When your body becomes your password, the end of the login is nigh (Phys.org)
The good news for us password jugglers is that there is now a greater imperative behind building higher levels of security into systems from the outset, rather than trying to add it on afterwards, and that new and better ways of doing this are being expored.
…’Tis a consummation
Devoutly to be wished.
You Might Want To Take Another Pass At Your Passwords (GPB News)
Cormac Herley is in the 95 percent who don’t. He’s principal researcher with Microsoft Research, an arm of the software giant.
“Passwords are the worst system in the world, except for all the other systems,” he says.
Herley recommends assigning different tiers to passwords. Using your best, most complex ones for work and banking, but devoting less effort to those that don’t matter as much. But even that can be a lot to ask, even for him.
“I write the passwords down and have a photocopy at home and a photocopy in the office and a couple copies here and there.”
But, could all that be compromising security?
“Well, I mean, um, yes,” he says.
I also love Harley’s repurposing of the democracy quote often attributed to Winston Churchill.
What to expect (and what you won’t see) at this week’s Windows 10 launch
The Windows 10 technical preview released last fall was aimed squarely at enterprise customers, bringing back the Start menu and allowing sandboxed Windows Store apps to run in windows instead of full screen. This week’s update should be much more focused on consumer devices and services.
Here’s what I’ll be looking for in Redmond on Wednesday…
There is a brief biometric mention, but it’s mostly big-picture analysis of Microsoft’s consumer offerings.
Biometrics – A Global Market Overview (Research and Markets)
The global market for Biometrics is slated to post a strong CAGR of 19.6% between 2014 and 2020 to reach a projected US$30.1 billion by 2020 from an estimated US$10.3 billion in 2014. Fingerprint recognition is estimated the largest technology with market worth US$3.2 billion in 2014 while Civil ID is slated to be the largest application with global market of US$4.6 billion in the same year.
In defence of the humble password (SC Magazine)
We’ve expressed similar thoughts here.
Kind of a way of making templates that will allow the recreation of all sorts of three dimensional objects — Researchers develop 3-D reconstruction software (Phys.org)
This software performs a 3D scan of the original mechanical parts or faces to obtain a virtual model of the real dimensions of objects or parts that are no longer manufactured so they can be reproduced, said Jorge Luis Nuñez Flores, professor at the Department of Electronics of the University Center for Science in Engineering (CUCEI) of UDG.
“The reconstruction technique involves the projection and acquisition of binary patterns (stripes of clear and dark lights, deployed vertically and horizontally) using a commercial projector and a digital camera,” says Nuñez Flores.
Very clever, really. But unlike biometric templates, this technology is specifically made to help “reverse engineer” the original 3D object. So, in a way, this is a lot more like a data compression tool, than a biometric template generator.
Juniper: Biometrics, NFC top tech trends of 2015 (SecureIDNews)
The number one trend is secure data by using encryption, tokenization and biometric authentication. In the wake of a number of high profile security breaches, cloud service providers need to regain trust at both the enterprise and consumer level.
The Dead Collector: Bring out yer dead.
Man With Dead Body: Here’s one.
The Dead Collector: That’ll be ninepence.
That Claims It Isn’t: I’m not dead.
The Dead Collector: What?
Man With Dead Body: Nothing. There’s your ninepence.
The Dead Collector: ‘Ere, he says he’s not dead.
Man With Dead Body: Yes he is.
That Claims It Isn’t: I’m not.
The Dead Collector: He isn’t.
Man With Dead Body: Well, he will be soon, he’s very ill. [Source]
FIDO 1.0 Specifications are Published and Final Preparing for Broad Industry Adoption of Strong Authentication in 2015 (FIDO Alliance)
“Today, we celebrate an achievement that will define the point at which the old world order of passwords and PINs started to wither and die,” said Michael Barrett, president of the FIDO Alliance. “FIDO Alliance pioneers can forever lay claim to ushering in the ‘post password’ era, which is already revealing new dimensions in Internet services and digital commerce.”
