How safe are fingerprint logins?
Yesterday I picked up a new smartphone (Moto G6 Plus) and it's the first one I've had that includes the option of fingerprint recognition. I was prompted to enable this when setting up the phone and it's there as a feature provided by Moto, which I believe is owned by the Chinese company Lenovo. I can also see this is a feature provided in the Android version of 1Password.
No doubt this would be convenient in many spheres, but I can't help wondering about the potential security risks, since all those fingerprints have to be stored somewhere and what happens if that data is hacked or simply handed to some organisation you definitely wouldn't want controlling your fingerprints?
My daughter has a Moto 5GS and finds the fingerprint logins very convenient, so perhaps it is just sign of my cynical old age that questions the wisdom of making fingerprints available to Google and many other companies without perhaps even realising it. Many here are no doubt using this, so I'm just curious to learn more before I make up my mind.
1Password Version: 7.0 Beta 13
Extension Version: Not Provided
OS Version: Android 8
Sync Type: Dropbox
Comments
-
It seems as though nobody has any view on the security aspects of fingerprint logins. This surprises me as a built in feature of 1Password using Android and other platforms to access all our data.
0 -
I think that in most if not all devices the fingerprint is not transmitted. It is kept in a secure place inside the chip and the operating system (and apps) just take if it matches or not. So the apps and the operating system don't have access to the fingerprint itself
0 -
Hi @ashleykaryl and @jimger. Thanks for reaching out regarding the security of Fingerprint Unlock in 1Password. We have an article in our knowlegebase which should answer your questions:
https://support.1password.com/android-fingerprint-unlock-security/Please have a look and let us know if that helps!
0