• Home
  • About Us
  • Contact Us
  • Privacy Policy
  • Special Offers
Business Intelligence Info
  • Business Intelligence
    • BI News and Info
    • Big Data
    • Mobile and Cloud
    • Self-Service BI
  • CRM
    • CRM News and Info
    • InfusionSoft
    • Microsoft Dynamics CRM
    • NetSuite
    • OnContact
    • Salesforce
    • Workbooks
  • Data Mining
    • Pentaho
    • Sisense
    • Tableau
    • TIBCO Spotfire
  • Data Warehousing
    • DWH News and Info
    • IBM DB2
    • Microsoft SQL Server
    • Oracle
    • Teradata
  • Predictive Analytics
    • FICO
    • KNIME
    • Mathematica
    • Matlab
    • Minitab
    • RapidMiner
    • Revolution
    • SAP
    • SAS/SPSS
  • Humor

Facial Recognition: The Latest Biometric Security Blanket

February 8, 2018   FICO
Biometric security blanket cybersecurity Facial Recognition: The Latest Biometric Security Blanket

As a kid, I was a big fan of “Peanuts,” the legendary comic strip by Charles Schulz. Linus was, and still is, my favorite Peanuts character. Linus always had the thoughtful answer and the confidence to tell his friends the truth, despite the silly security blanket.  Schulz said, “Linus, my serious side, is the house intellectual, bright, well-informed — which, I suppose, may contribute to his feelings of insecurity.”

As an adult with a serious professional interest in security, I am surprised as to why bright, well-informed data and cybersecurity professionals don’t feel more insecure about the efficacy of biometric information as a security device. Is it because biometrics are today’s security blanket?

The Myth of Biometric “Security Blankets”

I have been a contrarian about biometrics for some time. As I blogged last year:

To protect against consumer financial fraud, there’s a lot of buzz now about using biometric information — fingerprints, iris and facial recognition, and other unique physical characteristics — to authenticate payment card transactions…

Like encryption, however, biometrics are not a silver bullet to stop hackers. As a defense mechanism, biometric authentication is actually worse because it can create a false sense of security. But once that information is corrupted or stolen by hackers, how do you prove who you really are? This excellent article in Scientific American captures the high-level privacy and cybersecurity implications that should be central to any discussion of biometrics:

“… [O]nce your face, iris or DNA profile becomes a digital file, that file will be difficult to protect. As the recent NSA revelations have made clear, the boundary between commercial and government data is porous at best. Biometric identifiers could also be stolen. It’s easy to replace a swiped credit card, but good luck changing the patterns on your iris.”

Since I posted that blog a year ago, Apple released Face ID as the mechanism to unlock its new iPhone X. Almost as quickly, stories began to appear about how Face ID could be effectively fooled by twins, kids and dudes with beards (almost).

Facial Recognition Imparts a False Sense of Security

The most serious and obvious argument against biometrics is this: They are really no more secure than any other form of authentication.

Whether it’s your face, fingerprint, iris or even your heartbeat, biometric data is imminently hackable. If stolen, the cybercriminal isn’t going to make his or herself look like you. They’re going to associate their digitized face, fingerprint, iris or heartbeat with your account.

This is what makes biometrics more risky than other forms of authentication comes after a compromise has occurred; once your biometrics are corrupted, how do you prove you’re really you?

In the wake of the first big biometric hack earlier this year, of India’s Aadhaar, the world’s largest biometric identification system, the general public is becoming increasingly aware that fingerprints are as easy to steal as passwords. And for the criminal fraudster or hacker looking to gain improper access to information or systems, associating their biometrics with your credentials is really no more difficult than changing your password, or any number of other tried-and-true account takeover tactics that have been around for years.

The scary difference is the misplaced faith that people are putting in biometrics. Like a security blanket, this technology makes people feel good but provides no substantive improvement in protection. I view biometrics as a trending fashion in security, not a credible long-term contender for materially improving security outcomes. What difficulty might consumers face (no pun intended) in reestablishing their own physical provenance when the inevitable hack takes place?

Stay Safe, Stay Vigilant

As I said in my biometrics blog last year, when it comes to ever-more resourceful and clever hackers, there is no single technology that can stop criminals in their tracks. As with other applications of security technology, the best defense for your financial life is constant vigilance, such as monitoring of activity on all of your cards and accounts, and setting up alerts with your bank’s mobile app and credit bureaus. If your bank offers card freeze technology, learn to use it so it’s available when you need it.

All defenses can be compromised, and when that happens, enterprises need to know about it, quickly. FICO® Cybersecurity Solutions deliver exactly that, allowing organizations to anticipate risks, identify emerging cyber threats, quantify cyber exposure, and fight cyber crime in real time.

If you’re looking for a real security blanket, visit the Charles Schulz Museum in Santa Rosa, California. And follow me on Twitter @dougoclare.

Let’s block ads! (Why?)

FICO

Biometric, Blanket, facial, latest, recognition, Security
  • Recent Posts

    • Why machine learning strategies fail
    • Why Some CRM Initiatives Fail
    • Lucas Brothers To Write And Star In Semi-Autobiographical Comedy For Universal
    • NortonLifeLock’s AI-powered smartphone app blurs out sensitive information in photos
    • WHEN IDEOLOGY TRUMPS TRUTH
  • Categories

  • Archives

    • February 2021
    • January 2021
    • December 2020
    • November 2020
    • October 2020
    • September 2020
    • August 2020
    • July 2020
    • June 2020
    • May 2020
    • April 2020
    • March 2020
    • February 2020
    • January 2020
    • December 2019
    • November 2019
    • October 2019
    • September 2019
    • August 2019
    • July 2019
    • June 2019
    • May 2019
    • April 2019
    • March 2019
    • February 2019
    • January 2019
    • December 2018
    • November 2018
    • October 2018
    • September 2018
    • August 2018
    • July 2018
    • June 2018
    • May 2018
    • April 2018
    • March 2018
    • February 2018
    • January 2018
    • December 2017
    • November 2017
    • October 2017
    • September 2017
    • August 2017
    • July 2017
    • June 2017
    • May 2017
    • April 2017
    • March 2017
    • February 2017
    • January 2017
    • December 2016
    • November 2016
    • October 2016
    • September 2016
    • August 2016
    • July 2016
    • June 2016
    • May 2016
    • April 2016
    • March 2016
    • February 2016
    • January 2016
    • December 2015
    • November 2015
    • October 2015
    • September 2015
    • August 2015
    • July 2015
    • June 2015
    • May 2015
    • April 2015
    • March 2015
    • February 2015
    • January 2015
    • December 2014
    • November 2014
© 2021 Business Intelligence Info
Power BI Training | G Com Solutions Limited