The biometrics industry is booming as of late. A world dominated by biometric systems will be convenient and cost-saving for us. However, in light of the security attacks that we have experienced over the past years, security is a highly valid concern.
How secure is the existing infrastructure of our biometric systems?
Difficult to forge
As is, your biometric information is uniquely yours. Unlike your password, this is extremely difficult to forge. This is especially true in the case of multiple-factor authentication which demands more than just one of your biometric information.
If one biometric data point is already hard to forge, one can easily imagine that layering many of these will be pretty secure.
A multitude of fears
Just taking the nature of biometrics into account, there shouldn’t really be much fear when it comes to security. However, this doesn’t mean that we are completely safe. There are other means attackers can use to gain your personal information:
- In a world dominated by biometric authentication, the direct implication is that more places will have your information. Not all these places will be guaranteed to have high-grade security to protect your data from attackers.
- The uniqueness of biometric information is both a cure and a poison to security. Unlike your passwords which you can change once compromised, there’s no changing your biometric information.
- There are indirect ways to replicate your biometrics. For instance, high-resolution pictures of you fingerprints are more than sufficient for a skilled criminal to replicate it.
A bigger threat
Yet another eventual problem will be the use of General Adversarial Network (GAN) algorithms. There are AI-based attacks that may not be powerful enough to directly replicate your fingerprints but are fully capable of brute force attacking current fingerprint authentication systems so access can still be gained.
A bigger threat
AI-based attacks are best counteracted with AI-based solutions. Examples of AI-based measures that can counteract GAN algorithms include:
- Finger vein-based biometric authentication. This type of authentication requires also the vein patterns underneath the skin which cannot be replicated with just photographs.
- 3D Facial Recognition. GAN algorithms can generate deep fakes which are extremely precise replication of facial characteristics that may be sufficient to fool optical face recognition systems. The best way to counteract this is by using 3D facial recognition, which also requires the depth of the user’s face.
Staying on top
In our pursuit of heightened security, we are creating tools that are equally accessible to those who can potentially use them for harm. While we are highly enthusiastic about finding innovative ways to make our authentication systems secure, our attention should also be equally dedicated in finding loopholes in these systems before attackers find them.
As much as the wide array of innovations is an evidence that human creativity practically knows no bounds, this is also a humbling reminder for us to never underestimate just how great the lengths some humans can go to for their personal gain. Especially in highly consequential matters such as security, there is no choice for us but to stay on top of things.