With a 4 character password, which won't keep out anyone with a bit of free time. And remote-locking solutions are non-solutions for anyone determined and intelligent - just stick it in a Faraday cage.

I don't think much to the idea in the article, however I think it's worth pointing out that iOS can be locked with a password instead of a PIN. http://www.apple.com/support/iphone/enterprise/ http://www.9to5mac.com/14318/Alpha-numeric-Passcode-on-your-... http://wn.com/Alpha-numeric_passcode_for_iPhone [video]

I haven't heard of that one before, actually. That's interesting... and way way way more complicated than it should be to set up a better password.

Many thanks for the links, I'll certainly aim to do something like that if I ever get an iThing. Know if it encrypts the contents of your phone too, or if they do this by default? Otherwise, I'd think you could just dump the flash memory.

I think the 3GS and 4G encrypt in hardware. Also, you can set your phone to drop the key to wipe the phone if someone inputs the wrong PIN/password 10 times in a row. You don't have to worry about someone brute forcing it.

In general, a PIN works if a limited number of attempts are allowed before a lock-out is enforced.

and remote wiped, which combined with the biometric scanner, makes it far more secure than anything else you have to carry around right now.

- It could only be remote wiped if it's turned on and has a signal. A credit/debit card can be disabled no matter where it is.

- Biometric scanners can be outfoxed with a piece of play-doh. And what happens when you just want to loan the thing to your SO?

Authentication is best implemented when it combines what you have (a debit card) with what you know (a pin). Putting biometrics on your phone is just stacking two things that you have (your finger and the phone) with nothing that you know. No, the password, as a concept, should stick around.

In theory, the code that your phone is outputting could be cancelled, so even if you tap your phone against a terminal, it gets rejected, just like credit cards today. Plus, the phone would have to be on to use it, so as soon as it gets signal, it would get wiped before it could be used. (Though that brings up a new concern of what you do in normal use if you have no signal.)

Good point on combining what you have with what you know. I did not think of that. But wouldn't the PIN on your phone be as effective as your credit card PIN?

So at that point you end up with identical functionality to a credit card, except in a gimmicky package that's much more expensive to replace if lost or stolen, and much more valuable to the individual who obtains it. What's nice with a simple card is it has no intrinsic value; it's just a cheap token for authentication.

Sure, something extra you could do with a phone would be wrapping the payment system behind some sort of on-phone authentication before the phone "allows" you to use it, but then that's only as secure as the phone's debug access, so ultimately you end up with a bank-side activation/pin scheme, which puts you back at square one all over again.

To prevent the phone from getting a signal, put it inside a faraday cage (wrap it in aluminum foil).