With the iPhone 5S Apple has introduced a fingerprint scanner for user validation. The concept (also known as ‘Touch ID’) substitutes the current passcode protection, now allowing the user to unlock the device in two different ways.
For a brief introduction to the concept you may want to read Aaron Freimark’s thoughts on enterpriseios.com.
I think that Touch ID offers a great opportunity to maintain security while offering a better user experience. Combining the use of Touch ID with more complex passcodes may be a desired apporach. However, not all organizations are ready for using Touch ID; the IT security policy may not allow using fingerprint scanners and others simply find that the technologydoes not offer the desired level of security.
The SAP Afaria administrator interface does not yet include an option allowing you to disable the fingerprint sensor. However it is fairly easy to apply the policy allowFingerprintForUnlock = false to all iOS devices as a generic policy:
- Import DisableTouchID.mobileconfig to the Afaria system tenant
- Link policy to appropriate device group
Feel free to contact me if you need any assistance making this work.
This is how it looks on the device: