PaymentsJournal
SUBSCRIBE
  • Analysts Coverage
  • Truth In Data
  • Podcasts
  • Videos
  • Industry Opinions
  • News
  • Resources
No Result
View All Result
PaymentsJournal
  • Analysts Coverage
  • Truth In Data
  • Podcasts
  • Videos
  • Industry Opinions
  • News
  • Resources
No Result
View All Result
PaymentsJournal
No Result
View All Result

A Hacker’s Nightmare: New Advances in Biometrics

Kimberly Biddings by Kimberly Biddings
September 12, 2022
in Biometrics, Featured Content, Industry Opinions
0
biometrics

biometrics

0
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn

Biometrics are quickly becoming one of the most common methods for identity and access management (IAM), with over 85% of people interested in using biometrics to verify identity. This popularity is due in large part to the convenience and security offered by using a biometric over a password or token. As these are adopted at a greater rate the technology backing them is advancing as well. While we may see scenes in movies where masks are used to dupe a face scanner, the reality of hacking a biometric measurement is much more difficult. New techniques like liveness detection and innovative ways of storing the measurements have raised the bar for security and made hacker’s lives far more difficult.

How It Works

Liveness detection uses algorithms designed to look for authenticity in the biometric being used. For example, in a fingerprint scan rather than just compare the pattern of the fingerprint itself it looks for other indicators of life. Liveness detection can identify slight differences in the fingerprint due to skin flexibility, or it can detect the presence of sweat and pores in the skin. Many methods can detect blood flow beneath the fingerprint or see vein patterns under the skin. By looking at more than just the fingerprint itself, but also examining the composition of the biometric being used, these systems are able to avoid presentation attacks where a false version of a biometric is presented to a scanner.

These new approaches to presentation attack detection (PAD) rely upon the ability to collect a much larger number of data points to contribute to both the security and flexibility of the system. For example when using a face scan companies are employing 3D models where a user needs to move their head around showing data points in three dimensions rather than a static 2D image. A study published in the National Library of Medicine shows that using methods like motion analysis resulted in a 97% success rate in correctly identifying live versus fake biometrics. As our ability to take in thousands of data points to analyze a face, fingerprint, or voice grows, so too does our ability to prove liveness. Even if a hacker somehow gains access to a user’s fingerprint or a picture of their face, the process for replicating and then using it in a way that also passes liveness detection is nearly impossible.

How the Information is Stored Matters

Another method being used to prevent attacks is storing the biometric measurements in a fashion whereby they cannot be replicated if hacked. Centrally stored biometric systems keep measurements with the company granting access and this has led to concerns about what happens if there is a breach where the biometrics are stored. However, systems like identity-bound biometrics (IBB) have addressed this by storing templates rather than the direct measurements themselves. When a biometric is enrolled in the system it is sent through an algorithm and then saved as a template that doesn’t resemble the measurement itself. Like a lock and key the biometric now can be paired with the template to verify an identity and grant access to the system without the biometric being saved directly to the server. All of this means that even if a breach occurs the hacker won’t have access to a real person’s biometric measurement and would not be able to attempt to replicate the fingerprint or face of a user.

Continuing to Advance in Biometrics

To hack a password all that needs to happen is finding the right combination of letters and numbers. With advances in technology hacking a biometric has become a completely new game. Even having access to a person’s exact biometric measurements is no longer enough to fool a biometric scanner. The amount of time, effort, and expertise needed to even attempt to break through liveness detection creates a huge barrier for would be threat actors. Storing the biometric as a template makes stealing the data in a breach worthless. As hackers become more and more sophisticated, so too does the way in which we safeguard our data and identities.

Tags: BiometricsFingerprintIAMidentityliveness detection
0
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn

    Analyst Coverage, Payments Data, and News Delivered Daily

    Sign up for the PaymentsJournal Newsletter to get exclusive insight and data from Mercator Advisory Group analysts and industry professionals.

    Must Reads

    live shopping, ebay

    Q&A: eBay Exec on Live Shopping and the Future of Payments

    March 24, 2023
    AI and Biometrics in Regulatory Compliance in Finance

    The Importance of AI and Biometrics in Regulatory Compliance in Finance

    March 23, 2023
    Everyone Benefits from the Real-Time Payment Networks  

    Everyone Benefits from the Real-Time Payment Networks  

    March 22, 2023
    commercial payments

    Optimizing Commercial Payments in the Digital Age

    March 21, 2023
    cross-border payments

    Cross-Border Payments: Fighting
    E-Commerce Fraud Using Data

    March 20, 2023
    fraud, ChatGPT-4

    How to Fight Fraud While Still Enabling a Great Online Customer Experience

    March 17, 2023
    RTP

    Financial Institutions Without an RTP Strategy Risk Being Left Behind

    March 16, 2023
    visa chargeback

    New Visa Chargeback Guidelines Will Be a Game Changer

    March 15, 2023

    Linkedin-in Twitter

    Advertise With Us | About Us | Terms of Use | Privacy Policy | Subscribe
    ©2023 PaymentsJournal.com

    • Analysts Coverage
    • Truth In Data
    • Podcasts
    • Videos
    Menu
    • Analysts Coverage
    • Truth In Data
    • Podcasts
    • Videos
    • Industry Opinions
    • Recent News
    • Resources
    Menu
    • Industry Opinions
    • Recent News
    • Resources
    • Analysts Coverage
    • Truth In Data
    • Podcasts
    • Industry Opinions
    • Faster Payments
    • News
    • Jobs
    • Events
    No Result
    View All Result