I still remember the stories by Steve Riley about the deployment issues with Biometrics.  Everyone sees stuff like digital personal as the panacea to password issues but they don’t think about the deployment issues….if the fingers used to enter in the system have issues being read by the system, it’s not an easy redeployment.   

DigitalPersona – Biometric, Fingerprint, Authentication, Sensor, Reader, Security:

Traditional two factor with tokins a much easier deployment and management solution. Not too mention there’s not the Gummy bear issues…. http://www.theregister.co.uk/2002/05/16/gummi_bears_defeat_fingerprint_sensors/ where you can defeat the biometrics with the equivalent of gelatin to pick up the fingerprint image.

May not be as tasty as Gummi Bears…. but a lot more effective that’s for sure… 

Check out Charlie Russel’s post on it:  http://msmvps.com/blogs/xperts64/archive/2007/07/27/two-factor-authentication.aspx

One Thought on “The Gummi Bear defense

  1. Couldn’t agree more on the point about biometrics. There’s a basic problem with biometrics: you can’t change them if they’re compromised. You can change passwords, get new tokens, change your phone number, etc., but you can’t (easily) change your fingerprint. It only takes one compromise.

    We just released a product in this space – PhoneFactor – that uses the phone as the second factor. It’s a free service, with enterprise upgrades coming soon. Check out http://www.phonefactor.net for more.

Post Navigation