PaymentsJournal
SUBSCRIBE
  • Analysts Coverage
  • Truth In Data
  • Podcasts
  • Videos
  • Industry Opinions
  • News
  • Resources
No Result
View All Result
PaymentsJournal
  • Analysts Coverage
  • Truth In Data
  • Podcasts
  • Videos
  • Industry Opinions
  • News
  • Resources
No Result
View All Result
PaymentsJournal
No Result
View All Result

A Hacker’s Nightmare: New Advances in Biometrics

Kimberly Biddings by Kimberly Biddings
September 12, 2022
in Biometrics, Featured Content, Industry Opinions
0
biometrics

biometrics

0
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn

Biometrics are quickly becoming one of the most common methods for identity and access management (IAM), with over 85% of people interested in using biometrics to verify identity. This popularity is due in large part to the convenience and security offered by using a biometric over a password or token. As these are adopted at a greater rate the technology backing them is advancing as well. While we may see scenes in movies where masks are used to dupe a face scanner, the reality of hacking a biometric measurement is much more difficult. New techniques like liveness detection and innovative ways of storing the measurements have raised the bar for security and made hacker’s lives far more difficult.

How It Works

Liveness detection uses algorithms designed to look for authenticity in the biometric being used. For example, in a fingerprint scan rather than just compare the pattern of the fingerprint itself it looks for other indicators of life. Liveness detection can identify slight differences in the fingerprint due to skin flexibility, or it can detect the presence of sweat and pores in the skin. Many methods can detect blood flow beneath the fingerprint or see vein patterns under the skin. By looking at more than just the fingerprint itself, but also examining the composition of the biometric being used, these systems are able to avoid presentation attacks where a false version of a biometric is presented to a scanner.

These new approaches to presentation attack detection (PAD) rely upon the ability to collect a much larger number of data points to contribute to both the security and flexibility of the system. For example when using a face scan companies are employing 3D models where a user needs to move their head around showing data points in three dimensions rather than a static 2D image. A study published in the National Library of Medicine shows that using methods like motion analysis resulted in a 97% success rate in correctly identifying live versus fake biometrics. As our ability to take in thousands of data points to analyze a face, fingerprint, or voice grows, so too does our ability to prove liveness. Even if a hacker somehow gains access to a user’s fingerprint or a picture of their face, the process for replicating and then using it in a way that also passes liveness detection is nearly impossible.

How the Information is Stored Matters

Another method being used to prevent attacks is storing the biometric measurements in a fashion whereby they cannot be replicated if hacked. Centrally stored biometric systems keep measurements with the company granting access and this has led to concerns about what happens if there is a breach where the biometrics are stored. However, systems like identity-bound biometrics (IBB) have addressed this by storing templates rather than the direct measurements themselves. When a biometric is enrolled in the system it is sent through an algorithm and then saved as a template that doesn’t resemble the measurement itself. Like a lock and key the biometric now can be paired with the template to verify an identity and grant access to the system without the biometric being saved directly to the server. All of this means that even if a breach occurs the hacker won’t have access to a real person’s biometric measurement and would not be able to attempt to replicate the fingerprint or face of a user.

Continuing to Advance in Biometrics

To hack a password all that needs to happen is finding the right combination of letters and numbers. With advances in technology hacking a biometric has become a completely new game. Even having access to a person’s exact biometric measurements is no longer enough to fool a biometric scanner. The amount of time, effort, and expertise needed to even attempt to break through liveness detection creates a huge barrier for would be threat actors. Storing the biometric as a template makes stealing the data in a breach worthless. As hackers become more and more sophisticated, so too does the way in which we safeguard our data and identities.

Tags: BiometricsFingerprintIAMidentityliveness detection
0
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn

    Analyst Coverage, Payments Data, and News Delivered Daily

    Sign up for the PaymentsJournal Newsletter to get exclusive insight and data from Javelin Strategy & Research analysts and industry professionals.

    Must Reads

    5 Ways to Protect Your Financial Institution from a Cyberattack

    5 Ways to Protect Your Financial Institution from a Cyberattack

    May 26, 2023
    traditional banks

    How Traditional Banks Can Modernize Without Risk

    May 25, 2023
    identity fraud

    Javelin’s Identity Fraud Study Highlights the Changing Nature of Fraud

    May 24, 2023
    SASE, security-as-a-service

    Security-as-a-Service Secures
    Distributed IT Models

    May 23, 2023
    mule. real-time

    Early Detection of Mule Activity Requires Real-Time Solutions

    May 22, 2023
    embedded finance, ecommerce

    How Retailers Can Enter the World of Embedded Finance Confidently 

    May 19, 2023
    cross-border

    Cross-Border Trade is a Cinch with the Right Payments Partner

    May 18, 2023
    debit

    5 Reasons Merchants See Debit As
    Top-of-Mind for In-Store Sales

    May 17, 2023

    Linkedin-in Twitter

    Advertise With Us | About Us | Terms of Use | Privacy Policy | Subscribe
    ©2023 PaymentsJournal.com

    • Analysts Coverage
    • Truth In Data
    • Podcasts
    • Videos
    Menu
    • Analysts Coverage
    • Truth In Data
    • Podcasts
    • Videos
    • Industry Opinions
    • Recent News
    • Resources
    Menu
    • Industry Opinions
    • Recent News
    • Resources
    • Analysts Coverage
    • Truth In Data
    • Podcasts
    • Industry Opinions
    • Faster Payments
    • News
    • Jobs
    • Events
    No Result
    View All Result