How secure is fingerprint ID on the Iphone and also for App ID access such as Vanguard?
- Sandtrap
- Posts: 19590
- Joined: Sat Nov 26, 2016 5:32 pm
- Location: Hawaii No Ka Oi - white sandy beaches, N. Arizona 1 mile high.
How secure is fingerprint ID on the Iphone and also for App ID access such as Vanguard?
I have an Iphone 7 plus.
It has fingerprint ID for access.
I also have the apps for Vanguard, Schwab, etc, etc. that have fingerprint ID access instead of typing in the passwords.
How secure is this?
Should I disable the fingerprint access on the apps and use manual password entry?
Should I not use the Iphone for access to the brokerages and banks and use my MacbookPro instead?
My MacBook Pro (newest) also has fingerprint access and authentication. Is this any more secure than the Iphone?
Should I enable 2 factor authentication or other? on all accounts where possible?
(not sure if this is worded right)
I am very "old school" so this technology is overwhelming.
worried
j
It has fingerprint ID for access.
I also have the apps for Vanguard, Schwab, etc, etc. that have fingerprint ID access instead of typing in the passwords.
How secure is this?
Should I disable the fingerprint access on the apps and use manual password entry?
Should I not use the Iphone for access to the brokerages and banks and use my MacbookPro instead?
My MacBook Pro (newest) also has fingerprint access and authentication. Is this any more secure than the Iphone?
Should I enable 2 factor authentication or other? on all accounts where possible?
(not sure if this is worded right)
I am very "old school" so this technology is overwhelming.
worried
j
-
- Posts: 2684
- Joined: Sun Jan 08, 2017 11:25 am
Re: How secure is fingerprint ID on the Iphone and also for App ID access such as Vanguard?
yes 2fa for everything.
touchID is fine. technically can be tricked but so can everything.
no both touchID are the same.
keep all apps and software UTD and cont safe practices and move on.
touchID is fine. technically can be tricked but so can everything.
no both touchID are the same.
keep all apps and software UTD and cont safe practices and move on.
Re: How secure is fingerprint ID on the Iphone and also for App ID access such as Vanguard?
How secure is secure enough?
I mean.... they could chop your finger off and gain access without your cooperation. If it was password only they would have to crack the password or torture you until you gave up the password, so if you are really that worried: How much torture can you withstand?
I mean.... they could chop your finger off and gain access without your cooperation. If it was password only they would have to crack the password or torture you until you gave up the password, so if you are really that worried: How much torture can you withstand?
Re: How secure is fingerprint ID on the Iphone and also for App ID access such as Vanguard?
TouchID is quite secure.
At least with the Vanguard iOS app, TouchID can only be used to view your account information. If you try to trade or transfer you then have to enter your password. That strikes a nice balance of convenience and security.
The TD Ameritrade app allows you to set three levels of access to grant via TouchID: Login, Trade, Cash Movement. I don't allow cash movement via TouchID.
At least with the Vanguard iOS app, TouchID can only be used to view your account information. If you try to trade or transfer you then have to enter your password. That strikes a nice balance of convenience and security.
The TD Ameritrade app allows you to set three levels of access to grant via TouchID: Login, Trade, Cash Movement. I don't allow cash movement via TouchID.
Re: How secure is fingerprint ID on the Iphone and also for App ID access such as Vanguard?
+1. I just found that out the other day. It's perfect.
Chase the good life my whole life long, look back on my life and my life gone...where did I go wrong?
Re: How secure is fingerprint ID on the Iphone and also for App ID access such as Vanguard?
I have tried to do a lot of reading on the safety of the various online ways to access one's financial accounts. I know I have seen many here post that they would not use their phone. I feel differently and have found at least some experts that agree.
To me, the main benefit of the iphone is that programs/apps can only be downloaded from the App Store. Is it possible that Apple could make a mistake and allow malware to get through? Yes. But so much less likely than picking up malware from whatever site on a PC or MAC. Secondly, the app has been provided by the institution. If there is a problem with its security, there is no question who is at fault. I have also heard mention that iOS was developed after the security threats were better recognized and therefore was designed from the beginning with this in mind.
I would, however, recommend that you do not use the phone on public wifi for financial transactions. And that you only use a phone that can run the most recent iOS.
