The Myth of Biometrics Enhanced Security - part 1

(27/02/2009)

Current Biometric documents are useless. ePassports don't make much sense without one-only or unequalled biometric passport reader. Let’s face it once and for all, any electronic data storage method by which content can be read (e.g. RFID, smart/storage cards, etc.), gives it the obvious potential to be hacked, copied and cloned. There's a reason why “Random Access”, “Write Only Memory” (“WOM”) devices have never sound logical. What purpose would there be to store data that cannot be read? Let’s take this one step further. If stored information is designed to be read, then a device must exist with the ability to read the stored information for it to be of any value.

Now, let us apply that simple logic to stored information that’s meant to be read in a widespread application. In this type of application, multiple standardized reading devices must exist in order to always yield the same result from that stored information. As an example, standardization gives us the ability to use our credit cards regularly because each and every point of sale reader is reading the information contained within the card’s magnetic strip in the exact same way.

We must therefore recognize that these same benefits of standardization create reciprocal risks of fraud. Once the ability to read stored information exists, the ability to either reverse engineer the reading process or clone the coded stored information exists as well. What purpose does, a means of identification serve, if we cannot be near certain that it has not been compromised? Further, once that ID has been compromised, how can it be prevented from yielding positive identification where not intended? To illustrate the point, let us use your everyday ATM cash withdrawal as an example. After inserting the card into the ATM, one is prompted to enter the PIN associated with that card.

If the correct PIN is entered, even by someone other than the authorized user, the ATM will approve the transaction because its predetermined means of authentication is a combination of a card and its associated PIN. As we are well aware, magnetic strip cards and the like can be easily read, thus creating the opportunity for thieves to create a copy of that card. All that’s left is the PIN. For professional thieves, that’s less of a challenge than we’d like to believe.

For years, as technology developers would have it, much effort has been focused on providing more and more secure methods of storing sensitive information, without addressing the root of the problem. Regardless of how securely information is stored, because it is designed to be read, illicit methods by which to read the information will be found. Once that has been accomplished, the ability to create both fake and cloned ID’s exists. ePassport readers are addressing the standards and recommendations of predefined requirements like the Machine Readable Travel Documents (MRTD). In order to make them usable, they must be consistent.

If you have a set of identical targets (e.g. ePassports or National IDs or Driving Licenses or Employee cards etc.), breaching one of them is a breach of all of them. Identical electronic device is a single point of failure. It is unfathomable for governments to change their entire population’s ID’s and documents every time someone, somewhere across the globe hacks and clones a single chip.

It would seem as if the only real way to prove you are who you claim you are to an automated system is through the use of biometrics as a means of authentication. Identity theft is exceedingly common these days. The use of biometrics, however, creates a whole new area of concern. When non-biometric security authentication elements are breached, security can be reestablished by selecting new authentication elements. The same cannot be done in an instance where stored biometric information is breached. Biometric information cannot be changed. Our fingerprints, face, retina and all, are what they are. The question we are faced with is how we can truly secure our biometric information. We can change our name or address, but we cannot change our body parts.

Turning the human body into the ultimate identification card is extremely dangerous. The possibility of fraud with electronic chips and biometric data should not be underestimated. Exposing or losing biometric property is a permanent problem for the life of the individual, since, as we’ve mentioned, there is no practical way of changing one’s physiological or behavioral characteristics. How do you replace your finger if a hacker figures out how to duplicate it? If your biometric information is exposed, in theory, you may never be able to prove who you say you are, who you actually are or, worse yet, prove you are not who you say you aren’t.

The best secrets are secrets that are never shared. Storing those secrets on a readable electronic card from which any simple RF dump reader can extract that information, in the same way as international border readers do, or storing your personal information together with your biometric characteristics on a readable electronic device is like sticking a label with your PIN on the back of your ATM card!

Biometric authentication is a powerful tool, able to bridge the gap between human and machine interaction in everyday instances such as ATM withdrawals, on-line banking and credit card transactions and all sorts of general user authentication. The use of biometric authentication enables a high threshold of security by reducing identity fraud incidences of unauthorized user access. It is also an easy method of authentication from the user’s point of view because a user’s biometric information is always with them. The most critical flaw in the use of biometrics as a means of authentication, however, is that the authentication process cannot work if the subject is a stranger to the system.

We’ve already concluded that storing the biometric information on an external device carried by the user, such as a smart card, is far too risky in that it risks losing one’s biometric information forever. Alternatively, databases are breach-prone, and inefficient, especially when used in large scale applications. Databases also require real-time access to be of any value, communication with which may not always be available. Where then can such sensitive information be stored? Furthermore, why risk storing that unique biometric information in a database, smart card, or other external devices to make it useful?

Another problem with common biometric systems is that the most effective way to achieve maximum system matching is to compare biometric images to a template by using raw data. Biometric Encryption is the process of using a characteristic of the body as a method to code or scramble/descramble data. Since these characteristics are unique to each individual, the biometric information readers, cameras and sensors must all yield identical results.

Most biometric authentication systems use a similarity score as an internal variable, whereby if enough numbers of starting points are given, it is possible to find the highest point without being trapped by local minima. However, different readers, cameras and sensors, manufactured by different manufacturers, generate ever so slightly different biometrics results. Varying starting results, when encrypted alike, will not yield the exact same decrypted result.

Related topics:  Crime and Fraud Prevention   Eye biometrics   Face biometrics   Fingerprint biometrics   Hacking and intrusion prevention   Hand biometrics   Other biometric systems   RFID   Smart card   Surveillance 

Print version | Email to a friend | Related articles

Data breaches: Trends, costs and best practices gives you all the latest information on securing personal and corporate data, key recommendations for immediate action to improve data security, and how to respond to data breaches.

Other Security news and resources