Biometrics - are they really safe?

SolarNexus

I've been thinking this over for a while now; how can biometrics ever be a safe security medium... well, rather how can it be any safer than any other?

its nothing more than a password is it not, that is made 'of' you. That is to say, you are the password and as you move so does the location of the password. But ultimately is this any safer than a person knowing and reciting their password?

No matter how a computer reads biometric data, whether fingerpints, iris detection etc. thats all it is, data and as such can be reproduced.

The reason I ask this is I am concered that biometrics as used in the United states for entry/passport or whatever is just a means of tracking you and giving you that 'citizen id' which most of us fear... just becomming a number.

Bass.exe

If by safe you mean secure? Then yes. It's more secure than a password. Why?
Because people are stupid. I mean the general population. Not us smart people here on boards
People will pick easy to remember passwords. Or write their passwords on the bottom of their keyboards. Or write their PIN number on a piece of paper and put in their wallet, with their ATM card. All this leads to one thing... insecurity. People can steal these passwords. They can guess easy passwords (something I've done a number of times... and something which could have been quite serious, had I not been the honest person I am).
With Biometrics, you don't have to remember anything. You ARE the password. Granted... this leads to the whole "Tracking you around the world" thing.
As for becoming a number... it's too late. We are all numbers. You have a PPS number, don't you? Dun-Dun-Dunnnnn. It goes on and on.....

Apart from the physical danger of certain biometrics... i.e. Retinal Scanning (can cause blindness... Iris scanning is safer), it's about as safe & secure as any other. I mean, even without biometrics, you could be tracked by the movement of your unique passwords, could you not?

As for the data being reproduced... yes, it's just a hashed piece of data. It COULD be cracked. But cracking takes time. The idea behind biometrics is that it protects from Social Engineering. Making a situation where you don't NEED to crack passwords, because they are delivered to you on a silver platter. Biometrics are safer, because fingerprints, Irises (Irii?) and Retinas are very hard to seperate from the person who should be using them. Passwords are not.

Capt'n Midnight

The oldest Biometric recognition device is a Human. eg: Your passport contains a photograph and a Human looks at it. Fingerprint readers have been fooled by using a plastic bag full of water to highlight the previous residual traces of the last person. Like DNA fingerprints, many biometric systems are propietery. The whole open source debate applies to this, as recognition rates and problems will be subject to marketing hype.

Note: the 9/11 guys all had valid documents.

hmmm

Think about this one. What happens when someone compromises your biometric data?

What happens when someone compromises/steals a password? You issue a new one. What happens when your fingerprint is "stolen"?

SolarNexus

hmmm wrote:

Think about this one. What happens when someone compromises your biometric data?

What happens when someone compromises/steals a password? You issue a new one. What happens when your fingerprint is "stolen"?

thats what I was thinking.

the only way I know of fixing an issue like that is to use a password in comination with biometrics but that defeats the whole purpose

Kazujo

Finegr prints were a very bad choice by the US government for use in such a broad system. The chances to two people having very similar prints is too high plus finger prints have been proven to reproducable quite easily. Also when you think about it your leaving finger prints all over the place. As mentioned earlier you leave a print on the finger print scanner itself.

With systems like iris scanning there is not contact with the scanner so no "print" is left behind, and so far no one has even come close to being able to copy an iris. The fibre structure is too delicate and complex to recreate. Iriseseses are also completely unique, evryone has two distinct ones.

To steal and use a biometric is a hell of a lot more difficult than getting and using a four digit simple number, and using the counterfeit biometric if you do get it is much more difficult than just keying in said simple number.

As for big brother, he has much more subversive ways for tracking people than lets put a biometric on your passport, the photograph can point you out in a groud your fingerprint or iris cant.

ecksor

I have more questions than answers here, but it's not altogether clear to me which points people are getting at in some of the posts.

SolarNexus wrote:

I've been thinking this over for a while now; how can biometrics ever be a safe security medium... well, rather how can it be any safer than any other?

I guess it depends on what you mean by safe and what the aims of the people employing it are.

its nothing more than a password is it not, that is made 'of' you. That is to say, you are the password and as you move so does the location of the password. But ultimately is this any safer than a person knowing and reciting their password?

As has been said (and indeed, as you have said), the crucial difference is that it is something you are rather than something you know. Assuming that works correctly then it gives more assurance that the person is who they claim to be rather than presenting something which is easily stolen such as a token or password or a combination of both. Of course, you have to decide if you can depend upon things to work correctly which is the other point of this thread.

No matter how a computer reads biometric data, whether fingerpints, iris detection etc. thats all it is, data and as such can be reproduced.

How exactly do you mean though? I'm not familiar with the technicalities of fingerprint based systems, but if you mean a string of bits stored on a disk somewhere then it would seem obvious to just use the same defenses that we use against password stealing, i.e, secure hashes. Perhaps the comparison is less precise which precludes such a technique but I seem to recall being told that the information was one way and couldn't be reversed to extract a mapping of a fingerprint.

However, in many contexts (not all of course) you have the situation that the user must present their finger to have it read which in turn must result in a computation by the equipment at hand that correspond to whatever data is stored about you. Matsumoto in Japan made a lot of big news a couple of years ago because he showed how easy it was to fool the readers using gelatine moulds and even managed to construct such an object using a fingerprint lifted from a glass. Of course this raises serious doubts about the technology but is such a device practical in an airport situation where there are humans supervising the process? What situations are humans typically going to be unsupervised or using fingerprints without other mechanisms? Can such attacks be mitigated successfully? The issues here seem to me to be analagous to smartcard tampering. You can always fiddle with a card given the right technology and resources but whether that's a problem (ignoring cost/benefit and how much risk you're willing to swallow) depends as well on whether the user uses the device in the privacy of their own home or whether they have to present it to another person who will notice that the card has been hacked to bits and might have a microchip stuck to it.