To me, the main benefit of the iphone is that programs/apps can only be downloaded from the App Store. Is it possible that Apple could make a mistake and allow malware to get through? Yes. But so much less likely than picking up malware from whatever site on a PC or MAC. Secondly, the app has been provided by the institution. If there is a problem with its security, there is no question who is at fault. I have also heard mention that iOS was developed after the security threats were better recognized and therefore was designed from the beginning with this in mind.
I would, however, recommend that you do not use the phone on public wifi for financial transactions. And that you only use a phone that can run the most recent iOS.
Last edited by Katietsu on Thu Oct 19, 2017 4:18 pm, edited 1 time in total.
- Sandtrap
- Posts: 19590
- Joined: Sat Nov 26, 2016 5:32 pm
- Location: Hawaii No Ka Oi - white sandy beaches, N. Arizona 1 mile high.
Re: How secure is fingerprint ID on the Iphone and also for App ID access such as Vanguard?
Public wifi would mean, airport, starbucks, etc, etc. Right?Katietsu wrote: ↑Thu Oct 19, 2017 3:34 pm I have tried to do a lot of reading on the safety of the various online ways to access one's financial accounts. I know I have seen many here post that they would not use their phone. I feel differently and have found at least some experts that agree.
To me, the main benefit of the iphone is that programs/apps can only be downloaded from the App Store. Is it possible that Apple could make a mistake and allow malware to get through? Yes. But so much less likely than picking up malware from whatever site on a PC or MAC. Secondly, the app has been provided by the institution. If there is a problem with its security, there is no question who is at fault. I have also heard mention that iOS was developed after the security threats were better recognized and therefore was designed from the beginning with this in mind.
I would, however, recommend that you do not use the phone on public wifi. And that you only use a phone that can run the most recent iOS.
Re: How secure is fingerprint ID on the Iphone and also for App ID access such as Vanguard?
Let me clarify. I do not mean to never use public wifi with a phone. I mean that I will not do financial transactions or other sensitive actions on most wifi. I restrict these activities mostly to my home wifi. I only say mostly because I also trust using the wifi at select other locations where I am sure of the security and have confidence in the limited number of people with access.Sandtrap wrote: ↑Thu Oct 19, 2017 3:38 pmPublic wifi would mean, airport, starbucks, etc, etc. Right?Katietsu wrote: ↑Thu Oct 19, 2017 3:34 pm I have tried to do a lot of reading on the safety of the various online ways to access one's financial accounts. I know I have seen many here post that they would not use their phone. I feel differently and have found at least some experts that agree.
To me, the main benefit of the iphone is that programs/apps can only be downloaded from the App Store. Is it possible that Apple could make a mistake and allow malware to get through? Yes. But so much less likely than picking up malware from whatever site on a PC or MAC. Secondly, the app has been provided by the institution. If there is a problem with its security, there is no question who is at fault. I have also heard mention that iOS was developed after the security threats were better recognized and therefore was designed from the beginning with this in mind.
I would, however, recommend that you do not use the phone on public wifi. And that you only use a phone that can run the most recent iOS.
-
- Posts: 4902
- Joined: Sat Oct 25, 2014 3:23 pm
Re: How secure is fingerprint ID on the Iphone and also for App ID access such as Vanguard?
Oh, you just have to show me that sharp knife of yours and i’ll happily unlock the app, whether with my finger or with the passwordN1CKV wrote: ↑Thu Oct 19, 2017 11:58 am How secure is secure enough?
I mean.... they could chop your finger off and gain access without your cooperation. If it was password only they would have to crack the password or torture you until you gave up the password, so if you are really that worried: How much torture can you withstand?
If I didn’t use the touchID and Android equivalent, I would likely use weaker passwords to make access on mobile devices less painful and error prone. Passwords (or at least their hashes) can be retrieved without access to me or my device, and en bulk (so likely more ROI for the thieves). So in short, I use a strong password and touchID.
Re: How secure is fingerprint ID on the Iphone and also for App ID access such as Vanguard?
I was a bit surprised to hear that, but then again, it's usually privacy issues, not security issues, one hears about with smart phones.
