Is fingerprint biometric safer than password in today’s smartphones?

If you are the curious type that seek to know every nook and cranny about phones, this question would have crossed your mind at one point in time. Almost every smartphones released in the past two years have the fingerprint sensor onboard, however, the password and PIN options are still provided as alternatives within the phone settings for added security. Does this mean that fingerprint biometric is not reliable or safe enough? Does this mean it is less secured than other traditional security measures such as password?

As a matter of fact, locking/unlocking our smartphones using the fingerprint sensor is much faster and more convenient compared to using password. Also, in most smartphones the fingerprint sensor can be configured to include some other actions such as gesture or tap to wake, something you cannot do if you set the password or PIN as the default security.

Also read: Why today’s smartphones are so big?

It is much easier to use as it required nothing than to tap the fingerprint sensor with our registered fingerprints to access our phone. Notwithstanding, the security PIN or password needs to be enabled before we can set up fingerprint biometric protection on our smartphones. Without the PIN or password enabled, we can not use the fingerprint sensor. This does not only applied to smartphone users, but to Windows PC users as well (Windows Hello users for instance). The fingerprint security cannot be activated without enabling PIN or password.

Although the tech has evolved over the past decade, its reliability and its trust of accuracy are often questioned. If the fingerprint sensors on our smartphones are 100% reliable and fool-proof, there will be no need to activate the PIN as backup before we can use them. There won’t be any backups, which is obviously provided incase the other failed in one way or the other.

Some tech companies, such as Apple and Samsung, engineered softwares that add extra security layers to protect the biometric data of their users and make the fingerprint sensors on their smartphones more secured and fool-proof to a certain degree, but this can not be said about all phone brands. Imagine the bio-data of users falling into the wrong hand, but the data are encrypted to prevent that – at least that’s what we know as these are all done under the hood.

While we can easily change our passwords at any time as we deemed fit if there is any concern, the fingerprints (ridges on our fingers tip) are biologically imprinted, unique, and differs from one person to another. It cannot be easily changed (possible through hand transplant though, but why go through such extreme?). Naturally, it identifies one person from another and cannot be manipulated by each individual. The fingerprint of each of your finger belongs to you and to no one else – you can’t hide it, you can’t twist it, and you can’t modify it.

Also read: The position of the fingerprint sensor on smartphones and how it has changed

The flexibility of changing our passwords using different key combinations make it safer as we have lesser control over our fingerprints when it comes to securing our smartphones. Using complex passwords with numerics, alphabets (upper case and lower case), and signs/characters combination is a better option as it leaves no physical trace and has no attachment to our biological traits.

Furthermore, fingerprint biometric security is less reliable as it required an external hardware, which can be subjected to errors and easily affected by environmental factors such as heat and water, unlike passwords that solely relied on software. Passwords may be further encrypted in some smartphones via special hardware (TPM chip for example), but this is not common.

Passwords are indeed safer than fingerprint biometric, but there are some disadvantages. Passwords needs to be lengthy and comprised of different letters for it to be indeed secured—the downside to this is you can easily forget it and get locked out from accessing your device. It takes time to input all those random letters too, whereas all you need to do is tap your finger on the fingerprint sensor if you have biometric security enabled on your device.

Overall, fingerprint biometric is much faster, convenient and easier to use, but password is more secured and safer.