Welcome to the Treehouse Community

Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.

Looking to learn something new?

Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.

Start your free trial

Security Security Literacy Security in Practice Final Recommendations

Jonathan Cooper
Jonathan Cooper
8,145 Points
Posted by Jonathan Cooper
Jonathan Cooper
8,145 Points

Why would you "disable fingerprint authentication..." on mobile devices?

In the video it says to disable the fingerprint authentication. I thought that was a security feature. Not sure if I understood that correctly.

2 Answers

Steven Parker
Steven Parker
230,274 Points
Steven Parker
Steven Parker
230,274 Points

You're right that this feature would be one way of securing access to the mobile device itself. But I believe the suggestion being made here is more about securing your identity in cases where the device or the data inside it may be stolen.

Identity-based security can be good for permanently-installed systems, but using it in a mobile device creates potential opportunities for identity theft.

Jonathan Cooper
Jonathan Cooper
8,145 Points
Jonathan Cooper
Jonathan Cooper
8,145 Points

I got ya. Like the data inside the device about your personal identity, which is used to secure the mobile device. Thanks.

Greg Stromire
STAFF
Greg Stromire
Treehouse Guest Teacher
Greg Stromire
Greg Stromire
Treehouse Guest Teacher

Good question, and my apologies for not making this more clear! Good responses too.

My intention was to convey that there are certain security properties about fingerprint authentication that we should keep in mind -- such as unintentional authorization.

This could be as simple as a child getting their sleeping parent's fingerprint to approve an app purchase.

It's also true that, as far as I know, it's legal for law enforcement in some countries (like the US) to force a person to use their fingerprint to unlock a device, where it is not legal to force a person to reveal a pass code.

These are all things to keep in mind when using these kinds of security features.