PaymentsJournal
No Result
View All Result
SIGN UP
  • Commercial
  • Credit
  • Debit
  • Digital Assets & Crypto
  • Digital Banking
  • Emerging Payments
  • Fraud & Security
  • Merchant
  • Prepaid
PaymentsJournal
  • Commercial
  • Credit
  • Debit
  • Digital Assets & Crypto
  • Digital Banking
  • Emerging Payments
  • Fraud & Security
  • Merchant
  • Prepaid
No Result
View All Result
PaymentsJournal
No Result
View All Result

Here’s Why You Don’t Store Biometrics in a Honeypot: Use Fido!!

By Tim Sloane
August 14, 2019
in Analysts Coverage, Biometrics, Emerging Payments
0
5
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn
Here’s Why You Don’t Store Biometrics in a Honeypot: Use Fido!!

Here’s Why You Don’t Store Biometrics in a Honeypot: Use Fido!!

Forbes reports that a security company lost almost 28 million records, including loads of biometric data such as fingerprints and facial recognition data such as photos of users. It also had un-encrypted usernames and passwords, logs of facility access, and the individuals’ security levels and clearance!

This is why it is folly to create a honeypot with such irretrievable and sensitive information. Distributing biometrics in the phone and making them safely accessible using FIDO’s approach makes better sense for all, except for those few security situations where the individual’s access is so valuable that it would put that person’s life in jeopardy. Then you have an entirely different problem to deal with:

“It has been coming for some time, but now the major breach of a biometric database has actually been reported—facial recognition records, fingerprints, log data and personal information has all been found on “a publicly accessible database.” The damage is not yet clear, but the report claims that actual fingerprints and facial recognition records for millions of people have been exposed.

The issue with biometric data being stored in this way is that, unlike usernames and passwords, it cannot be changed. Once it’s compromised, it’s compromised. And for that reason this breach report will sound all kinds of alarms.

The report published by security researches Noam Rotem and Ran Locar at Vpnmentor relates to Suprema, a company describing itself as a “global Powerhouse in biometrics, security and identity solutions,” with a product range that “includes biometric access control systems, time and attendance solutions, fingerprint live scanners, mobile authentication solutions and embedded fingerprint modules.”

The news of the breach was first published by Wednesday’s Guardiannewspaper in the U.K., which highlighted the use of Suprema solutions by the “Metropolitan Police, defence contractors and banks.’ The breach, though, is international, with Suprema’s Biostar 2 biometric identity SDK integrated into the AEOS access control system ‘used by 5,700 organisations in 83 countries, including governments, banks and the police.’”

Overview by Tim Slone, VP, Payments Innovation at Mercator Advisory Group

5
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn
Tags: BiometricsCybersecurityFIDO

    Get the Latest News and Insights Delivered Daily

    Subscribe to the PaymentsJournal Newsletter for exclusive insight and data from Javelin Strategy & Research analysts and industry professionals.

    Must Reads

    embedded lending

    Embedded Lending as a Growth Strategy for ISVs—How to Maximize Revenue Potential

    June 18, 2025
    merchant ai

    Merchants Find More Use Cases for AI Amid Risks

    June 17, 2025
    prepaid payroll

    Taking the Check Out of Paycheck: The Role of Prepaid in Payroll

    June 16, 2025
    Banking-as-a-service BaaS

    Remodeling Main Street: How Community Banks Can Leverage the Banking-as-a-Service Paradigm

    June 12, 2025
    How Employee Performance Enhances the Customer Experience

    Three Strategies to Maximize Loyalty in the AI-Driven World 

    June 11, 2025
    PFM tools

    How FIs Are Cutting Through Subscription Clutter with PFM Tools

    June 10, 2025
    child identity theft

    Stranger Danger: Protecting Your Children from Identity Theft

    June 9, 2025
    agentic commerce

    The Agentic Advent: How the Next Iteration of AI is Shaping Commerce

    June 6, 2025

    Linkedin-in X-twitter
    • Commercial
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Digital Banking
    • Commercial
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Digital Banking
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    • About Us
    • Advertise With Us
    • Sign Up for Our Newsletter
    • About Us
    • Advertise With Us
    • Sign Up for Our Newsletter

    ©2024 PaymentsJournal.com |  Terms of Use | Privacy Policy

    • Commercial Payments
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    No Result
    View All Result