Forum Thread

Discussion - What happens when you setup security features on your phone? Fingerprint, iris, facial scan, etc...

12,084 1,481 November 1, 2017 at 06:51 AM
Does anyone have any information on what happens to this data? I'd like to know where, if anywhere, my fingerprint, retina/iris scan, and facial scan data goes if I were to use one of those more advanced methods.

Is there anyone that doesn't set these features up? Why not?

If you do use them, what has been your experience?

I've got a new Samsung Galaxy and I'm wondering how well this data is protected.

31 Comments

1 2 3

Sign up for a Slickdeals account to remove this ad.

This comment has been rated as unhelpful by Slickdeals users
Joined Aug 2005
L10: Grand Master
14,196 Posts
5,243 Reputation
#2
I have not seen a technical document from Samsung on this. Apple has a pretty good set of technical documents on these things though. On their phones it stays on the phone in the secure enclave.
Reply Helpful Comment? 0 0
Vague questions receive vague answers . . . . . .
This comment has been rated as unhelpful by Slickdeals users
Joined Aug 2005
L7: Teacher
2,402 Posts
1,113 Reputation
#3
Quote from LiquidRetro
:
I have not seen a technical document from Samsung on this. Apple has a pretty good set of technical documents on these things though. On their phones it stays on the phone in the secure enclave.
From what I understand, the method for Android phones is very similar. The data is stored locally in a secure, encrypted environment - essentially separate to the OS and even rest of the phone HW. The data is defintely not stored in the cloud so if you get a new device you have set up your biometrics again.
Reply Helpful Comment? 0 0
This comment has been rated as unhelpful by Slickdeals users
Joined Oct 2004
L10: Grand Master
12,084 Posts
1,481 Reputation
Original Poster
#4
Quote from EyeBaller
:
From what I understand, the method for Android phones is very similar. The data is stored locally in a secure, encrypted environment - essentially separate to the OS and even rest of the phone HW. The data is defintely not stored in the cloud so if you get a new device you have set up your biometrics again.
Can you say for sure that the data isn't stored anywhere but the phone itself? Where have you read that?
Reply Helpful Comment? 0 0
This comment has been rated as unhelpful by Slickdeals users
Joined Aug 2005
L7: Teacher
2,402 Posts
1,113 Reputation
#5
Quote from Jabbit
:
Can you say for sure that the data isn't stored anywhere but the phone itself? Where have you read that?
You can probably google for all the details but the requirements for fingerprint data were introduced a couple of years ago for Marshmallow (Android 6.0).

Google has minimum requirements that any device that ships with Google Services has to meet in order to be certified and they require the hardware encryption and local only storage of the biometric data. Samsung stores all biometric data in the same place.

I use fingerprint and Iris on my S8.

Edit: here's a decent article on this: https://www.androidcentral.com/ho...ngerprints
Reply Helpful Comment? 0 0
Last edited by EyeBaller November 1, 2017 at 10:45 AM.
This comment has been rated as unhelpful by Slickdeals users
Joined Oct 2004
L10: Grand Master
12,084 Posts
1,481 Reputation
Original Poster
#6
Quote from EyeBaller
:
You can probably google for all the details but the requirements for fingerprint data were introduced a couple of years ago for Marshmallow (Android 6.0).

Google has minimum requirements that any device that ships with Google Services has to meet in order to be certified and they require the hardware encryption and local only storage of the biometric data. Samsung stores all biometric data in the same place.

I use fingerprint and Iris on my S8.

Edit: here's a decent article on this: https://www.androidcentral.com/ho...ngerprints
Great link, thank you. That's the type of explanation I was looking for but I didn't have much luck initially. Would still enjoy reading a white paper on the topic.
Reply Helpful Comment? 0 0
This comment has been rated as unhelpful by Slickdeals users
Joined Dec 2008
L10: Grand Master
6,009 Posts
2,383 Reputation
#7
Current android phones store it in a pretty secure manner: https://www.androidcentral.com/ho...ngerprints
edit, should have reloaded before posting...

...older android phones not so much
https://www.extremetech.com/mobil...plain-text

You can be legally compelled to hand over physical tokens including your fingerprints to unlock devices.
Reply Helpful Comment? 0 0
Why do conservative politicians oppose conservation?
Have you ever stopped to think the long-term GOP immigration policy might be to make the United States of America a less desirable place to live than Mexico?

"If you tell a lie big enough and keep repeating it, people will eventually come to believe it" -Joseph Goebbels
This comment has been rated as unhelpful by Slickdeals users
Joined May 2004
L42: The Ultimate Answer
1,503 Posts
1,005 Reputation
#8
Apple has a white paper on Face ID. I haven't read it so not sure how relevant it is to your questions though.

https://images.apple.com/business..._Guide.pdf
Reply Helpful Comment? 0 0

Sign up for a Slickdeals account to remove this ad.

This comment has been rated as unhelpful by Slickdeals users
Joined Feb 2007
L10: Grand Master
6,875 Posts
#9
Speaking of Security.
I read a passcode is the only thing Law Enforcement can't force you to give up. They can get a court order for fingerprint and I'll guess facial and iris.
Reply Helpful Comment? 0 0
for those that hate spelling mistakes www.walmarts.comCool

bulb save money by checking your insurance every 2 years (and not every 20) Thanks Liberty Mutual for reminding me to shop. The $842 increase this year sums it up. Across the board increase for Ohio....whatever
This comment has been rated as unhelpful by Slickdeals users
Joined May 2006
I hate mail in rebates
6,426 Posts
1,277 Reputation
#10
Quote from jkee
:
Current android phones store it in a pretty secure manner: https://www.androidcentral.com/ho...ngerprints
edit, should have reloaded before posting...

