The iPhone 5S will ship with a fingerprint sensor embedded in the home key.
It's designed to make securing your phone a no-brainer. No passwords necessary. A month ago, this would've sounded like a great, time-saving innovation. This week, it's hard not to hear it as the set up to an NSA joke. Apple's Tim Cook says that "[Your fingerprint is] never stored on Apple servers or backed up to the iCloud. That's great news."
I guess so. Over at Wired, Bruce Schneier seems less worried about government snooping and more worried about the possibilities of your fingerprint information being hacked.
If the system is centralized, there will be a large database of biometric information that’s vulnerable to hacking. A system by Apple will almost certainly be local — you authenticate yourself to the phone, not to any network — so there’s no requirement for a centralized fingerprint database. Apple’s move is likely to bring fingerprint readers into the mainstream. But all applications are not equal. It’s fine if your fingers unlock your phone. It’s a different matter entirely if your fingerprint is used to authenticate your iCloud account. The centralized database required for that application would create an enormous security risk.
If I'm understanding Tim Cook right, Apple's going out of their way to not have a centralized database. I don't know. Easy NSA jokes aside, I genuinely can't tell yet how much to worry about this.