I didn’t know Jason Bourne posted on HN. In all seriousness, where’s the threat of someone taking extremely high resolution scans of your iris unless you are truly rich/powerful/connected.
Fingerprint scanning is going mainstream, heres a post about Amazon using palm scans on point of sale systems [1]. It seems reasonable that point of sale systems will get hacked or skimmers will get installed (common problems impacting normal people today). The current fix is to issue a new card. Unfortunately, you cannot have a new finger/palm print issued, so the threat appears unmitigated.
The problem is not the high resolution scan of black hats it's that every company and your mom wants to store your biometric data in the future... and as we see with passwords most of them can't be trusted.
The bad guys don't need to scan your biometrics. Every site you log into with TouchID or whatever already has. Passwords get leaked all the time, and when you find out, you change them. You can't change your biometrics.
You’re fundamentally misunderstanding how TouchID or FaceID work.
The biometrics authenticate you with the Secure Enclave in your phone. The enrolled biometric data is stored within the Secure Enclave and practically unrecoverable. Authentication is done directly within the Secure Enclave. The connection between the sensor (fingerprint, camera) and Secure Enclave is direct and encrypted.
Conceptually, this is identical to using a passcode or password to unlock your device.
Once the Secure Enclave is unlocked, your phone can use it to sign requests, decrypt data (e.g., stored passwords), etc. The signed request or decrypted password is what’s transmitted to the app, website, or whatever else you’re authenticating against.
Your biometric data never leaves a secure encrypted channel between the sensor and Secure Enclave, and within the Secure Enclave’s own storage.
It’s some seriously cool hardware and the lengths it goes to to mitigate a lot of common and uncommon attacks is impressive. (It has a separate built in voltage and clock monitor with a wider operating envelope so if you try and voltage glitch it, it can lock and disable itself and require a reset. Bet Nintendo wishes they had thought of that.)
There are a _lot_ of details published about this.