...older android phones not so much
https://www.extremetech.com/mobil...plain-text

You can be legally compelled to hand over physical tokens including your fingerprints to unlock devices.
I hate HTC now. I used to love them with the HTC Evo devices which were ground breaking with their 4.3" displays. laugh out loud

I had a bad experience with a new HTC device that suffered a black screen of death... the only smartphone I had ever that went bad, from me doing nothing to it. I stuck it in a drawer after having to factory reset it several times and having it die from black screen of death repeatedly. A year or two later, I took it out, powered it on, and part of the screen no longer was responsive to touch...WTF??

HTC has gone downhill in my opinion quite a bit.
Reply Helpful Comment? 0 0
cheap, fast, good - pick any two.

"Don't cry because it's over, smile because it happened."
― Dr. Seuss
This comment has been rated as unhelpful by Slickdeals users
Joined May 2006
I hate mail in rebates
6,426 Posts
1,277 Reputation
#11
Quote from stufine
:
Speaking of Security.
I read a passcode is the only thing Law Enforcement can't force you to give up. They can get a court order for fingerprint and I'll guess facial and iris.
I don't have anything that would need that level of security to hide from the government...but if I did, I for sure wouldn't use biometric security, only passwords and codes.

For vast majority of people, like me, though, biometric security is just fine. I use fingerprint sensors on my Samsung / Moto / iPhones and they are great.

I don't like passwords / passcodes because you have to hide your screen from other people when you unlock your phone, making it slightly anti-social, plus if someone sees your PIN / passcode you might as well not use it.

So fingerprint / biometric security probably is the best of all words for most people - it's quick, convenient, not anti-social, and people can't memorize your passcode to enter your phone later.

But yea, if you're a criminal and have things to hide, then don't use biometric security.
Reply Helpful Comment? 0 0
This comment has been rated as unhelpful by Slickdeals users
Joined Mar 2009
Schrödinger's Frog
18,548 Posts
2,087 Reputation
#12
Quote from Jabbit
:
Does anyone have any information on what happens to this data? I'd like to know where, if anywhere, my fingerprint, retina/iris scan, and facial scan data goes if I were to use one of those more advanced methods.

Is there anyone that doesn't set these features up? Why not?
I don't. Don't feel a need for it. No passcode or anything.
Reply Helpful Comment? 0 0
This comment has been rated as unhelpful by Slickdeals users
Joined Aug 2005
L7: Teacher
2,402 Posts
1,113 Reputation
#13
Quote from cheap_bastid
:
I don't have anything that would need that level of security to hide from the government...but if I did, I for sure wouldn't use biometric security, only passwords and codes.

For vast majority of people, like me, though, biometric security is just fine. I use fingerprint sensors on my Samsung / Moto / iPhones and they are great.

I don't like passwords / passcodes because you have to hide your screen from other people when you unlock your phone, making it slightly anti-social, plus if someone sees your PIN / passcode you might as well not use it.

So fingerprint / biometric security probably is the best of all words for most people - it's quick, convenient, not anti-social, and people can't memorize your passcode to enter your phone later.

But yea, if you're a criminal and have things to hide, then don't use biometric security.
All phones require use of pin/passcode for first unlock after a reboot and/or after multiple failed attempts with biometrics. So.. if you were in a situation where you had to unlock it for someone but didn't want to it would be pretty easy to either power off/reboot the device or just use the wrong finger until it locks out the FP reader.


Quote from Frogstar
:
I don't. Don't feel a need for it. No passcode or anything.
Assuming you have a smartphone and sync your main email to it, this is a terrible, terrible idea.
Reply Helpful Comment? 0 0
This comment has been rated as unhelpful by Slickdeals users
Joined May 2006
I hate mail in rebates
6,426 Posts
1,277 Reputation
#14
Quote from EyeBaller
:
All phones require use of pin/passcode for first unlock after a reboot and/or after multiple failed attempts with biometrics. So.. if you were in a situation where you had to unlock it for someone but didn't want to it would be pretty easy to either power off/reboot the device or just use the wrong finger until it locks out the FP reader.
that's a great point.




Quote :
Assuming you have a smartphone and sync your main email to it, this is a terrible, terrible idea.
Agreed. I don't know why anyone wouldn't take advantage of the easy and convenient security features. I just believe there are a lot of dumb people out there. laugh out loud

I had a friend who had a s6, never used lock on it, didn't even sync contacts to any service, out of pure laziness. One day someone stole the phone and all the photos, emails, data on the phone.

Lesson learned, now my friend is paranoid about using security on the smartphones, more than I am. laugh out loud
Reply Helpful Comment? 0 0
This comment has been rated as unhelpful by Slickdeals users
Joined Mar 2009
Schrödinger's Frog
18,548 Posts
2,087 Reputation
#15
Quote from EyeBaller
:
All phones require use of pin/passcode for first unlock after a reboot and/or after multiple failed attempts with biometrics. So.. if you were in a situation where you had to unlock it for someone but didn't want to it would be pretty easy to either power off/reboot the device or just use the wrong finger until it locks out the FP reader.




Assuming you have a smartphone and sync your main email to it, this is a terrible, terrible idea.
I don't know that I have an email address that I'd consider to be my "main" email, they're all used for different purposes, and only two of them are accessible from my phone. I'm comfortable with my decision, and don't seek anyone's approval for it. He asked, I answered.
Reply Helpful Comment? 0 0
Page 1 of 3
1 2 3
Join the Conversation
Add a Comment
 
Copyright 1999 - 2018. Slickdeals, LLC. All Rights Reserved. Copyright / Infringement Policy  •  Privacy Policy  •  Terms of Service  •  Acceptable Use Policy (Rules)  •  Interest-Based Ads
Link Copied to Clipboard