FIDO is doing great work at developing standards for managing online identity without passwords.
FIDO’s press release and this article at PC World explain what FIDO is up to quite well and the people behind FIDO are to be commended for tackling a serious issue, the solution to which could add significantly to the value proposition for businesses and customers interacting over electronic networks.
Just don’t fall for all the “death of passwords” hype that is out there in other places.
Passwords are going to be around for a long, long time but FIDO is doing a great job of corralling them back to where they can do the most good with the least annoyance.
See also:
Why Passwords are Great
Eid Passport Lawyers Up On Biometric, Data Issues (findBIOMETRICS)
To those outside the industry it may seem like an odd thing to announce, but those in the fields of identity management and biometrics are likely well aware of the anxieties percolating as data-collecting technology steadily creeps into many facets of contemporary life…
OPINION: The tipping point for biometric security (ABC – Australia)
Currently most of us depend on passwords to protect our online identities. But passwords may be the largest security liability of the internet. They have numerous weaknesses that put consumers, corporates and the wider online world at significant risk.
…
Ultimately, convenience, ease-of-use, speed and accuracy are appealing attributes for authentication and this will drive the adoption of biometrics.
Comment: Biometrics and the chances of owning a hoverboard (Planet Biometrics)
If all goes well, movie directors and script writers may in part be responsible for fulfilling my dream of one day owning a hoverboard. I’d hate it if they were also responsible for me not being able to use biometrics as a great technological step forward.
Shedding light on Florida’s biometric ban (Secure ID News)
For Florida State Rep. Jake Raburn (R – Valrico) one of the bill’s sponsors, it’s a privacy issue. “No one, including the federal government, should be allowed access to our students’ personally identifiable information,” Raburn said. “This legislation will protect this sensitive information and prevent its misuse.”
The Pinellas County school district, near Tampa, uses palm scanners to move kids through lunch lines. Barbara Dalesandro, a food service technology coordinator for the district, tried to convince lawmakers to reject the legislation.
“When we had cards and PIN numbers, there was constant fraud. Other students always drained the accounts. There was a significant loss of revenue in that regard,” Dalesandro said. “We’ve been using palm scanning for four years with no problems from our parents.” – See more at: http://secureidnews.com/news-item/shedding-light-on-floridas-biometric-ban/#sthash.EBTXaPnZ.dpuf
Forget silly privacy worries – help biometrics firms make MILLIONS (The Register)
Tech firms are set to experience a biometric bonanza – as long as they can persuade ordinary folk to give up worrying about their privacy.
That’s the claim in a briefing note from “growth consulting firm” Frost & Sullivan, which suggested the number of smartphones equipped with biometric gubbins will soar from 43 million to 471 million by 2017.
This, according to the beancounters, means the biometric revenue from smart phones will soar from increase from $53.6m in 2313 to $396.2m in 2019, amounting to an annual growth rate of 39.6 per cent.
“Due to existing hardware capabilities across devices, most of the growth is expected from facial and voice authentication technologies,” said Frost & Sullivan ICT Global Programme Director Jean-Noël Georges.
The goals of mobile device fingerprint technology are the epitome of privacy protection. Mobile fingerprint technology doesn’t spy on users and, by itself, it’s hard to see how it can create commercially valuable information for a third party to sell. It is put in place to make the “always on,” web-connected pocket computer a more secure platform from which to perform the functions financial institutions and users seem to want.
 |
|
Dick Dastardly – not a banker or
biometrics executive
|
The other two biometric technologies mentioned by the author, face and voice recognition, would perhaps be easier to abuse by a third party. The more acute risk to individual privacy associated with mobile biometrics, however comes not from a bunch of moustache-twirling banks and biometrics companies, but from flippy birds and fuzzy bunnies, or downloaded apps accessing onboard biometric technology for no other reason than to sell on to its customers the information gleaned. But that type of privacy risk is inherent in mobile technology. With its location services, cameras, microphones, wifi, NFC and bluetooth, modern mobile devices already contain an astonishing array of sensors and communications devices waiting to be abused or used in ways consumers don’t necessarily anticipate, and that’s happening right now.
