More control needed for biometrics in smartphones, says ex-GCHQ boss

Apple's iPhone 6 fingerprint scanner is secure now, but it's only a matter of time before cyber criminals find a way in, says Sir John Adye

The ex-chief of the government's spy agency, GCHQ, has claimed that the use of biometric data in mobile phone devices needs to be better controlled.

Sir John Adye, who was chief of GCHQ between 1989 and 1996, is sceptical about biometric methods such as Apple iPhone 6's fingerprint recognition scanner, as well as other products with functions that check identity.

Adye was giving evidence to the Commons Science and Technology Committee, which is exploring future applications of biometrics and examining the legislative and regulatory challenges that these developments may pose.

He said that using biometrics was a positive step but warned that it wasn't clear if there was any supervision of personal data.

He used the example of an ATM, stating that when consumers put their credit or debit cards into the machine, the system is supervised by the bank, but that this wasn't the case for smartphones.

"You need to design security methods... which are going to be strong to protect the interests of the individual who is using the phone and the relying party at the other end... the bank or whoever it is, who is providing a service to them," the BBC reported him saying.

Adye suggested that the use of biometrics to make payments on a smartphone was a good idea by Apple - and that the operating system is difficult for anyone outside to penetrate and retrieve data from. However, he questioned how long this would last.

"The criminals are very inventive at finding ways in, and although you can protect it in that way on the device itself, what happens if the device is lost or stolen?"

Another concern for Adye is how personal information would be passed on to third parties.

"What happens to my personal data when I use it on a smartphone for proving my identity? Is Google going to use that data to target advertising at me? Is some other commercial company or maybe some hostile foreign government going to use it to target me in some other way? I don't know," he said.

GCHQ along with the US National Security Agency (NSA) allegedly gathered intelligence from iPhones, BlackBerry and Android devices after cracking the security codes which protect data.