Biometric is near. Imagine you are in a store. You went to the cashier to pay for a watch. But instead of using your card or cash, you moved your eyes in front of a retinal scanner. The scanner captured an image of your retina and send it to your bank database. Transaction complete.
This future is happening right now. Biometric research is accelerating. Experts are working around the clock to build this tech. Devices and apps are now undergoing research. It won’t be long until it’s fully deployed. Fingerprint scanner is just the beginning. Soon, mobile apps can verify your identity using your body part. It’s a perfect identifier for everyone. With your DNA inside, it belongs only to you. It verifies you and no one else. However, as I often said, with easiness comes vulnerability. This biometric tech has already raised security and privacy concerns. There are so many questions we should answer. And the most irritating one is this. How are the manufacturers and government going to address our info?
Biometric: Digging Information from Our Body
Our body is a huge library. Every cell of it tells everything about us. However, not every part of it can be used as our ID. After some technical considerations, so far we can only rely on some parts of our body. Our retina, fingerprint, and ear, for example. So far, these places are the best identification spot we can use. Each is different from another. Ear, for example, is unique compared to the other two. Michael Boczek, CEO and President of Descartes Biometrics told us about this. “It’s stable and enduring, which means it changes every little over the course of one’s life. That’s also true of fingerprints, but less true of facial recognition.”
This future is coming soon, but not in a day or two. Biometric is, in all ways, tricky. In one side, they are the perfect security tool. It uniquely identifies a person. Using today’s technology, you can’t fake anyone’s body part. So, that’s perfect. However, there is another side of this story. If your biometric is somehow compromised, you’re done. It’s impossible to get the exact body part. It’s not even possible with advanced 3D printer.
This is why we are so concerned about biometric security. It may, in fact, our best hope in security. But, even things got worse, it can turn into a nightmare. Everything secured with it, will probably be locked for a very long time.
Data Back Up and Biometric
We often get the wrong idea about biometric identification. Usually, we only think about is as merely identification. Well, that’s just one part of it. Biometric identification is also about identity authentication. Both are different in so many ways. For example, identification only runs an image against a database of previously collected images. Authentication, at the other side, requires using the device to access the image to find the match. Authentication is typically used for unlocking applications and devices.
Biometric comes at the perfect moment. Nowadays, the world is so desperate looking for the perfect security solution. That’s why we were so excited when Apple introduced it’s new home button. A fingerprint sensor is built into the new home button. It allows everyone to easily secure their phone. No more PIN, pattern, or password. Just a gentle touch on the home button. As expected, it went to a sales boom. Many were curious about this feature. And so, trying to take advantage of this expanding appetite, many other companies began to create their own biometric identification. MasterCard with heartbeat, Google’s Abacus Project with your speech patterns, and many more. Some even have begun to seek codes in our eyes and gait. This is how we live today. The biometric race has already begun.
Can You Trust Biometric?
The fact is, not even biometric is 100% safe. The only way to make it safe is to keep it private. The problem is, it’s impossible. You can’t keep someone from looking at your skin, face, eye, hair, etc. As long as it’s visible, you can’t keep them private. What about the ‘invisible’ body parts? Well, they may be helpful since no one can see them, But, unfortunately, our biometric tech hasn’t yet reach that part. So, at the moment, it’s impossible to use our inner body parts.
The point is, no matter how we see it, biometric is the most public security key. While you are walking outside, anyone can take a high resolution image of your ear from afar. Anyone can take your fingerprint from the glass you used to drink. This makes biometric easy to hack.
A Long Path to the Future
If organized accordingly, biometric is a promising security in the future. It offers the best way to secure our life in the easiest way ever. The only challenge is, we haven’t regulated the use of data about our body.
Before we can apply biometrics, we need laws and rules to ensure everyone’s safety. Some countries have begun the process. The US National Telecommunications and Information Administration, for example, held a workshop on this topic last summer. It was meant to craft a code of conduct regarding the operation of biometric. At that moment, they focused on the use of facial recognition technology. The workshop was attended by trade associations, Google, Microsoft, security experts, and advocates. And as expected, they went short. There was no conclusion. Even before the workshop is over, no one from public interest community stayed in the room.
Everyone was so persistent on how biometrics should be. For example, all trade associations refuse the simplest idea about privacy. They refused to get the subject’s consent before using facial recognition on him/her. Especially, if they are not in any relationship with the subject. From their point of view, this will be useless. The public will less likely to give this consent. Well, they got the point this far. However, there is one truth they didn’t tell the workshop that time. Most likely we would refuse to give them our consent because we know they will do nothing good with it. There are too many proves that will point out their wrongdoings. Not in the present and future, we will let this happen again.
With so many interests surrounding biometric application, it’s best to hope that any final law regarding this subject won’t be issued in the near future. Countries around the globe are working to find out a formula that pleases everyone. Your government, perhaps, is also one of them. There are tons of homework that must be done before the application went public. We are digging for answers over questions we are uncertain about. For example, how effective the biometric is? How much does it affect someone’s privacy? What if a breach occurred? What about the device security? Will future biometric involve with any implantable device? How far will it affect our health, then? And so on. Questions keep rising, while we are still seeking answers for the others.
While lawmakers are working this draft, biometric application can’t wait. At this moment, most people think that the benefits are far greater than the risks. Around the world, companies, institutions, and people are using biometric devices. Police dept. uses CCTV to capture your image while on the road. Your company records your fingerprint. Your iPhone does the same thing. See? That’s how the world works. As long as it seems good, everyone will use it. The world will use it. The risks? Let’s worry about them later. Isn’t it right? Have you ever think about how your company manage your fingerprint? Have you ask the same thing to your local police?
Biometric: Safe or Creepy?
Just like any other, biometric is hackable. I know that’s hard to accept, but that’s the truth. And as we speak, hackers are engineering their way to hack biometric authentication. As we are developing this future security, hackers are building their own way to hack it. Why now? Because it is the perfect time to learn everything about biometric. Biometric authentication we see today, is still at its early development stage. Yet, companies are rushing everywhere. They are making their own version of biometric application. You may not realize it, but this condition gives the perfect resources for hackers. There are various biometric-enabled products they can learn. There are various codes they can learn.
The only interesting question here is this. How many have they learnt?
Last year, hackers attacked the US Office of Personnel Management. This single attack compromised 5.6 million people’s fingerprints. And that’s not alone. Every single year, medical records, banks, universities, IRS, and even dating websites fall for the attack. These websites are just the beginning. Their fall proves one thing. Biometric is not immune to cyber threats. Here is the worst part of it. You don’t need to be a hacker to hack biometric. You can hack anyone’s fingerprint by using only clay or gummy bear. Or if you want, you can hack any fingerprint scanner by printing conductive ink with an ink jet printer. Fifteen minutes, that’s all it takes.
So, what do you say? Will you join the future of biometric? With all its risks, do you think it’s worth a place in our future?