Samsung’s Galaxy S5 includes a fingerprint scanner embedded in the home button, and that hardware will be made available to third-party devs, the company announced today at a developer-focused event during MWC this year. That move is in stark contrast to Apple’s strategy with its own fingerprint sensor tech, which is specifically off-limits to third-party devs.
Apple went to great lengths to emphasize just how segmented its fingerprint scanner was from the rest of the hardware, and how isolated (read: protected from hackers) the data that it gathered was. Fingerprint information collected by the iPhone 5s scanner hardware built into Apple’s home button is held on a ‘secure enclave’ within the A7 system-on-a-chip, and communicated to other services only as an encrypted alias that conveys no sensitive data.
It’s not yet clear exactly how Samsung stores and transmits its own fingerprint information to apps and services, but even opening up use of the scanner itself and fingerprint activity to third-party devs already marks a considerable departure from Apple’s approach. Samsung already announced a partnership with PayPal to allow fingerprints to enable payment verification for making purchases, and even that offers a fundamentally different philosophical take on how to use biometric information.
Apple allows purchases within its own iTunes stores to be authorized via fingerprint, but that’s only because it controls the entire transaction, and can guarantee the integrity of any transmission that goes on. Cupertino was clearly highly sensitive to any suggestions that users or critics might have had about the security of their fingerprint-based tech, and went to great lengths to ensure that consumers would feel as safe as possible when using the system.
Samsung’s take appears to push the boundaries further, siding more with the possibilities that arise when you let developers have access to that hardware feature. So far, there doesn’t seem to be much in the way of consumer apprehension around how Samsung’s system differs from Apple, but it’s early yet and there are still a lot of unanswered questions around the tech behind the system.
For devs, however, this is a key opportunity that they’ve likely been thinking about since at least Apple’s iPhone 5s announcement. Any new sensor is grounds for exploring new software opportunities and app design paradigms, but access to such a user-specific identifier has big implications for hot areas like mobile payments, authentication and consumer behavior tracking. Samsung’s documentation for the new Pass API (which uses the fingerprint sensor) says that developers can do all of the following, which makes it sound like the intended purpose is indeed for proof of identity:
- Request fingerprint recognition
- Cancel fingerprint recognition requests
- Verify whether the fingerprint of the current user matches the fingerprint registered on the device
- Register fingerprints through the Enroll screen
Other new APIs made available by Samsung in its Galaxy S5 SDK allow for access of remote sensors (like those found in the Gear 2 and Gear Fit), S Health access, accessory device connections and file transfers between those devices, motion and activity information sharing, and more. The fingerprint API could be the most influential of all of the above, however, and the one with the most far-reaching implications for consumers and developers.