Questions raised about biometrics usability if data is hacked
25 February, 2010
category: Biometrics, Corporate, Digital ID
Various security and technology experts have voiced their opinions and worries regarding the potential flaws in adopting biometric systems for use with physical and logical access control systems or other uses where an individual’s authentication would be required, according to an S C Magazine article.
While many have raised concerns regarding the adoption of biometric systems dealing a number of privacy-related issues, these experts take a slightly different angle looking into how useful biometric technology is assuming a leak of data.
Guy Churchwood, CEO of IT infrastructure consultancy company LogLogic, first looks at biometrics in the form of logical access control comparing it to having one password that can never be changed. Further, Andrew Clarke, vice president and managing director of the Europe Middle East and Africa region for access control security company e-DMZ Security, looked specifically at fingerprint scanners citing them as inherently flawed due to their visual-based authentication leaving them very open to fraud. Clarke adds that not only are the systems open to fraud, but that obtaining an individual’s fingerprint sample is also very simple. A third expert, CTO of authentication technology developer Imprivata David Ting, went on to elaborate further speaking to flaws dependent on where and how the password data is stored and matched.
All three experts, however, agree with having multiple factors of authentication, such as biometrics and a password. While each of them acknowledges that a leak of biometric data would still constitute potentially damaging and irreversible data being in the hands of someone it should not be, utilizing a second form of authentication on systems would significantly reduce the usefulness of such stolen data to a fraudster or criminal.
Read the full story here.