Journal #3 Extra Layer of Protection
Biometrics has the potential to
make authentication dramatically faster, easier and more secure than
traditional passwords, but companies need to be careful about the biometric
data they collect.
Biometrics are physical or
behavioral human characteristics to that can be used to digitally identify a person
to grant access to systems, devices or data.
Biometrics can provide a
reasonable level of confidence in authenticating a person with less friction
for the user, it has the potential to dramatically improve enterprise security.
Computers and devices can unlock automatically when they detect the fingerprints
of an approved user. Server room doors can swing open when they recognize the
faces of trusted system administrators. Help desk systems might automatically
pull up all relevant information when they recognize an employee's voice on the
support line.
Types
of biometrics
Face
recognition. Measures the unique patterns of a person’s face by comparing and
analyzing facial contours. It’s used in
security and law enforcement but also as a way to authenticate identity and
unlock devices like smartphones and laptops.
Iris
recognition. Identifies the unique patterns of a person’s iris, which is the
colorful area of the eye surrounding the pupil. Although widely used in
security applications, it isn’t typically used in the consumer market.
Fingerprint
scanner. Captures the unique pattern of ridges and valleys on a finger. Many smartphones and some laptops use this
technology as a type of password to unlock a screen.
Voice
recognition. Measures the unique sound waves
in your voice as you speak to a device. Your bank may use voice recognition to
verify your identity when calling about your account, or you’ll use it when
giving instructions to a smart speaker like Amazon's Alexa.
Hand
geometry. Measures and records the length, thickness, width, and surface area of
a person’s hand. These devices date back to the 1980s and were typically used
in security applications.
Behavior
characteristics. Analyzes the way you interact with a computerized system. Keystrokes,
handwriting, and the way you walk, how you use a mouse, and other movements can
assess who you are or how familiar you are with the information you’re
entering.
A
biometric system consists of three different components:
Sensor.
This is what records your information, as well as reads it when your biometric
information needs to be recognized.
Computer.
Whether you’re using your biometric information to access a computer or
something else, there has to be a computer storing the information for
comparison.
Software.
The software is basically whatever connects the computer hardware to the
sensor.
How
reliable is biometric authentication?
Authentication credentials such
as fingerprint scans or voice recordings can leak from devices, from company
servers or from the software used to analyze them. There is also a high
potential for false positives and false negatives. A facial recognition system
might not recognize a user wearing makeup or glasses, or one who is sick or
tired. Voices also vary.
What
are the privacy risks of biometric authentication?
Some users might not want
companies collecting data about, say, the time of day and the locations where
they typically use their phones. If this information gets out, it could
potentially be used by stalkers or, in the case of celebrities, by tabloid
journalists. Some users might not want their family members or spouses to know
where they are all the time.
Are
biometrics safe?
There are serious privacy
concerns when it comes to biometrics. Some of the major issues identified with
biometrics include these:
Any collection of data could
eventually get hacked. High-profile data may be an especially attractive target
for hackers. The good news is that high-profile data tends to be secured on a
stronger level. However, as biometrics become more common, your biometric
information will likely be available in more places which may not employ the
same level of secure storage.
Biometrics may become so
commonplace that people become complacent. They might not use the kind of
common-sense security measures that they use today because they think that
biometrics will solve all of their security problems.
The data stored in a biometric
database may be more vulnerable than any other kind of data. You can change
passwords. You can’t change your fingerprint or iris scan. This means that once
your biometric data has been compromised, it may no longer be in your control.
Some pieces of your physical
identity can be duplicated. For example, a criminal can take a high-resolution
photo of your ear from afar or copy your fingerprints from a glass you leave at
a cafe. This information could potentially be used to hack into your devices or
accounts.
Laws governing biometrics are a work in progress, meaning your rights might be different from state to state. However, federal lawmakers may eventually create a cohesive law to address biometric privacy.
How
secure is biometric authentication data?
The security of the biometric
authentication data is vitally important, even more than the security of
passwords, since passwords can be easily changed if they are exposed. A
fingerprint or retinal scan, however, is immutable. The release of this or
other biometric information could put users at permanent risk and create
significant legal exposure for the company that loses the data.
Local
or device-based authentication
The most common example of a
local authentication mechanism is the hardware security module in a smartphone.
User information — such as a fingerprint scan, facial image or a voice print —
is stored inside the module. When authentication is required, biometric
information is collected by the fingerprint reader, camera or microphone and
sent to the module where it's compared to the original. The module tells the
phone whether or not the new information is a match to what it already had
stored.
Tokenization
or encryption
Another approach to allowing new
devices to recognize existing authorized users is tokenization, one-way
encryption, or hashing functions. Say, for example, retinal, voice or
fingerprint identification is used to recognize and authenticate employees
wherever they might go within a company, but the company doesn't want to have
the image or audio files stored on servers where hackers or malicious employees
might misuse them.
Source:
What is biometrics? 10 physical and behavioral identifiers | CSO Online
Biometric Technology - an overview | ScienceDirect Topics
Comments
Post a Comment