Biometrics give a false sense of security.
On Sept 23, 2015, Office of Personnel Management (OPM) revised the number of stolen fingerprint files to 5.6 million! Why should you care?
Some security pundits believe that biometrics are far more secure than passwords. They argue that since everyone has unique identifiers like their voice, iris, face and fingerprints, why not use these to authenticate a user in to a computer network? Sounds logical and from a theoretical perspective, it’s true. But major flaws become apparent during implementation.
When it comes to biometrics (like fingerprints), there are two types of data: Image and Template. The image is the actual picture of a fingerprint showing all the ridges, swirls and valleys that make you you. When police dust for fingerprints, they are collecting the image. When you get fingerprinted, you are giving them a copy of the image. Biometric images are so important it is illegal to change your fingerprints.
A template on the other hand is a computer generated series of zeros and ones, using a proprietary software algorithm, stored in a database. A change to the algorithm can change the template value.
If the templates had been stolen, it wouldn’t be quite as bad. They can be changed. The theft of images is far more dangerous than the theft of a template for two main reasons:
- A biometric image cannot be changed without harsh legal ramification, severe pain, and/or a lot of money. Most people are not going to go out and buy a new eye, replace their fingers, or re-build their entire face.
- A biometric image can be transferred to other materials and used to fool any commercially available biometric scanner. Those that can’t easily be fooled will be very expensive.
Biometrics can’t be changed, Passwords can.
The security of biometrics relies on the security of the server and data files. The failure at OPM was not a failure of the validity of biometrics for identification. It was a failure of securing the data. This exact same argument is used to attack the validity of passwords and even encryption keys. Because passwords can be changed, they can be more secure than biometrics. So, back to my original question … Why should you care?
A cyber attacker can substitute your biometric images for theirs. That’s right, the FBI terrorist list could be hacked, their fingerprint file could be substituted for yours, and suddenly, they are you. This would give the terrorist free reign to pass through checkpoints using another person’s biometrics. Or worse, they put their files into your file. If you think it’s difficult now for identity theft victims to fix their financials, wait till you come up against the federal government’s identification bureaucracy. How do you claim your innocence when your fingerprint matches the No-Fly list?
Biometrics alone are not the answer, just as passwords alone are not the answer. Security depends on how the data is stored, protected and accessed. When comparing password authentication to biometrics, remember, a password can be changed easily and often. If you are looking for easy and cost effective secure authentication, check out Power LogOn at www.access-smart.com.
