Recently, biometric security has been all the rave. If you’re unfamiliar with biometric security, it’s basically a modern technology used in various systems and devices. This security measure notices the special qualities in each and every person, including; fingerprints, eye composition, and even the tone and pitch of a voice.
Since this security measure focuses on the special qualities of everyone, it is supposed to make a system only accessible to the specific person that owns it. But, recent discoveries have shown that biometric security may not be as safe as you think. Continue reading to learn more!
Basics of Biometric Security
There’s a chance that you’re using biometric security every day and you most likely don’t even realize it. Yup, that’s right: biometric security is everywhere around us.
The most common form of biometric security is used to unlock our phones. Depending what kind of smartphone model you have, you most likely either use your fingerprint or face to unlock your phone. Another biometric security feature most smartphones have is voice recognition. This allows you to do various things, such as call or text someone, create a reminder, or even set an alarm.
Voice recognition is also found in recent technologies that are supposed to make your life easier and more efficient, such as the Amazon Echo and the Google Home.
What Recently Happened?
The most recent biometric security breach that is freaking out the tech industry was caused by German hackers. Basically, hackers stole a Samsun Galaxy S8. In order to pass the face recognition to open the phone, the hackers placed a contact lens over a picture of the person who owned the phone. Unfortunately, the hackers were successful and the phone unlocked.
This isn’t an isolated incident. Unfortunately, law enforcement has discovered hackers and criminals doing similar practices. The Chaos Computer Club even conducted a study in which they set out to discover how easy it is to unlock an iPhone with fingerprint authentication with fake fingers.
Jay Krissler used this tactic when he attempted to steal Ursula von der Leyen’s identity. Leyen is the German Minister of Defense. Since he is a public figure, there are many pictures of him on the internet. All Krissler had to do was take a picture of Leyen’s fingerprint from the internet, then use the system VeriFinger to construct a replica of Leyen’s finger. Finally, Krissler used his fake finger to break into the iPhone.
How Hackers Normally Access Data?
This event is scary to think about because biometric security greatly differs from typical security. Normally, hackers play their luck by entering in common passwords or using personal information they found out about you, such as your birthday, full name, and even social security number.
Since the basis of biometric security is that it is able to recognize small specifics about the person using it, this should mean that no one else will be able to access the system because there should be no way around authentication if you’re not the owner. Unfortunately, this logic has proven to be faulty.
Why Strong Authentication is Important?
Even though biometric security should be the strongest form of security in theory, it’s not. In fact, it’s apparent that hackers are still able to break into your devices and accounts even if a system utilizes biometric security.
That’s why biometric security should still use traditional authentication procedures, such as asking at least one security question or prompting for a pin. Of course, hackers could still break into your system if they get your authentication right too, but they’re less likely to be successful if traditional authentication procedures are paired with biometric security.
Companies Don’t Secure Your Data
A lot of people are surprised to find out that companies don’t secure your data. Since biometric security is dependent on your special characteristics, such as the composition of your face and fingerprint, companies are able to obtain that virtually everywhere.
Whether or not you use biometric security in your home or with your smartphone, companies are able to obtain your information through security measures used in stores, as well as when you post pictures on social media and utilize webcams.
Once companies record your image, they store it in a control space full of personal identifiable information with virtually everyone else’s images. Since all of these images are stored in one center, a hacker simply needs to breach the specific point to access everyone’s information. This could be potentially detrimental because they would be able to access virtually any aspect of your personal information and accounts.
The Bad News!!
If your biometric data is comprised, a hacker could essentially do anything with your identity. This means they could completely steal your identity and even falsify identification cards, such as passports and driver licenses. They could also illegally sign legal documents, and even create implications for potential criminal records.
Obviously, this is more damaging than if a hacker only stole or accessed one portion of your personal information, such as a credit card. That being said, you might still want to utilize traditional forms of authentication.
Even if you choose to use biometric security, utilize traditional forms of authentication in conjunction with the new technology in order to lessen the chances of hackers accessing your information.
The Good News!!!
Although it’s always awful when someone’s device and personal information is comprised, it’s ultimately good the German Samsung hacking happened because it’s forcing tech and security companies to work together to create stronger biometric security.
It’s also important to note that there is only less than one in ten odds for current security breaches. When you put this into a larger consideration of things, this is pretty good odds or biometric security strength.
Ultimately, tech, security, and product manufacturers have to work together to create unbreachable biometric security measures that store data within secured and locked files, which hackers won’t be able to ever access.