Biometric Security – A Blessing or A Curse?

by October 12, 2018 0 comments

Your identity is your most priceless possession, protect it!

The identity here in question is not your personality but your body. Today, the body makes-up to be the most authenticate password to secure all your secret locks; from social media to banking. This security system is known as the Biometric security.

Your voice waves, hands, fingerprints, earlobes, retina patterns, iris patterns, DNA and signatures comprise the list of body parts treated as a unique identity.

Having both sides, black and white to this kind of security, we were curious to break the soil more. Sasi Kumar G, Vice President, Platform, Aujas & Shaik Ahmed, Director, Cyber Security and Advisory Services, Virtusa Corp. were kind enough to spare some of their precious time to elaborate extensively on the topic.

What Level of Security does Biometric reach?

Biometrics is the ideal combination of identification and ease of use. Every day most of us have to authenticate and authorize ourselves on numerous occasions such as entering a code on a mobile or to enter the workplace a password to log onto the computer or a pin number to access cash from the bank.

Sasi Kumar, Aujas shared three valuable insights on biometric security, he said,

  1. Convenience is rated higher than security itself in some cases. Biometrics as a security system comes closest to physical verification.
  2. Biometrics provides the best ROI as compared to any other security system. A single device affixed to the point of entry can keep a track of thousands of employees, where a huge resource would need to be managed to do the same job, costing tenfold the amount.
  3. The trust factor is highest with this method of security. Financial institutions prefer this method to showcase their reliability to their customers. A password or pin can be changed or shared with multiple individuals, but with biometrics, your credentials are solely with you and can never be misplaced or forgotten.

Shaik Ahmed’s thoughts too compliment to what Sasi Kumar shared. “Biometric has various key advantages such as non-repudiation, non-transferable and guessable which provide a very high level of protection against fraud. Biometric security has come into its own as the most sophisticated technology for authentication, authorization and identification purposes. The advantage of biometric technology compared to more conventional or traditional authentication methods is that it is intrinsically linked to an individual person and therefore not easily compromised through theft, collusion or loss”.

Also, the global biometric market is expanding at an unprecedented rate. It is estimated that the global biometrics market will exceed $24.8bn by 2021. Biometric have successfully implemented and adopted in various real-life applications such as forensics, government agencies, banking and financial institutions, enterprise identity management and other identification and recognition purposes.

Methods to manage the Vulnerability of Biometric Authentication

The popularity of Biometrics has increasingly grown in recent years. Though, attacks on biometric systems from the past have not given much of confidence to the organizations across the globe to widely accept it; And the public confidence and acceptance of this technology will depend on the capability of the biometric designers to demonstrate that these systems are hack proof.

On the other hand, there are strict standards in place today that are constantly evolving with each new upgrade to the technology. However, as the technology progresses, duplication of fingerprints and iris scans may turn out to be a concern. But there are also countermeasures in place, such as machine learning algorithms that are evolving to identify the fakes better.

Sasi Kumar, Aujas stated, “As with every other authentication based on the risk involved in a transaction, two-factor verification may be necessary to mitigate the vulnerabilities. Along with this, the biometric scanners are notching up the security within the device and interesting technologies are used to detect the presence of a live fingerprint”.

Another key trend is finger-vein biometric matching. It does not require the user to place his finger on the device, it is more hygienic and less susceptible to identity theft. And in the future enterprises may use a hybrid finger based authentication; a combined device that is able to simultaneously scan both aspects would be best in terms of efficiency.

Shaik Ahmed of Virtusa Corp. also shared probable ways to protect biometric authentication. Check-out the few methods to manage vulnerabilities of biometric authentication:

• Fingerprint Liveness Detection – There are various Software-based systems that detect the liveness of the fingerprint.
• Eliminate Replay – A challenge-response based system guarantees that image is really coming from the fingerprint sensor.
• Eliminate Hill-Climbing – It does not reveal the actual matching scores; only reveal a coarsely quantized version. This may render the hill-climbing based attack infeasible or impossible.
• Watermarking Techniques – The information to be embedded in a signal is called a digital watermark, although in some contexts the phrase digital watermark means the difference between the watermarked signal and the cover signal.

“Biometrics provides a positive approach in extending current security technologies that make it far harder for fraud to take place by preventing ready impersonation of the authorized user. Safeguarding biometric data can be challenging in the current data security scenario where threats to data are rising with every passing day,” said Shaik Ahmed.

Is Biometric Security – A Blessing or A Curse?

And now after the long discussion, it is time to answer the most integral question – is Biometric – a blessing or a curse?

To take the words of Shaik Ahmed, “Unforgeable biometric identity could be a blessing. But we must identify and protect against the many ways that it can become a curse”.

As it should not be viewed as black and white. The nature of technology needs to be comprehended. In case, it is used incorrectly it could lead to troublesome situations. For that reason, it could be perceived as both a blessing or a curse depending on how the person or organisation is using it.

To clear the air Sasi stated, “Creating a unique, unforgeable identity is most certainly a blessing. Biometrics as a technology can be implemented across industries, regardless of their type, size, shape or geographic location. For organizations where customer identification or authentication is not a part of core functions; this technology can be implemented for other application like door access, employee identification and attendance, etc. Biometrics is an important tool to make businesses feel secure and to prevent identity theft. Passwords and pins may be easily forgotten, but this is not an option with biometrics.”

Though, it should not be viewed as black and white. We must understand the nature of the technology and its correct application. If used incorrectly it may become troublesome. Thus, it may be viewed as both a blessing and a curse depending on how the person or organisation is using it.

No Comments so far

Jump into a conversation

No Comments Yet!

You can be the one to start a conversation.