Biometrics didn’t create this situation but they might be able to help.
Biometrics: New IDs that are uniquely you (Student Science)
Rapidly and accurately identifying people is useful. The police sometimes use biometric technology to ID criminals, disaster victims and missing children. Bank tellers may use biometrics to verify the identity of anyone attempting to withdraw money from an account. Because of the usefulness of biometric technology, governments are starting to include fingerprint and other biometric data in driver’s licenses, ID cards and passports.
Research on biometrics is advancing rapidly. Here we meet researchers behind three teams developing new ways to ID people.
Time to shape our biometric future (The Age)
…[W]hile biometrics are indeed an important tool and will be part of future security solutions, we cannot afford “biometric creep”, a situation in which we gradually cede our privacy. Now is the time to have the debate to determine what an acceptable biometric future will look like.
The article linked above, by a thoughtful former federal police officer, is worth reading in its entirety.
We offered a framework for this debate in the early days of this blog. The tone of the series of posts is highly academic but I don’t think they suffer because of it.
The posts titles are:
Debating biometrics [Introduction]
Part I: The Right to Privacy
Part II: The Nature of Consent
Part III: Transparency
Part IV: A Framework for the Discussion of Privacy Issues
Part V: Filling in the framework; Absolute advocacy dos and don’ts
Part VI: Filling in the framework, subjectivity and interpretation
Biometric registration can’t solve election problems – EC (Ghana News Agency)
Dr Afari-Gyan said from the experience in Ghana, the introduction of the biometric machine in the voting process of elections was not the absolute answer to all election problems.
“The machines are not always the full answers to our problem, because they cannot distinguish between fingerprints of a minor and an adult, or a foreigner and an indigene,” Dr Afari-Gyan said.
Rather,he called for supervision and monitoring of the entire election process as well as training of people who operated the biometric machines to ensure that all eligible voters were identified and allowed to vote accordingly.
It’s true. A technological system designed to account for people can never free itself entirely from the “human element.”
…and I don’t think you’d want it to.
Not really biometrics but…
Can your face reveal how long you’ll live? New technology may provide the answer. (Washington Post)
Imagine that an insurance underwriter comes to your house and, along with noting your weight and blood pressure, snaps a photo of your face. And that those wrinkles, mottled spots and saggy parts, when fed into a computer, could estimate how long you will live.
Facial recognition technology, long used to search for criminals and to guess how a missing child might look as an adult, may soon become personal. A group of scientists is working on a system that would analyze an individual’s prospects based on how his or her face has aged.
Seeking individuals to participate in an ID verification research study. (Upper Marlboro Patch)
Participants will be asked to pass through a simulated identification area that uses safe, commercially available sensors like high definition cameras. The simulated screening area will also test the usefulness of safe biometric scanners that are currently being used by other countries at border crossings such as fingerprint identification.
As we’ve often said before, if schools can’t be trusted with private information, biometrics aren’t the problem. It’s nice to see that education professionals take a broad view of student privacy issues.
State Lawmakers Ramp Up Attention to Data Privacy (Education Week)
As the appetite for educational data on students has grown across the K-12 sector, so has the stated desire among many state lawmakers to try to protect the privacy and security of sensitive student information.
Spurred by concerns that the rise of education technology and the increasing prevalence of new assessments will place student data in unreliable hands or be put to nefarious uses, lawmakers in dozens of states have acted this year to clarify who has what access to student data and to specify the best practices for shielding that data.
Biometrics gets an undue amount of attention where child privacy issues are concerned and they are mentioned quite a few times in the article. The article, however, is written for the education insider so it is missing the “passion” one often finds in the techy press and political news stories.