Skip to main content

People tend to think that biometrics are the ultimate in authentication. This mistaken belief will probably be a big set back for security in general.

Biometrics mechanisms require measurement devices that are located at the point of authentication. These devices are costly and difficult to calibrate. In addition they suffer from environmental interference, are susceptible to high rates of false negatives and are unsuitable for traveling personnel.

The main security problem with biometrics is the inability to create a new secret. If you allow your fingerprint to be digitized and sent across a network or scanned by a compromised scanner, it can be stolen. Then someone has a digital copy of your fingerprint. Now you need a new fingerprint. Credit card numbers work acceptably well not because the secret is secure - it's printed on the card after all - but because it is easy to change the secret.

If you think about it, you realize that only one biometric database has to be compromised. What do you do when one of your users says that there fingerprint has been compromised on another system. Do you install an iris reader for them? This cascading failure problem will be one of the reasons biometrics will never be widely adopted.


Copyright © WiKID Systems, Inc. 2024 | Two-factor Authentication