Biometrics fail to authenticate, once again – Tales from the Crypto

Biometrics fail to authenticate, once again

Steve Riley points to Mythbusters’ successful attempts to breach biometric security – okay, so it’s not really that the door lock failed to authenticate, it’s that it failed to not authenticate.  Shocking in the extreme is that this test actually demonstrated that even a photocopied fingerprint can fool this “unbreakable” door lock.

I’ll say it again (and again) – because biometrics are a public part of your persona (unless someone has invented a biometric based on the pattern of your haemmorhoids), they are only suitable for use as a claim of identity. They can / should never be used as a proof of identity. (Though it is an interesting thought that using them as such might get around the problem of password and data loss through death of the password owner.)

That’s not to say that biometric door locks have no place – for a relatively low security use, or against unmotivated and unsophisticated attackers, for instance, they may serve a valid purpose. Use one to keep the kids out of the liquour cabinet – but don’t use one to keep the feds out of your filing cabinet.

Leave a Reply

Your email address will not be published. Required fields are marked *