Biometrics has growing, but not sole, role in authentification security (Information Management)
“Many IT professionals aren’t convinced biometrics can serve as a secure and reliable replacement for the standard username and password combo,” said Peter Tsai, senior technology analyst at Spiceworks. “Unless technology vendors can address the security issues and privacy concerns associated with biometrics, the technology will likely be used side-by-side in the workplace with traditional passwords or as a secondary authentication factor for the foreseeable future.”
It looks like this 2013 post and the paper that informed it are holding up quite well.
In the paper, A Research Agenda Acknowledging the Persistence of Passwords, Cormac Herley and Paul C. van Oorschot write:
“Passwords, though unloved, deserve some words of praise. They have brought us this far: they are the means by which two billion Internet users access email, banking, social networking and other services. They are essentially free from the service provider viewpoint, and are readily understood by users. They allow instantaneous account setup. Revocation is as simple as changing the password. Those who forget their passwords can be emailed either reset links or the passwords themselves (this practice, though insecure, is common for low-value sites). All of this is automated and instantaneous. They allow access to one’s accounts from anywhere in the world assuming nothing more than a simple browser. Sophisticated users can protect themselves from many of the threats. “
All this is still true. Biometrics, however, can also be used as a way to return the password to the simplicity of the PIN. For example: a fingerprint scan associated with a weak password such as a 4 digit PIN provides far stronger authentication than any password a human could be expected to type. In other words, biometrics can be combined with rudimentary passwords to bring an end to the “password arms race” where the main coping strategy has been longer, more complex and more frequently changing passwords — i.e. the real reasons people tire of the humble workhorse of the ID game. So instead of replacing the password, biometrics might one day be used as a way to salvage what makes it great while minimizing the frustrations associated with over-reliance upon it.
USAA tops 1 million biometric users (Houston Chronicle) — San Antonio-based USAA reported Thursday that more than 1 million of its members have signed up to use its biometric technology on its mobile app.
MasterCard puts faces and fingers under microscope (Mobile World Live)
MasterCard and First Tech Federal Credit Union, a US financial institution, will pilot the authentication of payments using facial and fingerprint recognition, in what they claim is a first for the country.
Separately, MasterCard is running another biometrics trial with International Card Services (ICS), the leading credit card provider in the Netherlands.
It’s Apple’s fault that the Nexus 6 doesn’t have a fingerprint sensor (The Verge)
Former Motorola CEO Dennis Woodside has confessed that the dimple at the back of the Nexus 6 was originally intended to play host to a fingerprint sensor. Back in 2011, Motorola was a pioneer in bringing fingerprint recognition to its Atrix 4G smartphone, however the company it used then, Authentec, was purchased by Apple a year later for a price of $356 million. Authentec were, in Woodside’s judgment, the best supplier around and “the second best supplier was the only one available to everyone else in the industry and they weren’t there yet.”
Passcode vs. Touch ID: A Legal Analysis (9TO5MAC)
With the suspect in handcuffs, the agent swipes the student’s finger across the phone to access his call history and messages. Once the FBI swipes the suspect’s finger and bypasses the biometric security, the phone asks for the student’s passcode. The FBI agent asks for his password but the student refuses to speak. How can the FBI agent access the phone? Whereas a fictional Federal Agent like Jack Bauer would simply pull out his gun, jam it in the suspect’s mouth and scream, “WHERE IS THE BOMB?”, in our example, the FBI agent would hit the proverbial brick wall.
This is where a gray area might still exist for hardware protected with voice biometrics.
I’m no criminal or constitutional lawyer, but it seems plausible that while a criminal suspect can be legally compelled to give over their fingerprint, the “right to remain silent” remains.
Commonwealth v. Baust probably isn’t the last word on all biometric modalities that could prove useful in criminal investigations.
Biometric security: giving cyber criminals the finger (Finextra)
If biometric systems prove to be as effective at preventing fraud as Barclays promises, finger vein scanners are likely to be a big step in the evolution of digital banking security. Our recent research reveals that 79% of Brits are eager to ditch their passwords in favour of biometric security measures like finger vein technology.
Barclays and Hitachi unveil biometric security vein scanner (V3 co uk)
Barclays and Hitachi have announced a biometric reader, which scans the unique vein patterns in a finger as part of an effort to fight fraud with a more secure take on fingerprint scanning.
The Barclays Biometric Reader consists of a SIM card that holds the unique vein structure information of a single user, and a small infra-red scanner. By using Hitachi’s VeinID technology the reader captures the image of the vein pattern in a user’s finger, which, like a fingerprint, is unique to individuals.
Biometric voting machine to be used by 21.6 million Brazilians (Agência Brasil)
Over 20 million voters—15% of the population to take part in the 2014 elections—are estimated to cast their ballot by means of a voting machine with biometric identification, announced the Superior Electoral Court (“TSE”) on Wednesday (Aug 20). The technology can be found in 762 municipalities, among which 15 state capitals. The machines use the electors’ fingerprints to recognize their identity.
