TECH
18/02/2015 05:47 GMT | Updated 18/02/2015 05:59 GMT

Banks Add Apple's Touch ID Fingerprint Technology To Their Apps

Two UK banks RBS and Natwest have added Apple's Touch ID fingerprint technology to their iPhone apps allowing customers to login using just their thumb.

Touch ID is Apple's own fingerprint technology and once enabled within the app would mean that customers would never have to use their username or password again.

The move follows an increasing trend that customers are more than happy to ditch the conventional password for more advanced forms of security including biometrics.

touch id

Financial software company Intelligent Environments found that a massive 80 per cent of Brits were keen to swap their passwords for biometric security while over half of those asked would like banks to start using fingerprint scanners both in branches and with mobile.

There have been concerns however that Touch ID isn't as secure as both Apple and the banks would like prompting security experts to warn that it can't become the only form of protection.

Speaking to the BBC, Ben Schlabs, of SRLabs warns that we simply don't know enough about the technology to say it's a truly safe alternative to the password.

"The security implications are the same, it is just as dangerous... I think it has been shown that it is pretty easy to spoof it and the risks aren't fully understood."

Just the fact that you are carrying the key around with you and leave copies of it exposed everywhere you go makes it a very different risk to something that is inside your brain. The risks are poorly understood."

Apple already uses Touch ID for financial transactions with its new Apple Pay service that launched in the US last year.

Available only on the iPhone 6, Apple Pay places your bank card details securely on the iPhone 6, you then use Touch ID as a replacement for your PIN and then tap the phone onto the card reader using NFC.

With most of the major banks on board it seems certain that Apple Pay will launch in the UK and as Thomas Bostrøm Jørgensen, CEO at Encap Security points out, the risks might be smaller in number but they're just as damaging.

"Sure it’s trickier to subvert a fingerprint than a password, but it’s not impossible – Touch-ID was ‘hacked’ less than a month after introduction. One hacker has claimed to be able to recreate fingerprints from high-resolution photos. And while you can issue a new PIN or password you can’t issue a new fingerprint – not without it being very messy. A single factor will always be vulnerable to attack.

Apple has already suffered reputational damage from the iCloud breach that revealed a lot more than some celebrities wanted. Banks can’t afford to make the same mistake with biometrics.”