Well, the media feeding frenzy that is an Apple product release press conference is over, and the whelmingness is definitely on the under, rather than over side. Part of the lack of drama is that, these days, it’s almost impossible for Apple to keep anything under wraps. There are just too many hands in the supply chain, too many carriers to coordinate a launch with, and too many opportunities for a stealthy cameraphone snapshot of a box or component. Add in patent and FCC filings, and your barber can tell you what’s going to be unveiled, at least a week or less from the event.
There were a few surprises, biggest of which was Apple sneaking out a 64 bit version of iOS without anyone noticing. It’s very reminiscent of the OS X switch to Intel back a few years. The promise from Apple is that the A7 will bring huge performance improvements, but it sounds like developer impact will be minimal. It’ll just probably be just another processor you add to the supported architecture list, and XCode will handle the rest. The improvements to CoreMotion promised by the new “M7” chip will also have utility for developers concerned with position and movement.
So, we have a pretty color version of the iPhone 5 for less bucks, a faster version of the iPhone 5 with a biometric power-up and camera improvements, and iOS 7. On the face of things, life is going to proceed apace for developers, just business as usual. But taking that attitude is very dangerous, because Apple just disrupted the world again.
On the face of it, the fingerprint sensor on the iPhone 5S is nothing new. Fingerprint biometrics have been around forever, especially on certain laptops, and there have even been a few phones with fingerprint sensors. The iPhone sensor is a particularly nice one, not requiring a finicky finger swipe to work, but that’s a fine point. But what Apple has done is to firmly plant a stake in the ground, and say “everyone should be integrating biometric security into their apps.”
Unfortunately, for the moment, only Apple gets access to the new hardware, we’ll have to wait until WWDC next year to see if third-party access appears in the next round of new APIs. If Apple keeps it restricted to unlocking and iTunes, it’s a neat party trick, like Siri.
If Apple gives developers access, Touch ID is going to change how pretty much any application that needs to verify identity works. Traditionally, app developers (especially ones working in privacy-sensative fields like finance or medicine) have been loathe to enable cached password security on mobile devices. It’s just too easy for someone to boost a cellphone and suddenly have access to bank accounts and medical records. What the new iPhone does is to totally change that conversation. Now it will be trivial to authenticate the identity of a user, as often as is required, without making it a burden.
In addition, the iPhone will not only be able to authenticate identity for applications, but it now has the potential to become a mobile authentication platform for all sorts of real-life applications. Imagine the Square application on one iPhone (which may not even have biometric hardware) being able to use BT4 to talk to a nearby iPhone 5S, and merely by using the phone and the sensor, be able to authenticate and process a credit card transaction.
For developers, the challenge will be that until the sensor becomes more ubiquitous, applications will need to support multiple types of authentication. In other words, the dreaded fragmentation monster is attacking again. From what we’ve learned initially, the data is never going to leave the device (or, in fact, a very secure piece of the processor architecture), so any thoughts about using fingerprints for identification as opposed to authentication seems to be a non-starter. Hopefully, at least multiple users will be supported.
Until we have devices in hand and APIs to code against, we won’t know the full possibilities of what new apps will be able to leverage. But as of today, every iOS developer on the planet needs to start thinking about how integrated biometric security could enhance (or perhaps obsolete?) their applications. We’ve just entered the Age of Authentication, and everything is going to be different, again.