This is a little annoyance of mine and it’s not to do with actual biometrics themselves but the way people use them. Biometrics, for those not in the know, is all to do with the science behind the identification of an individual such as fingerprinting, iris recognition etc.. Enterprising laptop manufacturers have recently over the last year or so started to introduce these little biometric tools as add-on components, HP with their fingerprint readers on business laptops, and Dell touting their facial recognition software which uses the built in web cam to make sure you look like the person you are supposed to be. So it was with great amusement that I read this story about facial recognition authentication being hacked with nothing more than a printed out photo. A failure in the technology you might think? Nope, stupid people putting it in the wrong place. Let me enlighten you on the subject of user authentication. If you make use of a computer system, such as the beloved Facebook, you type in a username and a password. This is known a two-fold (or two-factor) authentication.. you have a username (who are you?) and a password (what secret do you know?). Very secure in principle as long as the secret is kept a secret. Some online banks even give out a special smartcard and a card reader, so you end up with three-fold (three-factor) authentication: username (who are you?), password (what secret do you know) and smartcard (what have you got?). If you use a cash machine, the ‘who are you?’ and ‘what have you got?’ are combined in to one, your cashpoint card with account number written on it (note… whether this is know two or three factor is a point of debate!). How does this fit in with biometrics? Well which of those questions mentioned above can be answered by a biometric solution? In my opinion they most definitely answer the ‘who are you?’ question, and could be argued that they answer the ‘what have you got?’ question but I wouldn’t be confident in using biometrics there… So why are manufacturers using biometric authentication instead of a password???? Crazy stuff. The ‘what secret do you know?’ question is very important and to replace that with biometrics is mental, everyone knows what I look like so facial recognition is out of the question, and my fingerprints are also no secret unless I wear rubber gloves before I touch anything. OK, so iris recognition might be a little more complicated to steal but possible all the same, it’s not a secret, someone just has to scan your eye and they have all the data needed. Laptops secured with biometrics replacing a password are only slightly more secure than a laptop secured with just a username.. Now if they combined the facial recognition with a compulsory password I’d be happy.

Similar Posts:

None Found

Tags: Random