St George adds fingerprinting as Australian banks trial biometrics (Sydney Morning Herald)
St George’s TouchID will be made available for the iPhone 5S as soon as iOS8 is released, currently expected in September. The service will be available on the Galaxy 5 later in the year.
School Cafeterias Trading Lunch Money For Fingerprint Scans (CBS Chicago, IL)
More and more schools across the country are opting for a pay-by-fingerprint system in the cafeteria to cut down on theft and speed up the lunch line.
Biometric ATM technology proves to be a hit in Eastern Europe (Companies and Markets)
Polish bank BPS was the first in Europe to install biometric ATM technology. The technology, developed by Hitachi, allows a user to gain access to their account without a card or pin number. It is an example of so-called “finger vein” biometrics, which involves recognising a unique pattern of micro-veins beneath the surface that is then referenced with a pre-registered profile.
Finger veins sure have been a hot topic in biometrics this summer.
Finger vein authentication uses leading-edge light transmission technology developed by Hitachi to undergo pattern-matching and authentication. Near-infrared light is transmitted through the finger and partially absorbed by hemoglobin in the veins to capture a unique finger vein pattern profile, which is then matched with a pre-registered profile to verify individual identity.
Partnership Focuses On Vein-Recognition Biometrics (Business Solutions)
In an interview with Find Biometrics, mofiria CEO Satoshi Amagai and Jintaro Nozawa, Fujisoft explained that, because of its accuracy and reliability, FVA technology is particularly valuable for industries that require high-security standards such as government, finance, critical infrastructure, medical, cloud computing, and education. Mofira’s patented device layout can be easily incorporated into a broad range of products and services including: gateway security systems, financial transaction devices, or mobile devices. For example, mofiria’s FVA solution has been embedded in ATM terminals in China for Banks that wish to differentiate themselves with more secure customer services. The growing demand for transaction safety and security will lead to increased adoption of biometric authentication technology in the banking industry.
Bank Muscat launches biometric customer ID system (Hispanic News)
To authenticate banking transactions, the national identification card is required to be inserted in the biometric machine and customers have to validate their identity by scanning their finger print on the machine.
Malawi to move from coupon to biometric system in fertiliser subsidy (Nyasa Times)
…[I]n the next agricultural season, government will introduce a finger print system that will only give opportunity to the targeted beneficiary to access the cheap farm inputs.
Fingerprinting to end honeymoon for govt staff (Arab News)
Government employees may soon have to mark their attendance through biometrics, which may rob them of the luxury of coming late or even bunking work.
The proposal to have biometric attendance marking in all public departments was mooted by several monitoring agencies including the National Anti-Corruption Commission (Nazaha). The move is aimed at ensuring strict and timely attendance of government employees in various sectors.
Samsung bets on fingerprint tech for Galaxy S5 (The Korea Herald)
After California-based Apple spearheaded fingerprint sensors last year, Samsung Electronics, the world’s largest smartphone maker, is poised to feature the sensors in its upcoming smartphone, the Galaxy S5.
Iris will have to wait.
Recent Synaptics (SYNA) Biometrics Acquisition Boosts Sector (Investor Ideas)
Alan Goode, Managing Director of GoodeIntelligence.com said of the acquisition – “The acquisition of Validity Sensors, by Synaptics., is another sign of how important biometrics is becoming to consumer technologies. I believe this is a good match between Synaptics, who has a strong track record of developing touch-based consumer solutions, and one of the remaining independent mobile biometric sensor manufacturers. This is about giving consumer electronics products better, more convenient, security and opens up fingerprint-based biometrics to other consumer devices. We expect that additional biometric modalities, including voice, facial, eye and behavioral will be quickly integrated into other electronic devices and cloud-based services.”
Mississippi implements finger scan system for daycare (The Commercial Appeal – Memphis, TN)
Under the system being implemented by the state Department of Human Services, parents must use a finger scanner to sign their children in and out. Proponents say it will save money and cause parents to visit preschools more often, but opponents argue the system is intrusive and creates technical headaches.
About 18,000 children will be affected by the move.
You have to read between the lines, but this is at least partly a ghost-busting mission within government-subsidized child care.
We first commented on this deployment in September of last year in Biometric deployment winners and losers. Follow the links for great examples of arguments made in opposition to tightening up ID management.
Not only does a fingerprint biometric raise the burden of proof that subsidized services are actually being provided, it makes it harder for unauthorized individuals to remove a child from a child care facility.
No more indelible ink? (Astro Awani)
The government is prepared to consider the suggestion for the scrapping of the indelible ink and changing to the biometric system for the general election.