(IJACSA) International Journal of Advanced Computer Science and Applications, Vol. 6, No. 1, 2015 154 | Page www.ijacsa.thesai.org Effectiveness of Iphone’s Touch ID: KSA Case Study Ahmad A. Al-Daraiseh IS dept. King Saud University Riyadh, Saudi Arabia Diana Al Omari IS dept. King Saud University Riyadh, Saudi Arabia Hadeel Al Hamid IS dept. King Saud University Riyadh, Saudi Arabia Nada Hamad IS dept. King Saud University Riyadh, Saudi Arabia Rawan Althemali IS dept. King Saud University Riyadh, Saudi Arabia Abstract—A new trend of incorporating Touch ID sensors in mobile devices is appearing. Last year, Apple released a new model of its famous iPhone (5s). One of the most anticipated and hailed features of the new device was its Touch ID. Apple advertised that the new technology will increase the security of its device, and it will also be used in different applications as a proof of identity. To make the issue more controversial, Apple announced a new financial service (Apple Pay) that allows iPhone 6 users to use their iPhone as a replacement to credit cards. The minute the new technology was introduced; many questions appeared that needed immediate answers. Users were concerned about how it will work? Is it easy to use? Is it really safe? And whether it will be effective in protecting their private data or not? In this paper we provide a comprehensive study of this feature. We discuss the advantages and disadvantages of using it. Then we analyze and share the results of a survey that we conducted to measure the effectiveness of such feature in the Kingdom of Saudi Arabia (KSA). In this study, we only focus on users from KSA, because if the device fails to protect mobile’s data, severe consequences might happen. Due to cultural believes in KSA, releasing mobile contents to unauthorized people could lead to crimes. Survey analysis revealed somewhat controversial results, while 76% of all participants believe that this technology will improve the device security, only 33% use it to lock/unlock their devices, and even a smaller percentage use it to make purchases. Keywords—IPhone 5s; IPhone 6; IPhone 6 plus; Fingerprint; Touch ID I. INTRODUCTION Nowadays, one of the main concerns in the mobile computing industry is the mobile security. Smartphones and other mobile devices can store and process a large amount of data in different formats. The majority of such data is private and confidential. Moreover, Hardware and software advances in this field made mobile devices an essential part of almost every activity we carry on in our lives. Storing large amount of data about such activities made mobile device a target for all types of attacks. Attackers used vulnerabilities in communication protocols (such as, GSM, WIFI, and Bluetooth), Hardware, and software to attack mobile devices. Therefore, securing such devices from all types of attacks became a priority to all manufacturers and software developers. One of the modern security methods used in securing Smartphones against unauthorized users is the fingerprint technology. It was originally introduced to the mobile industry by Apple Company in its iPhone 5s device, and was re-used again in the new mobile editions iPhone 6, and iPhone 6 plus. Fingerprint is the most widely used biometric to identify different individuals. It is impossible to find two persons with an identical fingerprint pattern. Also, fingerprint patterns never change during an individual’s life span, which make them ideal means for identification purposes. [1] The concept was introduced for the first time by the Chinese who invented a new technique called fingerprint to identify people. The idea received more attention in Europe during the 17th and 18th centuries, were European scientists began their interest in the human skin especially friction ridge skin. Later, in the 19th century England published many books about fingerprint. In the 20th century exactly in 1902 fingerprint evidence has started to be used in the courts of England. In 1903, New York developed the first system that uses fingerprinting for criminal purposes. Then in the year of 1921, Federal Bureau of Infestation (FBI) used fingerprinting as an identification method and built special section for that. In 1992, identification section was rebuilt as the Criminal Justice Information Services division (CJIS). [2] Since the 80’s of the last century, the usage of computing devices increased rapidly. Such devices stored and processed very sensitive data. Immediately, scientists realized the need for a strong authentication mechanism to protect those devices from an unauthorized user. While passwords and smart cards are good means for authentication, a human fingerprint might be the most unique and hardest to fake or break [3]. The important questions now are, to what extent can this technology help securing mobile devices? Do users have any concerns when using it? Will it be used openly or selectively? These questions and others will be discussed later in the