Kaspersky highlights dangers
of unsecured biometrics
raditional passwords nowadays
are a weak point, with data
leaks happening too often.
More and more companies are
deciding to change their approach and
adopt biometrics.
T
However, no one is immune to identity
theft and there have already been cases
of losing biometric data.
To raise awareness on the topic and
show that such data requires strong
security regulations, Kaspersky has
distinguished several dangers of
unsecured biometric data:
1. Stranger-danger. In order to set
face or touch recognition, the system
usually requires one sample of a
finger or a face. Hence, it is possible
for a user to fail authorisation due to
lighting conditions or such changes
in their appearance as glasses,
beards, make-up or aging. On the
contrary, it allows cybercriminals
to steal this sample and use it
according to their malicious aims.
60
2. A password for a lifetime. It is not
a problem to change a password
consisting of numbers and letters,
but once you lose your biometric
data you lose it forever. The problem
with touch recognition can partially
be solved by leaving only two to
four fingerprints, leaving others for
emergency cases, but it is still not
safe enough.
3. A digital locker. Existing digital
lockers rely on cloud-based help –
biometric matching usually happens
on the server side. If successful, the
server provides the decryption key
to the client. That increases a risk of
a massive data leak – a server hack
might lead to the compromising of
biometric data.
4. Biometrics in real life. There are two
cases when an ordinary person can
encounter biometric authentication.
Firstly, banks try to adopt palm
scans on ATMs as well as voice
authentication on phone-based
service desks. Secondly, individual
electronic devices use touch and
face recognition. However, biometric
security is not yet fully developed and
there are such constraints as CPU
power, sensor price and physical
dimensions, so some users have to
sacrifice system robustness – some
devices can be fooled by wet paper
with fingerprints generated using an
ordinary printer or gelatine cast.
To secure biometric data,
Kaspersky recommends:
• employing stringent security
measures against breaches of
traditional logins;
• businesses need to improve ATM
design to prevent the installation of
skimmers or establishing control
over the security of ATM hardware
and software
As for biometric identification technology
in general, for now Kaspersky
recommends using it as a secondary
protection method that complements
other security measures but does not
replace them completely. u
Issue 20
|
www.intelligentciso.com