Everyone from banks to mobile phone manufacturers have introduced biometric security. From fingerprint sensors to facial recognition software, biometrics are becoming part of everyday life, and we trust them more than memorable passwords. Despite this, they can be stolen or altered and sensors can be manipulated.
If cyber-criminals successfully hack biometrics, they can easily gain access to the personal data hidden behind the fingerprint.
Biometric technology sounds like the perfect solution for weak, shared and re-used passwords. Fingerprints and faces are unique and 'unforgettable'. Additionally, each fingerprint is as complex as any other...there are no 'weak' fingerprints. They seem like the simplest and safest method of securing and accessing data.
However, they may not be an airtight option. If your biometric data is compromised in a leak, it can't be easily changed like your passwords, and your biometric key could be obtained with a little bit of effort by someone close to you.
But aren’t biometrics harder to crack than passwords?
“A researcher fooled a fingerprint scanner with gummy bears in 2002, and a hobbyist hacking group defeated the iPhone’s TouchID in 2013. In 2017, a Vietnamese security group claims to have created a mask that can fool Apple’s FaceID. It’s only a matter of time before hackers perfect these methods and exploit the growing trend of biometrics as the sole form of authentication.”
If biometric data is kept in large databases by employers, then clever hackers will be searching for vulnerable treasure troves of identities, fingerprints and retina scans.
One troubling trend is that biometrics are now being used as single factor authentication because they are so well-trusted. But if cyber-criminals successfully steal biometric data, they can easily gain access to the personal information hidden behind the fingerprint, without any other hurdles to jump over. As scanners' ability to detect falsified biometric data improves, attackers will also be hard at work creating better fakes.
We strongly believe that biometrics will be most effective when used in conjunction with a multi-factor authentication (MFA) strategy.
So, what can you do to protect yourself and your network from biometric hacking?
We proudly deploy technologies like WatchGuard’s ‘AuthPoint’ in the solutions we design. With cloud-based user authentication and identity storage, AuthPoint can help you to establish secure MFA for your IT infrastructure. As a bonus, it also integrates with more than 60 other cloud applications and VPNs.