I did check out a few links and saw pros and cons on either side
One thing that stood out though was this:
https://www.theguardian.com/technology/ ... or-bankingInsecure banking apps
Banking apps ought to be more secure than browsers, but it ain’t necessarily so. In 2014, Ariel Sanchez tested 40 home banking apps and found that 90% included insecure links (ones that didn’t use SSL), 40% didn’t check the validity of SSL certificates, 50% were vulnerable to cross-site scripting, and 40% were vulnerable to man in the middle attacks.
In a typical hack, the user might get a message to say that their session or password had expired and they needed to retype their user name and password. (Don’t.)
Today’s banking apps should be much more secure, but I wouldn’t bet on it.
- Sandtrap
- Posts: 19590
- Joined: Sat Nov 26, 2016 5:32 pm
- Location: Hawaii No Ka Oi - white sandy beaches, N. Arizona 1 mile high.
Re: How secure is fingerprint ID on the Iphone and also for App ID access such as Vanguard?
This is spooky.azurekep wrote: ↑Thu Oct 19, 2017 9:42 pmI was a bit surprised to hear that, but then again, it's usually privacy issues, not security issues, one hears about with smart phones.
I did check out a few links and saw pros and cons on either side
One thing that stood out though was this:
https://www.theguardian.com/technology/ ... or-bankingInsecure banking apps
Banking apps ought to be more secure than browsers, but it ain’t necessarily so. In 2014, Ariel Sanchez tested 40 home banking apps and found that 90% included insecure links (ones that didn’t use SSL), 40% didn’t check the validity of SSL certificates, 50% were vulnerable to cross-site scripting, and 40% were vulnerable to man in the middle attacks.
In a typical hack, the user might get a message to say that their session or password had expired and they needed to retype their user name and password. (Don’t.)
Today’s banking apps should be much more secure, but I wouldn’t bet on it.
j
- oncorhynchus
- Posts: 196
- Joined: Fri May 23, 2014 2:30 pm
Re: How secure is fingerprint ID on the Iphone and also for App ID access such as Vanguard?
Without endorsing illegal activity, another thing to consider is that passwords and fingerprints are treated differently under the 4th & 5th Amendments to the US Constitution.
Specifically, you cannot be compelled to reveal a password, but can be compelled to unlock/decrypt your device with a fingerprint.
o
Specifically, you cannot be compelled to reveal a password, but can be compelled to unlock/decrypt your device with a fingerprint.
o
-- Give a man a fish and you feed him for a day; teach a man to fish and you feed him for a lifetime. --
- Sandtrap
- Posts: 19590
- Joined: Sat Nov 26, 2016 5:32 pm
- Location: Hawaii No Ka Oi - white sandy beaches, N. Arizona 1 mile high.
Re: How secure is fingerprint ID on the Iphone and also for App ID access such as Vanguard?
That is interesting. I shows how far Phones have evolved. I can't imagine anyone compelling another to unlock a "flip phone".oncorhynchus wrote: ↑Fri Oct 20, 2017 12:50 am Without endorsing illegal activity, another thing to consider is that passwords and fingerprints are treated differently under the 4th & 5th Amendments to the US Constitution.
Specifically, you cannot be compelled to reveal a password, but can be compelled to unlock/decrypt your device with a fingerprint.
o
Actionably. . perhaps it's better to password protect phone access then fingerprint access the Apps.
-
- Posts: 3187
- Joined: Tue Dec 21, 2010 2:55 pm
Re: How secure is fingerprint ID on the Iphone and also for App ID access such as Vanguard?
As far as I know, then the phone can not read your wet fingers, it asks you for your password. Thus password is the fallback mechanism.perhaps it's better to password protect phone access then fingerprint access the Apps.
- abuss368
- Posts: 27850
- Joined: Mon Aug 03, 2009 2:33 pm
- Location: Where the water is warm, the drinks are cold, and I don't know the names of the players!
- Contact:
Re: How secure is fingerprint ID on the Iphone and also for App ID access such as Vanguard?
Priceless! It made be think of some movies!N1CKV wrote: ↑Thu Oct 19, 2017 11:58 am How secure is secure enough?
I mean.... they could chop your finger off and gain access without your cooperation. If it was password only they would have to crack the password or torture you until you gave up the password, so if you are really that worried: How much torture can you withstand?
John C. Bogle: “Simplicity is the master key to financial success."