for developing fingerprint scanning technology for mobile devices. It seems reasonable to assume that Apple didn't spend $360 million for the company if it doesn't have any use for the fingerprint scanning capabilities it's known for.

It remains to be seen if whether or not the iPhone 5 will actually incorporate the AuthenTec fingerprint sensors. It's possible that Apple is planning to build the technology into future iPhones, iPads, or Macs. But, if Apple does use fingerprint scanning technology to lock the iPhone it would be a great step in the right direction for smartphone security.

Most smartphones are locked with a simple four-digit PIN if they're locked down at all. The four-digit PIN is better than nothing, but it's certainly not the most secure option available. iOS devices have an option to require a more complex alphanumeric passcode, which would be much more difficult to guess in most cases.

Android added an ability to unlock the mobile device using facial recognition. Facial recognition can't be guessed or cracked in the same way a password can--only you have your face. However, that isn't entirely true. If you happen to have a reasonable headshot photo of the individual, you can just hold your picture up to the phone and unlock it.

You can't do that with a fingerprint, though. And, the fingerprint authentication can be extended beyond simply unlocking the device itself. If developers have access to the fingerprint scanning capabilities through an API, or if the smartphone OS has an ability to store credentials and passwords in a sort of locker that is accessed via the fingerprint, then the fingerprint becomes a more secure means of accessing apps and other sensitive information on the device as well.

Improving the method of authentication will help prevent unauthorized access to data should the smartphone be lost or stolen. It's important that you don't rely only on locking the device, though. You also need a cross-device security platform in place to guard against malware and protect your data from other malicious attacks.

Copyright © 2012 IDG Communications, Inc.

Make your voice heard. Share your experience in CSO's Security Priorities Study.