Biometrics

What are biometrics?

Biometrics are measurable, unique physical characteristics that are used to identify individuals. There are three main types of biometrics:

• Biological biometrics use traits at a genetic/molecular level, such as DNA or blood, to identify individuals.
• Morphological biometrics use physical traits or the structure of the body (such as the eyes, fingerprints, or shape of the face) to identify individuals.
• Behavioral biometrics use unique patterns such as how the individual walks or talks for identification.

Common examples of biometrics include:

• Fingerprint scanning
• Facial recognition
• Iris recognition
• Heart-rate sensors
• Voice recognition
• Hand geometry recognition

Biometrics have become increasingly common. They serve a wide range of uses, from protecting our devices and privacy to helping the Department of Homeland Security keep immigration and trade safe. They have also become extremely popular among employers.
According to a poll by the Society for Human Resource Management, 57% of corporate organizations use fingerprint scanners to protect their devices, followed by facial recognition (14%), hand geometry recognition (5%), iris scanning (3%), and voice recognition (2%).

How are biometrics used in security?

Biometric data can be used in technology in place of certain security systems. It can also be used to enhance pre-existing security systems on phones, computers, or even buildings.

• However, in order to be useful, this data must be permanent and able to be collected.
• This data is encrypted and stored either within the device or on remote servers

Biometric systems consist of three parts:

• The sensor: records and reads biometric information for verification of identity
• The computer: stores information for comparison against stored data
• The software: links the computer hardware to the sensor to allow for data to be collected

Advantages of biometrics

• Convenience
• Biometrics make it easier for users to access their devices or personal information. Unlike long and complicated passwords, biometric data such as your fingerprint cannot be lost or changed.
• Privacy
• Since biometrics cannot be changed, the use of biometric systems ensures that the only people that can access devices or data are the ones that have been given access or permission to do so.

Disadvantages of biometrics

• Accuracy is not Guaranteed
• When Apple introduced Face ID biometrics in the iPhone X, they claimed that the chance of mistaken identity is one in a million. However, some other facial recognition software can be tricked.
• Researchers at the University of North Carolina at Chapel Hill conducted an experiment to test five security systems that use facial recognition software. They downloaded photos of 20 volunteers from social media and constructed 3D models of their faces. The researchers were able to breach four out of the five systems.
• It is also extremely easy to clone fingerprints using just plastic or candle wax. These imprints can then be used to unlock devices.
• Potential Hacking
• Since this data is extremely sensitive, it is more prone to being hacked. While passwords can be changed if accounts become unprotected, biometric data cannot be modified.
• Currently, most high-profile data is stored carefully, but as biometric data becomes more common, secure storage may become lax.
• Federal Laws
• Currently, there aren’t any cohesive laws in the United States to protect user’s biometric data. Hopefully, as it becomes more common, legislation will be put in place to keep this data safe.
• Software Flaws
• Hackers could exploit any flaws in biometric system software, leaving user data vulnerable.

How to protect your data

It is paramount that you take the proper precautions to keep your data secure.

• Use biometrics sparingly to keep your biometric data stored in a few places, and opt out of biometric data collection if you want.
• Keep the software on your devices current as it reduces the probability of your device being vulnerable to security flaws.
• Use two-factor authentication on accounts to add an extra layer of protection onto your accounts (visit our Two Factor Authentication tab for more information)

Educational Use

For educational use, we also made a Biometrics Powerpoint to help you gain a better understanding of the topic.

Sources

• https://www.kaspersky.com/resource-center/definitions/biometrics
• https://us.norton.com/internetsecurity-iot-biometrics-how-do-they-work-are-they-safe.html
• https://www.ifsecglobal.com/global/biometric-security-systems-guide-devices-fingerprint-scanners-facial-recognition/
• https://blogs.thomsonreuters.com/answerson/biometrics-technology-convenience-data-privacy/
• https://www.dhs.gov/biometrics
• https://www.nedapsecurity.com/insight/biometric-security/
• https://www.shrm.org/resourcesandtools/hr-topics/technology/pages/employers-using-biometric-authentication.aspx