September 1, 2016

Share Everywhere

Is Biometric Authentication a Privacy Concern?

Biometric authentication was supposed to be the be-all and end-all solution for security…10-15 years ago. Unfortunately, their progress has been stifled due to privacy and security issues. Now, as it continues to grow, some say your information is even more at risk of becoming compromised.

At one time, biometrics were used just for fingerprinting criminals. Government agencies led the charge by identifying state and federal employees. Corporations then used basic forms of biometric authentication for access control. Now, everywhere we turn, your biometrics are being taken and used and this is heightening security risks.

It is now becoming common for us to use biometric authentication to access our electronic devices, and we might even use biometrics for other uses, like clocking in at work and scanning travelers from other countries through U.S. airport security.

The Growth of Biometric Authentication

In just the next few years, the world of biometric authentication is supposed to grow to more than 500 million scanners around the world. Everywhere you look, your individual characteristics are being taken from you. However, while it continues to be a security issue, consumers are not seeing it as one. In fact, about 80% of consumers are more confident in biometric authentication methods than they are passwords. This potential false sense of security is posing an even bigger problem.

False Security

When someone steals your password, you are notified to change it. This can be done repeatedly until you have something strong enough that won’t be hacked. Unfortunately, with biometrics, if a hacker steals your information, you cannot change anything. This means, they have it forever and you remain vulnerable. You cannot change your fingerprint or eye scan like you can with your email password.

Present Attacks

Hackers continue to get smarter and find ways to steal your information. Already, there have been a number of recorded attacks against biometric information. In 2014 alone, the Office of Personnel Management reported that there were 5.6 million government employees who had their information in the form of fingerprints stolen, potentially by the Chinese government. This wasn’t just a little attack. Many people had all ten fingerprints scans stolen. All of these people remain vulnerable still today, as there is nothing they can do to change their fingerprints.

Fighting Back

While many people are left feeling unsecure, it is important that those who choose to use the biometric scans require government agencies and companies to be held accountable. It is their job to ensure that your personal information remains secure at all costs. If you are going to have to use it to function in society, you need to be protected.

For example, let’s take Apple’s Touch ID. This is right from Apple’s website:

“Touch ID doesn’t store any images of your fingerprint. It stores only a mathematical representation of your fingerprint. It isn’t possible for someone to reverse engineer your actual fingerprint image from this mathematical representation. The chip in your device also includes an advanced security architecture called the Secure Enclave which was developed to protect passcode and fingerprint data. Fingerprint data is encrypted and protected with a key available only to the Secure Enclave.”

That’s the kind of security you should be looking for when providing your biometrics.

With any technology that requires or requests biometrics, consumers need to insist that their biometric data is encrypted when it’s being captured. You shouldn’t be afraid of biometric authentication methods any more than you should be afraid of online banking. It’s just another piece of technology that, when handled properly, can make things a bit more convenient. But you should be aware of its implications and be aware of how to keep it secure. Share this article. Inform a loved one. And do your research any time biometrics become part of the authentication process.

Image courtesy of Flickr user NEC Corporation of America.

Robert Siciliano

Community Educator at IdentityForce
ROBERT SICILIANO, CSP, the #1 bestselling author, is serious about teaching you about fraud prevention and personal security. Robert is a private investigator fiercely committed to informing, educating and empowering people so they can protect themselves and their loved ones from violence and crime in their everyday lives, both in their physical and virtual interactions. Robert, a Certified Speaking Professional with an engaging “tell it like it is” style, is a favorite source for dozens of major media outlets, leading corporations and organizations looking for the straight talk they need to stay safe in a world in which physical and virtual crime is commonplace. Robert is accessible, professional, and ready to weigh in and comment with down-to-earth insights at a moment’s notice on breaking news that affects us all.

Join The Discussion

Your email address will never be published.